Prosím o kontrolu logu. Začaly se mě samy otevírat reklamní okna na casíno atd. Předem díky za pomoc s odstraněním problému.
Zde je log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Uživatel (administrator) on NTB1 on 11-05-2015 23:01:38
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available profiles: Uživatel)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\IMPI\ExtensionUpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
() C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-06] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-08-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364032 2012-08-16] (IVT Corporation)
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\...\Run: [Facebook Update] => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-30] (Facebook Inc.)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-05-02]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05]
ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.goodforsearch.info/?pi ... Z&unqvl=86
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.goodforsearch.info/?l= ... Z&unqvl=86
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.goodforsearch.info/?l= ... Z&unqvl=86
SearchScopes: HKU\S-1-5-21-2330285332-1516996101-1209863040-1002 -> {2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
SearchScopes: HKU\S-1-5-21-2330285332-1516996101-1209863040-1002 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.goodforsearch.info/?l= ... Z&unqvl=86
BHO: IMPI -> {17E113E6-CD0E-4045-B154-65F0E57959EF} -> C:\Program Files\IMPI\Extension64.dll [2013-02-05] ()
BHO: bestadblocker -> {19bb3861-efe4-4649-8a37-cec463d3a2be} -> C:\Program Files (x86)\bestadblocker\t8WcmaxrO3quQF.x64.dll [2015-05-05] ()
BHO: UniDeals -> {79cf12f8-d484-4307-b845-4288ebf28417} -> C:\Program Files (x86)\UniDeals\Y4wJb0gCvQKaLa.x64.dll [2015-05-05] ()
BHO-x32: IMPI -> {17E113E6-CD0E-4045-B154-65F0E57959EF} -> C:\Program Files\IMPI\Extension32.dll [2013-02-05] ()
BHO-x32: bestadblocker -> {19bb3861-efe4-4649-8a37-cec463d3a2be} -> C:\Program Files (x86)\bestadblocker\t8WcmaxrO3quQF.dll [2015-05-05] ()
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: UniDeals -> {79cf12f8-d484-4307-b845-4288ebf28417} -> C:\Program Files (x86)\UniDeals\Y4wJb0gCvQKaLa.dll [2015-05-05] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2012-11-22] (pdfforge GbR)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2330285332-1516996101-1209863040-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF Extension: IMPI - C:\Program Files\IMPI\Firefox [2013-02-14]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://websearch.goodforsearch.info/?pid=2921&r=2015/05/05&hid=12900859622322770595&lg=EN&cc=CZ&unqvl=86"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (YouTube) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Google Search) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Google Wallet) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10]
CHR Extension: (Gmail) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 7af73c4b; c:\Program Files (x86)\SystemAugment\SystemAugment.dll [1625088 2015-05-05] () [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-08-29] (Hewlett-Packard Company)
R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-06] (IDT, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4773768 2012-10-02] (RealVNC Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; No ImagePath
U4 bthhfhid; No ImagePath
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus)
S3 STIrUsb; C:\Windows\system32\DRIVERS\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-11 23:01 - 2015-05-11 23:02 - 00017895 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2015-05-11 22:57 - 2015-05-11 22:58 - 02102784 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2015-05-11 22:53 - 2015-05-11 22:53 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 840612.crdownload
2015-05-11 22:52 - 2015-05-11 22:52 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 728272.crdownload
2015-05-10 11:06 - 2015-05-10 11:06 - 00000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-05-10 11:06 - 2015-05-10 11:06 - 00000000 ____D () C:\ProgramData\Browser AdBlocker
2015-05-06 20:00 - 2015-05-06 22:18 - 00000000 ____D () C:\Users\Uživatel\Desktop\SOCIÁLNÍ LÉKAŘSTVÍ
2015-05-06 02:05 - 2014-06-03 03:08 - 00062386 _____ () C:\Users\Uživatel\Desktop\Palla logo s.r.o..bmp
2015-05-05 21:42 - 2015-05-05 21:42 - 00000362 _____ () C:\Users\Uživatel\Downloads\stažený soubor.vcf
2015-05-05 15:32 - 2015-05-05 15:32 - 00000000 ____D () C:\Program Files (x86)\SystemAugment
2015-05-05 15:30 - 2015-05-05 15:30 - 00000000 ____D () C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}
2015-05-05 15:30 - 2015-05-05 15:30 - 00000000 ____D () C:\ProgramData\{6c21569f-732f-3fb3-6c21-1569f7325a7d}
2015-05-05 15:28 - 2015-05-05 15:28 - 00000570 _____ () C:\Users\Uivatel\Desktop\Darktek - Decibel Of The hell [Live 2011].mp4
2015-05-05 15:28 - 2015-05-05 15:28 - 00000000 ____D () C:\Users\Uivatel
2015-05-05 15:27 - 2015-05-05 15:32 - 00000000 ____D () C:\Program Files (x86)\BocaGeneration
2015-05-05 15:26 - 2015-05-05 15:26 - 00000000 ____D () C:\Program Files (x86)\Utime
2015-05-05 15:26 - 2015-05-05 15:26 - 00000000 ____D () C:\Program Files (x86)\bestadblocker
2015-05-05 15:25 - 2015-05-05 15:31 - 00000000 ____D () C:\ProgramData\7243239280829360841
2015-05-05 15:25 - 2015-05-05 15:31 - 00000000 ____D () C:\Program Files (x86)\UniDeals
2015-05-05 15:24 - 2015-05-11 03:24 - 00000412 _____ () C:\WINDOWS\Tasks\Bidaily Synchronize Task.job
2015-05-05 15:24 - 2015-05-06 03:24 - 00000000 ____D () C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}
2015-05-05 15:24 - 2015-05-05 15:24 - 00003306 _____ () C:\WINDOWS\System32\Tasks\Bidaily Synchronize Task
2015-05-05 15:23 - 2015-05-05 15:23 - 00300544 _____ () C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe
2015-05-05 14:29 - 2015-05-05 14:29 - 00000787 _____ () C:\Users\Uživatel\Documents\records.html
2015-05-04 15:57 - 2015-05-05 01:11 - 00000000 ____D () C:\Users\Uživatel\Desktop\PATOLOGIE
2015-05-02 15:12 - 2015-05-02 15:12 - 00002747 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002695 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002693 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002685 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Otevřít dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Nový dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002639 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002629 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00000384 _____ () C:\WINDOWS\ODBC.INI
2015-05-02 15:12 - 2015-05-02 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje sady Microsoft Office
2015-05-02 15:11 - 2015-05-02 15:11 - 00000000 ____D () C:\WINDOWS\Msagent
2015-05-01 21:23 - 2015-05-01 21:23 - 00016124 _____ () C:\Users\Uživatel\Downloads\Sešit1 (1).xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00020170 _____ () C:\Users\Uživatel\Downloads\graf8.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00019312 _____ () C:\Users\Uživatel\Downloads\graf10.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00016739 _____ () C:\Users\Uživatel\Downloads\graf9.xlsx
2015-04-29 20:57 - 2015-04-29 20:57 - 00342251 _____ () C:\Users\Uživatel\Downloads\prilohy_1096.zip
2015-04-29 01:14 - 2015-04-29 01:14 - 00001130 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150429-011407.xml
2015-04-27 09:27 - 2015-04-27 09:27 - 00001145 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150427-092736.xml
2015-04-20 20:23 - 2015-04-20 20:27 - 14695130 _____ () C:\Users\Uživatel\Downloads\Laurent Wolf - No Stress.flv
2015-04-20 20:18 - 2015-04-20 20:19 - 38050716 _____ () C:\Users\Uživatel\Downloads\JAK NA STRES PRI UCENI [mp3s.nadruhou.net].mp4
2015-04-17 17:20 - 2015-04-17 19:03 - 1810354604 _____ () C:\Users\Uživatel\Downloads\Rychle-a-zběsile-7-cz-titulky.Novinka.2015..avi
2015-04-15 03:13 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 03:13 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 03:13 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 03:13 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 03:13 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 03:13 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 03:12 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 03:12 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 03:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 03:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 03:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 03:12 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 03:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 03:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 03:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 03:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 03:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 03:12 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 03:12 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 03:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 03:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 03:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 03:12 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 03:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 03:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 03:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 03:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 03:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 03:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 03:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 03:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 03:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 03:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 03:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 03:11 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 03:11 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 03:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 03:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 03:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 03:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 03:10 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 02:18 - 2015-04-15 02:18 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100131375 (1).pdf.mb9l74f.partial
2015-04-15 02:12 - 2015-04-15 02:12 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100056516 (2).pdf.ja9gzwn.partial
2015-04-14 22:34 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 22:34 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 22:34 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 22:34 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 22:34 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 22:34 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 22:34 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 22:34 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 22:34 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 22:34 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01.exe
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01 (1).exe
2015-04-13 00:51 - 2015-04-13 00:51 - 00634368 _____ () C:\Users\Uživatel\Downloads\cenikzs2007.xls
2015-04-11 20:33 - 2015-04-11 20:33 - 02217984 _____ () C:\Users\Uživatel\Downloads\adwcleaner_4.201.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-11 23:01 - 2013-07-21 23:07 - 00000000 ____D () C:\FRST
2015-05-11 23:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-11 22:56 - 2012-12-26 16:28 - 00000970 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-11 22:35 - 2013-12-15 17:31 - 01430797 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-11 22:34 - 2014-06-30 22:29 - 00000950 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job
2015-05-11 22:34 - 2014-06-30 22:29 - 00000928 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job
2015-05-11 22:25 - 2013-12-16 00:43 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9C5D9F1-B7AB-4A59-B859-92F4CBFA12E1}
2015-05-11 22:17 - 2014-09-24 20:07 - 00004915 _____ () C:\Users\Uživatel\Documents\zav-report-veronika.pallova.html
2015-05-11 15:56 - 2012-12-26 16:28 - 00000966 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-11 08:31 - 2012-12-25 04:44 - 00002344 ____H () C:\Users\Uživatel\Documents\Default.rdp
2015-05-09 14:04 - 2012-12-10 16:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2330285332-1516996101-1209863040-1002
2015-05-09 13:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-09 02:48 - 2013-08-10 14:40 - 00826880 ___SH () C:\Users\Uživatel\Documents\Thumbs.db
2015-05-06 02:05 - 2012-12-28 03:21 - 00973312 ___SH () C:\Users\Uživatel\Desktop\Thumbs.db
2015-05-05 18:00 - 2013-11-14 14:40 - 01934988 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-05 18:00 - 2013-11-14 14:24 - 00802206 _____ () C:\WINDOWS\system32\perfh005.dat
2015-05-05 18:00 - 2013-11-14 14:24 - 00183700 _____ () C:\WINDOWS\system32\perfc005.dat
2015-05-05 17:58 - 2013-08-22 16:46 - 00365478 _____ () C:\WINDOWS\setupact.log
2015-05-05 16:27 - 2012-12-26 22:34 - 07830016 ___SH () C:\Users\Uživatel\Downloads\Thumbs.db
2015-05-03 17:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-02 15:12 - 2013-11-14 14:26 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-05-02 15:12 - 2012-09-09 07:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-02 15:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-05-02 15:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\System
2015-05-01 20:50 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-01 20:50 - 2012-08-16 02:46 - 00000787 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-05-01 20:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-22 21:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-22 19:39 - 2013-12-15 17:25 - 00000000 ____D () C:\Users\Uživatel
2015-04-21 19:31 - 2014-10-10 15:15 - 00000000 ____D () C:\Users\Uživatel\Desktop\Avon
2015-04-16 15:32 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-15 10:55 - 2013-08-14 13:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 10:30 - 2012-12-25 11:28 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 10:08 - 2014-12-13 19:11 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 10:08 - 2014-07-09 09:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-14 22:29 - 2014-11-12 14:16 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-14 01:24 - 2015-03-13 02:37 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2015-03-13 02:37 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 15:35 - 2014-03-19 03:42 - 00000000 ____D () C:\Users\Uživatel\Documents\Mobil Lošťákovy
2015-04-12 10:06 - 2012-12-10 16:36 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\Adobe
==================== Files in the root of some directories =======
2015-05-10 11:06 - 2015-05-10 11:06 - 0000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-01-25 22:29 - 2015-01-25 22:29 - 0000017 _____ () C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
C:\Users\Uživatel\AppData\Local\Temp\1B00.exe
C:\Users\Uživatel\AppData\Local\Temp\31E0.exe
C:\Users\Uživatel\AppData\Local\Temp\DE28.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-09 09:19
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakující okna s reklamou
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Vyskakující okna s reklamou
Zdravim 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Vyskakující okna s reklamou
Hotovo. Přikládám log, ale stále se mi otevírají reklamní okna.
# AdwCleaner v4.204 - Log vytvořen 12/05/2015 v 22:50:17
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Uživatel - NTB1
# Spuštěno z : C:\Users\Uživatel\Desktop\adwcleaner_4.204.exe
# Nastavení : Čištění
***** [ Služby ] *****
Služba Smazáno : 7af73c4b
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\7243239280829360841
Složka Smazáno : C:\ProgramData\{6c21569f-732f-3fb3-6c21-1569f7325a7d}
Složka Smazáno : C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}
Složka Smazáno : C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}
Složka Smazáno : C:\Program Files (x86)\BocaGeneration
Složka Smazáno : C:\Program Files (x86)\bestadblocker
Složka Smazáno : C:\Program Files (x86)\UniDeals
Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\pdfforge
***** [ Naplánované úlohy ] *****
Úloha Smazáno : Bidaily Synchronize Task
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Klíč Smazáno : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\P19bb3861_efe4_4649_8a37_cec463d3a2be_.P19bb3861_efe4_4649_8a37_cec463d3a2be_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P19bb3861_efe4_4649_8a37_cec463d3a2be_.P19bb3861_efe4_4649_8a37_cec463d3a2be_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P79cf12f8_d484_4307_b845_4288ebf28417_.P79cf12f8_d484_4307_b845_4288ebf28417_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P79cf12f8_d484_4307_b845_4288ebf28417_.P79cf12f8_d484_4307_b845_4288ebf28417_.9
Klíč Smazáno : HKLM\SOFTWARE\2f764329-d5c2-d824-3b9b-f6800bd2e269
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7af73c4b}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{79cf12f8-d484-4307-b845-4288ebf28417}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA164BF8-11D2-CE28-1BD1-236D9A5C326F}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.goodforsearch.info
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\wlogin.icq.com
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17416
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v42.0.2311.135
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : hxxp://websearch.goodforsearch.info/?pid=2921&r=2015/05/05&hid=12900859622322770595&lg=EN&cc=CZ&unqvl=86
*************************
AdwCleaner[R0].txt - [7588 bytů] - [12/05/2015 22:48:17]
AdwCleaner[S0].txt - [6913 bytů] - [12/05/2015 22:50:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6971 bytů] ##########
# AdwCleaner v4.204 - Log vytvořen 12/05/2015 v 22:50:17
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Uživatel - NTB1
# Spuštěno z : C:\Users\Uživatel\Desktop\adwcleaner_4.204.exe
# Nastavení : Čištění
***** [ Služby ] *****
Služba Smazáno : 7af73c4b
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\7243239280829360841
Složka Smazáno : C:\ProgramData\{6c21569f-732f-3fb3-6c21-1569f7325a7d}
Složka Smazáno : C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}
Složka Smazáno : C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}
Složka Smazáno : C:\Program Files (x86)\BocaGeneration
Složka Smazáno : C:\Program Files (x86)\bestadblocker
Složka Smazáno : C:\Program Files (x86)\UniDeals
Složka Smazáno : C:\Users\Uživatel\AppData\Roaming\pdfforge
***** [ Naplánované úlohy ] *****
Úloha Smazáno : Bidaily Synchronize Task
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Klíč Smazáno : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\P19bb3861_efe4_4649_8a37_cec463d3a2be_.P19bb3861_efe4_4649_8a37_cec463d3a2be_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P19bb3861_efe4_4649_8a37_cec463d3a2be_.P19bb3861_efe4_4649_8a37_cec463d3a2be_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P79cf12f8_d484_4307_b845_4288ebf28417_.P79cf12f8_d484_4307_b845_4288ebf28417_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P79cf12f8_d484_4307_b845_4288ebf28417_.P79cf12f8_d484_4307_b845_4288ebf28417_.9
Klíč Smazáno : HKLM\SOFTWARE\2f764329-d5c2-d824-3b9b-f6800bd2e269
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7af73c4b}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{79cf12f8-d484-4307-b845-4288ebf28417}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19bb3861-efe4-4649-8a37-cec463d3a2be}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79cf12f8-d484-4307-b845-4288ebf28417}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA164BF8-11D2-CE28-1BD1-236D9A5C326F}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.goodforsearch.info
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\wlogin.icq.com
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17416
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v42.0.2311.135
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : hxxp://websearch.goodforsearch.info/?pid=2921&r=2015/05/05&hid=12900859622322770595&lg=EN&cc=CZ&unqvl=86
*************************
AdwCleaner[R0].txt - [7588 bytů] - [12/05/2015 22:48:17]
AdwCleaner[S0].txt - [6913 bytů] - [12/05/2015 22:50:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6971 bytů] ##########
Re: Vyskakující okna s reklamou
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Vyskakující okna s reklamou
Zde je log FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Uživatel (administrator) on NTB1 on 13-05-2015 00:05:22
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available profiles: Uživatel)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\IMPI\ExtensionUpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
() C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-06] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-08-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364032 2012-08-16] (IVT Corporation)
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\...\Run: [Facebook Update] => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-30] (Facebook Inc.)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-05-02]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05]
ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2330285332-1516996101-1209863040-1002 -> {2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2330285332-1516996101-1209863040-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF Extension: IMPI - C:\Program Files\IMPI\Firefox [2013-02-14]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (YouTube) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Google Search) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Google Wallet) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10]
CHR Extension: (Gmail) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-08-29] (Hewlett-Packard Company)
R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-06] (IDT, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4773768 2012-10-02] (RealVNC Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; No ImagePath
U4 bthhfhid; No ImagePath
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus)
S3 STIrUsb; C:\Windows\system32\DRIVERS\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-12 22:47 - 2015-05-12 22:50 - 00000000 ____D () C:\AdwCleaner
2015-05-12 22:46 - 2015-05-12 22:46 - 02209792 _____ () C:\Users\Uživatel\Desktop\adwcleaner_4.204.exe
2015-05-12 21:15 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:15 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:08 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-12 20:08 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-12 20:08 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-12 20:08 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-12 20:07 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 20:07 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-12 20:07 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-12 20:07 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-12 20:07 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-12 20:07 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-12 20:07 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-12 20:07 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-12 20:07 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-12 20:07 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-12 20:07 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-12 20:07 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-12 20:07 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-12 20:07 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-12 20:07 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-12 20:07 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-12 20:07 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-12 20:07 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-12 20:07 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-12 20:07 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-12 20:07 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-12 20:07 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 20:07 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 20:07 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-12 20:07 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-12 20:07 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-12 20:07 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-12 20:07 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-12 20:07 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-12 20:07 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-12 20:07 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-12 20:07 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-12 20:07 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-12 20:07 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-12 20:07 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-12 20:07 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-12 20:07 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-12 20:07 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 20:07 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-12 20:07 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-12 20:07 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-12 20:07 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-12 20:07 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 20:07 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 20:07 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-12 20:07 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 20:07 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 20:07 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 20:07 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-12 20:07 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-12 20:07 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-12 20:07 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-12 20:07 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 20:07 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 20:07 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 20:07 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 20:07 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-12 20:07 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 20:07 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 20:07 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 20:07 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-12 20:07 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-12 20:07 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 20:07 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 20:07 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 20:07 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 20:07 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 20:07 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-12 20:07 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-12 20:07 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 20:07 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 20:07 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-12 20:07 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-11 23:03 - 2015-05-11 23:04 - 00031745 _____ () C:\Users\Uživatel\Desktop\Addition.txt
2015-05-11 23:01 - 2015-05-13 00:05 - 00015965 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2015-05-11 22:57 - 2015-05-11 22:58 - 02102784 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2015-05-11 22:53 - 2015-05-11 22:53 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 840612.crdownload
2015-05-11 22:52 - 2015-05-11 22:52 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 728272.crdownload
2015-05-10 11:06 - 2015-05-12 22:58 - 00000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-05-10 11:06 - 2015-05-10 11:06 - 00000000 ____D () C:\ProgramData\Browser AdBlocker
2015-05-06 20:00 - 2015-05-06 22:18 - 00000000 ____D () C:\Users\Uživatel\Desktop\SOCIÁLNÍ LÉKAŘSTVÍ
2015-05-06 02:05 - 2014-06-03 03:08 - 00062386 _____ () C:\Users\Uživatel\Desktop\Palla logo s.r.o..bmp
2015-05-05 21:42 - 2015-05-05 21:42 - 00000362 _____ () C:\Users\Uživatel\Downloads\stažený soubor.vcf
2015-05-05 15:32 - 2015-05-05 15:32 - 00000000 ____D () C:\Program Files (x86)\SystemAugment
2015-05-05 15:28 - 2015-05-05 15:28 - 00000570 _____ () C:\Users\Uivatel\Desktop\Darktek - Decibel Of The hell [Live 2011].mp4
2015-05-05 15:28 - 2015-05-05 15:28 - 00000000 ____D () C:\Users\Uivatel
2015-05-05 15:26 - 2015-05-05 15:26 - 00000000 ____D () C:\Program Files (x86)\Utime
2015-05-05 15:23 - 2015-05-05 15:23 - 00300544 _____ () C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe
2015-05-05 14:29 - 2015-05-05 14:29 - 00000787 _____ () C:\Users\Uživatel\Documents\records.html
2015-05-04 15:57 - 2015-05-05 01:11 - 00000000 ____D () C:\Users\Uživatel\Desktop\PATOLOGIE
2015-05-02 15:12 - 2015-05-02 15:12 - 00002747 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002695 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002693 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002685 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Otevřít dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Nový dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002639 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002629 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00000384 _____ () C:\WINDOWS\ODBC.INI
2015-05-02 15:12 - 2015-05-02 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje sady Microsoft Office
2015-05-02 15:11 - 2015-05-02 15:11 - 00000000 ____D () C:\WINDOWS\Msagent
2015-05-01 21:23 - 2015-05-01 21:23 - 00016124 _____ () C:\Users\Uživatel\Downloads\Sešit1 (1).xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00020170 _____ () C:\Users\Uživatel\Downloads\graf8.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00019312 _____ () C:\Users\Uživatel\Downloads\graf10.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00016739 _____ () C:\Users\Uživatel\Downloads\graf9.xlsx
2015-04-29 20:57 - 2015-04-29 20:57 - 00342251 _____ () C:\Users\Uživatel\Downloads\prilohy_1096.zip
2015-04-29 01:14 - 2015-04-29 01:14 - 00001130 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150429-011407.xml
2015-04-27 09:27 - 2015-04-27 09:27 - 00001145 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150427-092736.xml
2015-04-20 20:23 - 2015-04-20 20:27 - 14695130 _____ () C:\Users\Uživatel\Downloads\Laurent Wolf - No Stress.flv
2015-04-20 20:18 - 2015-04-20 20:19 - 38050716 _____ () C:\Users\Uživatel\Downloads\JAK NA STRES PRI UCENI [mp3s.nadruhou.net].mp4
2015-04-17 17:20 - 2015-04-17 19:03 - 1810354604 _____ () C:\Users\Uživatel\Downloads\Rychle-a-zběsile-7-cz-titulky.Novinka.2015..avi
2015-04-15 03:13 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 03:13 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 03:13 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 03:13 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 03:13 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 03:13 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 03:12 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 03:12 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 03:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 03:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 03:11 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 03:11 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 03:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 03:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 03:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 03:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 03:10 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 02:18 - 2015-04-15 02:18 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100131375 (1).pdf.mb9l74f.partial
2015-04-15 02:12 - 2015-04-15 02:12 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100056516 (2).pdf.ja9gzwn.partial
2015-04-14 22:34 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 22:34 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 22:34 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 22:34 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 22:34 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 22:34 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 22:34 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 22:34 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 22:34 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 22:34 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01.exe
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01 (1).exe
2015-04-13 00:51 - 2015-04-13 00:51 - 00634368 _____ () C:\Users\Uživatel\Downloads\cenikzs2007.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 00:05 - 2013-07-21 23:07 - 00000000 ____D () C:\FRST
2015-05-13 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-12 23:56 - 2012-12-26 16:28 - 00000970 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-12 23:15 - 2013-12-15 17:31 - 02074519 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-12 23:02 - 2013-11-14 14:40 - 01934988 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-12 23:02 - 2013-11-14 14:24 - 00802206 _____ () C:\WINDOWS\system32\perfh005.dat
2015-05-12 23:02 - 2013-11-14 14:24 - 00183700 _____ () C:\WINDOWS\system32\perfc005.dat
2015-05-12 22:57 - 2012-12-26 16:28 - 00000966 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-12 22:56 - 2013-08-22 16:46 - 00365555 _____ () C:\WINDOWS\setupact.log
2015-05-12 22:56 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-12 22:56 - 2013-08-22 16:44 - 00362608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-12 22:56 - 2012-08-16 02:46 - 00000787 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-05-12 22:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-12 22:52 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-12 22:52 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-12 22:47 - 2012-12-26 22:34 - 07830016 ___SH () C:\Users\Uživatel\Downloads\Thumbs.db
2015-05-12 22:34 - 2014-06-30 22:29 - 00000950 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job
2015-05-12 22:34 - 2014-06-30 22:29 - 00000928 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job
2015-05-12 21:23 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-12 21:12 - 2013-08-14 13:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-12 21:06 - 2012-12-25 11:28 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-12 20:55 - 2013-11-14 14:26 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 19:58 - 2013-12-16 00:43 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9C5D9F1-B7AB-4A59-B859-92F4CBFA12E1}
2015-05-12 19:56 - 2012-12-25 04:44 - 00002344 ____H () C:\Users\Uživatel\Documents\Default.rdp
2015-05-11 22:17 - 2014-09-24 20:07 - 00004915 _____ () C:\Users\Uživatel\Documents\zav-report-veronika.pallova.html
2015-05-09 14:04 - 2012-12-10 16:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2330285332-1516996101-1209863040-1002
2015-05-09 13:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-09 02:48 - 2013-08-10 14:40 - 00826880 ___SH () C:\Users\Uživatel\Documents\Thumbs.db
2015-05-06 02:05 - 2012-12-28 03:21 - 00973312 ___SH () C:\Users\Uživatel\Desktop\Thumbs.db
2015-05-05 19:59 - 2015-03-13 02:37 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-13 02:37 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 17:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-02 15:12 - 2013-11-14 14:26 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-05-02 15:12 - 2012-09-09 07:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-02 15:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-05-02 15:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\System
2015-04-22 21:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-22 19:39 - 2013-12-15 17:25 - 00000000 ____D () C:\Users\Uživatel
2015-04-21 19:31 - 2014-10-10 15:15 - 00000000 ____D () C:\Users\Uživatel\Desktop\Avon
2015-04-15 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 10:08 - 2014-12-13 19:11 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 10:08 - 2014-07-09 09:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-14 22:29 - 2014-11-12 14:16 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
==================== Files in the root of some directories =======
2015-05-10 11:06 - 2015-05-12 22:58 - 0000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-01-25 22:29 - 2015-01-25 22:29 - 0000017 _____ () C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
C:\Users\Uživatel\AppData\Local\Temp\1B00.exe
C:\Users\Uživatel\AppData\Local\Temp\31E0.exe
C:\Users\Uživatel\AppData\Local\Temp\DE28.exe
C:\Users\Uživatel\AppData\Local\Temp\Quarantine.exe
C:\Users\Uživatel\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-12 23:34
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Uživatel (administrator) on NTB1 on 13-05-2015 00:05:22
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available profiles: Uživatel)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\IMPI\ExtensionUpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
() C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-06] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-08-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364032 2012-08-16] (IVT Corporation)
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\...\Run: [Facebook Update] => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-30] (Facebook Inc.)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-05-02]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05]
ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2330285332-1516996101-1209863040-1002 -> {2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2330285332-1516996101-1209863040-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF Extension: IMPI - C:\Program Files\IMPI\Firefox [2013-02-14]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (YouTube) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Google Search) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Google Wallet) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10]
CHR Extension: (Gmail) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-08-29] (Hewlett-Packard Company)
R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-06] (IDT, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4773768 2012-10-02] (RealVNC Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; No ImagePath
U4 bthhfhid; No ImagePath
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus)
S3 STIrUsb; C:\Windows\system32\DRIVERS\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-12 22:47 - 2015-05-12 22:50 - 00000000 ____D () C:\AdwCleaner
2015-05-12 22:46 - 2015-05-12 22:46 - 02209792 _____ () C:\Users\Uživatel\Desktop\adwcleaner_4.204.exe
2015-05-12 21:15 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:15 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:08 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-12 20:08 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-12 20:08 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-12 20:08 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-12 20:07 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 20:07 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-12 20:07 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-12 20:07 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-12 20:07 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-12 20:07 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-12 20:07 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-12 20:07 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-12 20:07 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-12 20:07 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-12 20:07 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-12 20:07 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-12 20:07 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-12 20:07 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-12 20:07 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-12 20:07 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-12 20:07 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-12 20:07 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-12 20:07 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-12 20:07 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-12 20:07 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-12 20:07 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 20:07 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 20:07 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-12 20:07 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-12 20:07 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-12 20:07 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-12 20:07 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-12 20:07 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-12 20:07 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-12 20:07 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-12 20:07 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-12 20:07 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-12 20:07 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-12 20:07 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-12 20:07 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-12 20:07 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-12 20:07 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 20:07 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-12 20:07 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-12 20:07 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-12 20:07 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-12 20:07 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 20:07 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 20:07 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-12 20:07 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 20:07 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 20:07 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 20:07 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-12 20:07 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-12 20:07 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-12 20:07 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-12 20:07 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 20:07 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 20:07 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 20:07 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 20:07 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-12 20:07 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 20:07 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 20:07 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 20:07 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-12 20:07 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-12 20:07 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 20:07 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 20:07 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 20:07 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 20:07 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 20:07 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-12 20:07 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-12 20:07 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 20:07 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 20:07 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-12 20:07 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-11 23:03 - 2015-05-11 23:04 - 00031745 _____ () C:\Users\Uživatel\Desktop\Addition.txt
2015-05-11 23:01 - 2015-05-13 00:05 - 00015965 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2015-05-11 22:57 - 2015-05-11 22:58 - 02102784 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2015-05-11 22:53 - 2015-05-11 22:53 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 840612.crdownload
2015-05-11 22:52 - 2015-05-11 22:52 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 728272.crdownload
2015-05-10 11:06 - 2015-05-12 22:58 - 00000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-05-10 11:06 - 2015-05-10 11:06 - 00000000 ____D () C:\ProgramData\Browser AdBlocker
2015-05-06 20:00 - 2015-05-06 22:18 - 00000000 ____D () C:\Users\Uživatel\Desktop\SOCIÁLNÍ LÉKAŘSTVÍ
2015-05-06 02:05 - 2014-06-03 03:08 - 00062386 _____ () C:\Users\Uživatel\Desktop\Palla logo s.r.o..bmp
2015-05-05 21:42 - 2015-05-05 21:42 - 00000362 _____ () C:\Users\Uživatel\Downloads\stažený soubor.vcf
2015-05-05 15:32 - 2015-05-05 15:32 - 00000000 ____D () C:\Program Files (x86)\SystemAugment
2015-05-05 15:28 - 2015-05-05 15:28 - 00000570 _____ () C:\Users\Uivatel\Desktop\Darktek - Decibel Of The hell [Live 2011].mp4
2015-05-05 15:28 - 2015-05-05 15:28 - 00000000 ____D () C:\Users\Uivatel
2015-05-05 15:26 - 2015-05-05 15:26 - 00000000 ____D () C:\Program Files (x86)\Utime
2015-05-05 15:23 - 2015-05-05 15:23 - 00300544 _____ () C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe
2015-05-05 14:29 - 2015-05-05 14:29 - 00000787 _____ () C:\Users\Uživatel\Documents\records.html
2015-05-04 15:57 - 2015-05-05 01:11 - 00000000 ____D () C:\Users\Uživatel\Desktop\PATOLOGIE
2015-05-02 15:12 - 2015-05-02 15:12 - 00002747 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002695 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002693 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002685 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Otevřít dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Nový dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002639 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002629 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00000384 _____ () C:\WINDOWS\ODBC.INI
2015-05-02 15:12 - 2015-05-02 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje sady Microsoft Office
2015-05-02 15:11 - 2015-05-02 15:11 - 00000000 ____D () C:\WINDOWS\Msagent
2015-05-01 21:23 - 2015-05-01 21:23 - 00016124 _____ () C:\Users\Uživatel\Downloads\Sešit1 (1).xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00020170 _____ () C:\Users\Uživatel\Downloads\graf8.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00019312 _____ () C:\Users\Uživatel\Downloads\graf10.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00016739 _____ () C:\Users\Uživatel\Downloads\graf9.xlsx
2015-04-29 20:57 - 2015-04-29 20:57 - 00342251 _____ () C:\Users\Uživatel\Downloads\prilohy_1096.zip
2015-04-29 01:14 - 2015-04-29 01:14 - 00001130 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150429-011407.xml
2015-04-27 09:27 - 2015-04-27 09:27 - 00001145 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150427-092736.xml
2015-04-20 20:23 - 2015-04-20 20:27 - 14695130 _____ () C:\Users\Uživatel\Downloads\Laurent Wolf - No Stress.flv
2015-04-20 20:18 - 2015-04-20 20:19 - 38050716 _____ () C:\Users\Uživatel\Downloads\JAK NA STRES PRI UCENI [mp3s.nadruhou.net].mp4
2015-04-17 17:20 - 2015-04-17 19:03 - 1810354604 _____ () C:\Users\Uživatel\Downloads\Rychle-a-zběsile-7-cz-titulky.Novinka.2015..avi
2015-04-15 03:13 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 03:13 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 03:13 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 03:13 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 03:13 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 03:13 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 03:12 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 03:12 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 03:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 03:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 03:11 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 03:11 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 03:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 03:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 03:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 03:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 03:10 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 02:18 - 2015-04-15 02:18 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100131375 (1).pdf.mb9l74f.partial
2015-04-15 02:12 - 2015-04-15 02:12 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100056516 (2).pdf.ja9gzwn.partial
2015-04-14 22:34 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 22:34 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 22:34 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 22:34 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 22:34 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 22:34 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 22:34 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 22:34 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 22:34 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 22:34 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01.exe
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01 (1).exe
2015-04-13 00:51 - 2015-04-13 00:51 - 00634368 _____ () C:\Users\Uživatel\Downloads\cenikzs2007.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 00:05 - 2013-07-21 23:07 - 00000000 ____D () C:\FRST
2015-05-13 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-12 23:56 - 2012-12-26 16:28 - 00000970 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-12 23:15 - 2013-12-15 17:31 - 02074519 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-12 23:02 - 2013-11-14 14:40 - 01934988 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-12 23:02 - 2013-11-14 14:24 - 00802206 _____ () C:\WINDOWS\system32\perfh005.dat
2015-05-12 23:02 - 2013-11-14 14:24 - 00183700 _____ () C:\WINDOWS\system32\perfc005.dat
2015-05-12 22:57 - 2012-12-26 16:28 - 00000966 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-12 22:56 - 2013-08-22 16:46 - 00365555 _____ () C:\WINDOWS\setupact.log
2015-05-12 22:56 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-12 22:56 - 2013-08-22 16:44 - 00362608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-12 22:56 - 2012-08-16 02:46 - 00000787 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-05-12 22:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-12 22:52 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-12 22:52 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-12 22:47 - 2012-12-26 22:34 - 07830016 ___SH () C:\Users\Uživatel\Downloads\Thumbs.db
2015-05-12 22:34 - 2014-06-30 22:29 - 00000950 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job
2015-05-12 22:34 - 2014-06-30 22:29 - 00000928 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job
2015-05-12 21:23 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-12 21:12 - 2013-08-14 13:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-12 21:06 - 2012-12-25 11:28 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-12 20:55 - 2013-11-14 14:26 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 19:58 - 2013-12-16 00:43 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9C5D9F1-B7AB-4A59-B859-92F4CBFA12E1}
2015-05-12 19:56 - 2012-12-25 04:44 - 00002344 ____H () C:\Users\Uživatel\Documents\Default.rdp
2015-05-11 22:17 - 2014-09-24 20:07 - 00004915 _____ () C:\Users\Uživatel\Documents\zav-report-veronika.pallova.html
2015-05-09 14:04 - 2012-12-10 16:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2330285332-1516996101-1209863040-1002
2015-05-09 13:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-09 02:48 - 2013-08-10 14:40 - 00826880 ___SH () C:\Users\Uživatel\Documents\Thumbs.db
2015-05-06 02:05 - 2012-12-28 03:21 - 00973312 ___SH () C:\Users\Uživatel\Desktop\Thumbs.db
2015-05-05 19:59 - 2015-03-13 02:37 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-13 02:37 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 17:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-02 15:12 - 2013-11-14 14:26 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-05-02 15:12 - 2012-09-09 07:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-02 15:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-05-02 15:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\System
2015-04-22 21:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-22 19:39 - 2013-12-15 17:25 - 00000000 ____D () C:\Users\Uživatel
2015-04-21 19:31 - 2014-10-10 15:15 - 00000000 ____D () C:\Users\Uživatel\Desktop\Avon
2015-04-15 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 10:08 - 2014-12-13 19:11 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 10:08 - 2014-07-09 09:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-14 22:29 - 2014-11-12 14:16 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
==================== Files in the root of some directories =======
2015-05-10 11:06 - 2015-05-12 22:58 - 0000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-01-25 22:29 - 2015-01-25 22:29 - 0000017 _____ () C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
C:\Users\Uživatel\AppData\Local\Temp\1B00.exe
C:\Users\Uživatel\AppData\Local\Temp\31E0.exe
C:\Users\Uživatel\AppData\Local\Temp\DE28.exe
C:\Users\Uživatel\AppData\Local\Temp\Quarantine.exe
C:\Users\Uživatel\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-12 23:34
==================== End Of Log ============================
Re: Vyskakující okna s reklamou
A zde Addition.txt , ale ten byl na ploše, ale ukazuje to vytvořeno včera:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Uživatel at 2015-05-11 23:03:21
Running from C:\Users\Uživatel\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2330285332-1516996101-1209863040-500 - Administrator - Disabled)
Guest (S-1-5-21-2330285332-1516996101-1209863040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2330285332-1516996101-1209863040-1004 - Limited - Enabled)
Uživatel (S-1-5-21-2330285332-1516996101-1209863040-1002 - Administrator - Enabled) => C:\Users\Uživatel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser AdBlocker (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - Browser AdBlocker) <==== ATTENTION
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1924 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.2006 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4330 - CyberLink Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HID OMNIKEY 4040 PC/SC Driver (HKLM-x32\...\{E0F53D39-900E-40CA-969A-643DEF6D0B93}) (Version: 3.0.0.2 - HID Global Corporation)
HP 3D DriveGuard (HKLM\...\{29989969-FED8-4EFB-8FB2-39429D37E471}) (Version: 5.1.5.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.12 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
I.CA SecureStore 2.29.4 (HKLM\...\{313FF7F5-9193-4C71-A874-75B1A7673E69}) (Version: 2.29.4 - První certifikační autorita, a.s.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
IMPI 2.0.0.429 (HKLM\...\{17E113E6-CD0E-4045-B154-65F0E57959EF}_is1) (Version: - Bitcocktail)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
K-Lite Mega Codec Pack 9.5.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.0 - )
Logica PKI .NET Component (HKLM-x32\...\{A8213B4E-9D54-47F5-8DC1-A543CE644F41}) (Version: 1.0.2 - Logica Czech Republic s.r.o)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM-x32\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft (HKLM-x32\...\Minecraft) (Version: 1.2.* - )
OpenUpgrader (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7af73c4b}) (Version: - OpenUpgrader) <==== ATTENTION
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.0 - Frank Heindörfer, Philip Chinery)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
UniDeals (HKLM-x32\...\{AA164BF8-11D2-CE28-1BD1-236D9A5C326F}) (Version: - )
Utime (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Server 5.0.3 (HKLM\...\RealVNC_is1) (Version: 5.0.3 - RealVNC Ltd)
VNC Viewer 5.0.3 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.3 - RealVNC Ltd)
zavvyuka (HKLM-x32\...\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1) (Version: 0.9.102 - Novuco)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
22-04-2015 19:53:53 Naplánovaný kontrolní bod
01-05-2015 10:50:19 Naplánovaný kontrolní bod
02-05-2015 15:09:33 Nainstalováno: Microsoft Office XP Professional s aplikací FrontPage
10-05-2015 14:26:05 Naplánovaný kontrolní bod
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1637EE0C-88CD-4AEA-AF14-FDAC445D0FD4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {2B59F52B-7B2F-4B50-9A41-AC7289467AFE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {3398192D-1797-4407-B4A4-8BCB1B94EFE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {3F2B0C55-0874-43CC-A76D-64F3E6F86AF6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46BDE508-188B-4EEC-B89F-B1D7030B3E31} - System32\Tasks\Bidaily Synchronize Task => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe [2014-05-05] () <==== ATTENTION
Task: {546D7B95-C5AC-4B9D-AC37-EE9502F3B69C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {64F3AE99-ECA3-4A53-AE90-52247FD662AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {77CE19F2-CE95-4BD1-93B6-E852F2391FA2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-30] (Facebook Inc.)
Task: {9B3FE447-21C1-4926-B007-958A8E0B7194} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AC66914B-A3D8-4A1F-8D9B-CC7F52B5A7B4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {BD711A14-71AA-4D4F-AF36-C5281F91CCF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {DD748143-9829-4809-BF31-3582E3FE559B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30] (Synaptics Incorporated)
Task: {E049588F-AACA-4758-A6A7-BF8351E8C594} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {FA3E3237-8908-4073-B1C7-7BE50D4F7032} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-30] (Facebook Inc.)
Task: {FD894781-C143-4A91-B110-F5A9AC6017ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task.job => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job => C:\Users\U~ivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job => C:\Users\U~ivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-10-09 12:41 - 2013-10-09 12:41 - 00196096 _____ () C:\WINDOWS\system32\SecureStoreCsp.dll
2013-10-12 12:42 - 2013-10-12 12:42 - 00596992 _____ () C:\WINDOWS\system32\SecureStoreCore.dll
2013-10-09 12:42 - 2013-10-09 12:42 - 00194048 _____ () C:\WINDOWS\system32\SecureStoreCspRes.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00052736 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2012-08-16 02:20 - 2012-08-16 02:20 - 00356352 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-02-14 12:49 - 2013-02-05 17:50 - 00185856 _____ () C:\Program Files\IMPI\ExtensionUpdaterService.exe
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-26 11:22 - 2012-07-26 11:22 - 00303480 _____ () C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2012-08-14 23:16 - 2012-08-14 23:16 - 00072192 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2012-08-16 02:20 - 2012-08-16 02:20 - 00356352 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2012-09-12 19:54 - 2012-07-18 08:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-05-05 15:32 - 2015-05-05 15:32 - 01625088 _____ () c:\Program Files (x86)\SystemAugment\SystemAugment.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2015-05-05 15:26 - 2015-05-05 15:26 - 00813056 _____ () C:\Program Files (x86)\bestadblocker\t8WcmaxrO3quQF.dll
2015-05-05 15:25 - 2015-05-05 15:25 - 00813056 _____ () C:\Program Files (x86)\UniDeals\Y4wJb0gCvQKaLa.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C1046E5A-42D1-475F-A895-E0E29A29F365}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{061B73B2-BCDF-40B4-8742-87DCF36176E1}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{576BEBAA-759F-487C-B6D4-7370B000F886}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2783788A-E57A-48F9-9D29-108D25819821}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{436FA2A9-0598-4BB0-87C5-CE5F02759F38}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{AC012B71-BA44-4A2B-AC93-F5203B38B123}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{4DDCEA1B-9016-45E7-A11F-3ED5EF9B2DDB}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{5C420BB9-C455-4336-9BF2-613744278CA8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{63D3C00D-1A85-4EA1-A4AB-EAE2F735F4F3}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{F716E733-D28E-4293-B17E-405B56B18118}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [UDP Query User{B7E60686-85F0-49D8-A9CA-77564718AA83}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [TCP Query User{E70EC5DC-BEF2-4870-9C38-874A8E35F482}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [UDP Query User{E040C45F-C319-4D79-B669-8F9FE4733048}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [TCP Query User{108C280B-4C0C-4769-9595-EBC3571FE144}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [{7BA510F1-90D6-4FC2-B1FD-089C4CBD8E34}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{04F8DCF7-A714-497B-86AD-B34B86A2FECB}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{73FE3DB9-D985-46E0-8004-E5E72D2F1AF5}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1923F218-8251-4D79-9711-ECD2FC972ABD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BE1C135B-0589-489C-9193-143D0FC35C1B}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{0829DC16-1C2D-40C5-91DC-44B0050C85EE}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [TCP Query User{0124CC54-E75D-4052-A9BA-4822CC4D34D9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{53B255EF-250E-4483-BD04-6FACC02F97AE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{744E785F-3376-4E69-8737-F3DB6BE1AED6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4ABE549A-3628-4C66-9DE7-E72BE40CA9E9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{88439917-9F77-4B47-87C2-5E5657F5BD16}] => (Allow) C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{D928CAEC-34E4-4D15-B2A0-84B0FE8CC7E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{131B0AED-3C35-4C3D-A643-63A163962DB6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1F69865-19F0-4F34-8325-0012C62D1D3A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2F0532D9-670D-4900-92B3-9EFB1234B31E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{267FC6CB-A7F2-49F9-BE8F-3350E1FE70FA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DD0288DD-718B-40C7-8690-FBBA177ABE0C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2016
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2016
Error: (05/11/2015 04:48:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18504984
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18504984
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 05:17:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3937
System errors:
=============
Error: (05/11/2015 05:30:37 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 05:30:07 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 04:43:27 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 04:42:57 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 04:38:25 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 04:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 04:28:49 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 04:28:19 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 04:23:45 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 04:23:15 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2016
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2016
Error: (05/11/2015 04:48:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18504984
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18504984
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 05:17:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3937
CodeIntegrity Errors:
===================================
Date: 2015-05-11 22:56:50.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-11 22:56:50.270
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:16.488
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:16.092
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:15.668
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:15.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:50.200
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:49.785
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:49.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:48.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 52%
Total physical RAM: 3976.39 MB
Available physical RAM: 1906.3 MB
Total Pagefile: 6998.63 MB
Available Pagefile: 4102.66 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (HP NOTEBOOK) (Fixed) (Total:449.35 GB) (Free:185.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:0.43 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:12.87 GB) (Free:2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A50E1C7D)
Partition: GPT Partition Type.
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Uživatel at 2015-05-11 23:03:21
Running from C:\Users\Uživatel\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2330285332-1516996101-1209863040-500 - Administrator - Disabled)
Guest (S-1-5-21-2330285332-1516996101-1209863040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2330285332-1516996101-1209863040-1004 - Limited - Enabled)
Uživatel (S-1-5-21-2330285332-1516996101-1209863040-1002 - Administrator - Enabled) => C:\Users\Uživatel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser AdBlocker (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - Browser AdBlocker) <==== ATTENTION
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1924 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.2006 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4330 - CyberLink Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HID OMNIKEY 4040 PC/SC Driver (HKLM-x32\...\{E0F53D39-900E-40CA-969A-643DEF6D0B93}) (Version: 3.0.0.2 - HID Global Corporation)
HP 3D DriveGuard (HKLM\...\{29989969-FED8-4EFB-8FB2-39429D37E471}) (Version: 5.1.5.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.12 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
I.CA SecureStore 2.29.4 (HKLM\...\{313FF7F5-9193-4C71-A874-75B1A7673E69}) (Version: 2.29.4 - První certifikační autorita, a.s.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
IMPI 2.0.0.429 (HKLM\...\{17E113E6-CD0E-4045-B154-65F0E57959EF}_is1) (Version: - Bitcocktail)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
K-Lite Mega Codec Pack 9.5.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.0 - )
Logica PKI .NET Component (HKLM-x32\...\{A8213B4E-9D54-47F5-8DC1-A543CE644F41}) (Version: 1.0.2 - Logica Czech Republic s.r.o)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM-x32\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft (HKLM-x32\...\Minecraft) (Version: 1.2.* - )
OpenUpgrader (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7af73c4b}) (Version: - OpenUpgrader) <==== ATTENTION
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.0 - Frank Heindörfer, Philip Chinery)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
UniDeals (HKLM-x32\...\{AA164BF8-11D2-CE28-1BD1-236D9A5C326F}) (Version: - )
Utime (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Server 5.0.3 (HKLM\...\RealVNC_is1) (Version: 5.0.3 - RealVNC Ltd)
VNC Viewer 5.0.3 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.3 - RealVNC Ltd)
zavvyuka (HKLM-x32\...\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1) (Version: 0.9.102 - Novuco)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
22-04-2015 19:53:53 Naplánovaný kontrolní bod
01-05-2015 10:50:19 Naplánovaný kontrolní bod
02-05-2015 15:09:33 Nainstalováno: Microsoft Office XP Professional s aplikací FrontPage
10-05-2015 14:26:05 Naplánovaný kontrolní bod
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1637EE0C-88CD-4AEA-AF14-FDAC445D0FD4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {2B59F52B-7B2F-4B50-9A41-AC7289467AFE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {3398192D-1797-4407-B4A4-8BCB1B94EFE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {3F2B0C55-0874-43CC-A76D-64F3E6F86AF6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46BDE508-188B-4EEC-B89F-B1D7030B3E31} - System32\Tasks\Bidaily Synchronize Task => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe [2014-05-05] () <==== ATTENTION
Task: {546D7B95-C5AC-4B9D-AC37-EE9502F3B69C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {64F3AE99-ECA3-4A53-AE90-52247FD662AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {77CE19F2-CE95-4BD1-93B6-E852F2391FA2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-30] (Facebook Inc.)
Task: {9B3FE447-21C1-4926-B007-958A8E0B7194} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AC66914B-A3D8-4A1F-8D9B-CC7F52B5A7B4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {BD711A14-71AA-4D4F-AF36-C5281F91CCF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {DD748143-9829-4809-BF31-3582E3FE559B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30] (Synaptics Incorporated)
Task: {E049588F-AACA-4758-A6A7-BF8351E8C594} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {FA3E3237-8908-4073-B1C7-7BE50D4F7032} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-30] (Facebook Inc.)
Task: {FD894781-C143-4A91-B110-F5A9AC6017ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task.job => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job => C:\Users\U~ivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job => C:\Users\U~ivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-10-09 12:41 - 2013-10-09 12:41 - 00196096 _____ () C:\WINDOWS\system32\SecureStoreCsp.dll
2013-10-12 12:42 - 2013-10-12 12:42 - 00596992 _____ () C:\WINDOWS\system32\SecureStoreCore.dll
2013-10-09 12:42 - 2013-10-09 12:42 - 00194048 _____ () C:\WINDOWS\system32\SecureStoreCspRes.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00052736 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2012-08-16 02:20 - 2012-08-16 02:20 - 00356352 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-02-14 12:49 - 2013-02-05 17:50 - 00185856 _____ () C:\Program Files\IMPI\ExtensionUpdaterService.exe
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-26 11:22 - 2012-07-26 11:22 - 00303480 _____ () C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2012-08-14 23:16 - 2012-08-14 23:16 - 00072192 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2012-08-16 02:20 - 2012-08-16 02:20 - 00356352 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2012-09-12 19:54 - 2012-07-18 08:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-05-05 15:32 - 2015-05-05 15:32 - 01625088 _____ () c:\Program Files (x86)\SystemAugment\SystemAugment.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2015-05-05 15:26 - 2015-05-05 15:26 - 00813056 _____ () C:\Program Files (x86)\bestadblocker\t8WcmaxrO3quQF.dll
2015-05-05 15:25 - 2015-05-05 15:25 - 00813056 _____ () C:\Program Files (x86)\UniDeals\Y4wJb0gCvQKaLa.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C1046E5A-42D1-475F-A895-E0E29A29F365}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{061B73B2-BCDF-40B4-8742-87DCF36176E1}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{576BEBAA-759F-487C-B6D4-7370B000F886}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2783788A-E57A-48F9-9D29-108D25819821}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{436FA2A9-0598-4BB0-87C5-CE5F02759F38}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{AC012B71-BA44-4A2B-AC93-F5203B38B123}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{4DDCEA1B-9016-45E7-A11F-3ED5EF9B2DDB}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{5C420BB9-C455-4336-9BF2-613744278CA8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{63D3C00D-1A85-4EA1-A4AB-EAE2F735F4F3}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{F716E733-D28E-4293-B17E-405B56B18118}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [UDP Query User{B7E60686-85F0-49D8-A9CA-77564718AA83}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [TCP Query User{E70EC5DC-BEF2-4870-9C38-874A8E35F482}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [UDP Query User{E040C45F-C319-4D79-B669-8F9FE4733048}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [TCP Query User{108C280B-4C0C-4769-9595-EBC3571FE144}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [{7BA510F1-90D6-4FC2-B1FD-089C4CBD8E34}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{04F8DCF7-A714-497B-86AD-B34B86A2FECB}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{73FE3DB9-D985-46E0-8004-E5E72D2F1AF5}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1923F218-8251-4D79-9711-ECD2FC972ABD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BE1C135B-0589-489C-9193-143D0FC35C1B}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{0829DC16-1C2D-40C5-91DC-44B0050C85EE}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [TCP Query User{0124CC54-E75D-4052-A9BA-4822CC4D34D9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{53B255EF-250E-4483-BD04-6FACC02F97AE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{744E785F-3376-4E69-8737-F3DB6BE1AED6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4ABE549A-3628-4C66-9DE7-E72BE40CA9E9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{88439917-9F77-4B47-87C2-5E5657F5BD16}] => (Allow) C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{D928CAEC-34E4-4D15-B2A0-84B0FE8CC7E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{131B0AED-3C35-4C3D-A643-63A163962DB6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1F69865-19F0-4F34-8325-0012C62D1D3A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2F0532D9-670D-4900-92B3-9EFB1234B31E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{267FC6CB-A7F2-49F9-BE8F-3350E1FE70FA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DD0288DD-718B-40C7-8690-FBBA177ABE0C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2016
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2016
Error: (05/11/2015 04:48:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18504984
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18504984
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 05:17:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3937
System errors:
=============
Error: (05/11/2015 05:30:37 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 05:30:07 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 04:43:27 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 04:42:57 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 04:38:25 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 04:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 04:28:49 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 04:28:19 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 04:23:45 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 04:23:15 PM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2016
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2016
Error: (05/11/2015 04:48:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18504984
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18504984
Error: (05/10/2015 10:25:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 05:17:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3937
CodeIntegrity Errors:
===================================
Date: 2015-05-11 22:56:50.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-11 22:56:50.270
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:16.488
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:16.092
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:15.668
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:15.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:50.200
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:49.785
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:49.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:48.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 52%
Total physical RAM: 3976.39 MB
Available physical RAM: 1906.3 MB
Total Pagefile: 6998.63 MB
Available Pagefile: 4102.66 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (HP NOTEBOOK) (Fixed) (Total:449.35 GB) (Free:185.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:0.43 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:12.87 GB) (Free:2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A50E1C7D)
Partition: GPT Partition Type.
==================== End Of Log ============================
Re: Vyskakující okna s reklamou
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation) HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\...\Run: [Facebook Update] => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-30] (Facebook Inc.) Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05] ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2330285332-1516996101-1209863040-1002 -> {2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2 FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox FF Extension: IMPI - C:\Program Files\IMPI\Firefox [2013-02-14] FF HKLM-x32\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] () [File not signed] U4 BthAvrcpTg; No ImagePath U4 bthhfhid; No ImagePath C:\Program Files\IMPI 2015-05-12 22:47 - 2015-05-12 22:50 - 00000000 ____D () C:\AdwCleaner 2015-05-12 22:46 - 2015-05-12 22:46 - 02209792 _____ () C:\Users\Uživatel\Desktop\adwcleaner_4.204.exe 2015-05-11 23:03 - 2015-05-11 23:04 - 00031745 _____ () C:\Users\Uživatel\Desktop\Addition.txt 2015-05-11 23:01 - 2015-05-13 00:05 - 00015965 _____ () C:\Users\Uživatel\Desktop\FRST.txt 2015-05-11 22:53 - 2015-05-11 22:53 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 840612.crdownload 2015-05-11 22:52 - 2015-05-11 22:52 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 728272.crdownload 2015-05-10 11:06 - 2015-05-10 11:06 - 00000000 ____D () C:\ProgramData\Browser AdBlocker Task: {46BDE508-188B-4EEC-B89F-B1D7030B3E31} - System32\Tasks\Bidaily Synchronize Task => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe [2014-05-05] () <==== ATTENTION Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task.job => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe <==== ATTENTION Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\bestadblocker C:\Program Files (x86)\UniDeals C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f} CMD: dir "C:\PROGRA~1" CMD: dir "C:\PROGRA~2" CMD: dir "C:\PROGRA~3" CMD: dir "%localappdata%" CMD: dir "%appdata%" Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Vyskakující okna s reklamou
Hotovo. Musel jsem to udělat nadvakrát. poprvé to ohlásilo program přestal pracovat. Reklamní okna se stále otevírají. Než jsem se proklikal sem vyskočili mě tři okna s reklamou na casino a snadné vydělání peněz. Zde je log:¨
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by Uživatel at 2015-05-13 01:33:44 Run:3
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available profiles: Uživatel)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\...\Run: [Facebook Update] => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-30] (Facebook Inc.)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05]
ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2330285332-1516996101-1209863040-1002 -> {2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF Extension: IMPI - C:\Program Files\IMPI\Firefox [2013-02-14]
FF HKLM-x32\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] () [File not signed]
U4 BthAvrcpTg; No ImagePath
U4 bthhfhid; No ImagePath
C:\Program Files\IMPI
2015-05-12 22:47 - 2015-05-12 22:50 - 00000000 ____D () C:\AdwCleaner
2015-05-12 22:46 - 2015-05-12 22:46 - 02209792 _____ () C:\Users\Uživatel\Desktop\adwcleaner_4.204.exe
2015-05-11 23:03 - 2015-05-11 23:04 - 00031745 _____ () C:\Users\Uživatel\Desktop\Addition.txt
2015-05-11 23:01 - 2015-05-13 00:05 - 00015965 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2015-05-11 22:53 - 2015-05-11 22:53 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 840612.crdownload
2015-05-11 22:52 - 2015-05-11 22:52 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 728272.crdownload
2015-05-10 11:06 - 2015-05-10 11:06 - 00000000 ____D () C:\ProgramData\Browser AdBlocker
Task: {46BDE508-188B-4EEC-B89F-B1D7030B3E31} - System32\Tasks\Bidaily Synchronize Task => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe [2014-05-05] () <==== ATTENTION
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task.job => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\bestadblocker
C:\Program Files (x86)\UniDeals
C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value not found.
C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell not found.
C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe not found.
HKLM\SOFTWARE\Policies\Google => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} => Key not found.
HKCR\CLSID\{2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} => Key not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Value not found.
C:\Program Files\IMPI\Firefox not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Value not found.
IMPI Updater => Service not found.
BthAvrcpTg => Service not found.
bthhfhid => Service not found.
"C:\Program Files\IMPI" => File/Directory not found.
"C:\AdwCleaner" => File/Directory not found.
"C:\Users\Uživatel\Desktop\adwcleaner_4.204.exe" => File/Directory not found.
"C:\Users\Uživatel\Desktop\Addition.txt" => File/Directory not found.
"C:\Users\Uživatel\Desktop\FRST.txt" => File/Directory not found.
"C:\Users\Uživatel\Downloads\Nepotvrzeno 840612.crdownload" => File/Directory not found.
"C:\Users\Uživatel\Downloads\Nepotvrzeno 728272.crdownload" => File/Directory not found.
"C:\ProgramData\Browser AdBlocker" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46BDE508-188B-4EEC-B89F-B1D7030B3E31} => Key not found.
C:\Windows\System32\Tasks\Bidaily Synchronize Task not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task => Key not found.
C:\WINDOWS\Tasks\Bidaily Synchronize Task.job not found.
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job not found.
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job not found.
"C:\Program Files (x86)\bestadblocker" => File/Directory not found.
"C:\Program Files (x86)\UniDeals" => File/Directory not found.
"C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}" => File/Directory not found.
========= dir "C:\PROGRA~1" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\PROGRA~1
13. 05. 2015 01:29 <DIR> .
13. 05. 2015 01:29 <DIR> ..
12. 09. 2014 21:32 <DIR> Bonjour
12. 09. 2014 21:33 <DIR> Common Files
15. 12. 2013 16:23 <DIR> Hewlett-Packard
25. 01. 2015 22:38 <DIR> I.CA SecureStore
12. 09. 2012 20:10 <DIR> IDT
12. 09. 2012 19:55 <DIR> Intel
12. 05. 2015 22:51 <DIR> Internet Explorer
12. 09. 2014 21:35 <DIR> iPod
12. 09. 2014 21:36 <DIR> iTunes
15. 12. 2013 17:10 <DIR> MSBuild
01. 01. 2013 18:35 <DIR> RealVNC
15. 12. 2013 17:10 <DIR> Reference Assemblies
15. 12. 2013 17:18 <DIR> Synaptics
12. 09. 2012 20:17 <DIR> Validity Sensors
13. 03. 2015 02:18 <DIR> Windows Defender
12. 05. 2015 20:55 <DIR> Windows Journal
13. 03. 2015 02:27 <DIR> Windows Mail
13. 03. 2015 02:27 <DIR> Windows Media Player
13. 03. 2015 02:27 <DIR> Windows Multimedia Platform
15. 12. 2013 17:44 <DIR> Windows NT
13. 03. 2015 02:27 <DIR> Windows Photo Viewer
13. 03. 2015 02:27 <DIR> Windows Portable Devices
13. 03. 2015 02:18 <DIR> WindowsPowerShell
0 File(s) 0 bytes
25 Dir(s) 198�799�491�072 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~2" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\PROGRA~2
12. 05. 2015 22:50 <DIR> .
12. 05. 2015 22:50 <DIR> ..
10. 12. 2012 17:23 <DIR> 7-Zip
10. 12. 2012 17:24 <DIR> Adobe
12. 09. 2014 21:33 <DIR> Apple Software Update
12. 09. 2014 21:32 <DIR> Bonjour
02. 05. 2015 15:12 <DIR> Common Files
12. 09. 2012 20:15 <DIR> CyberLink
18. 11. 2013 22:10 <DIR> Gemalto
14. 12. 2013 06:16 <DIR> Google
15. 12. 2013 16:23 <DIR> Hewlett-Packard
25. 01. 2015 22:35 <DIR> HID Global
12. 09. 2012 20:04 <DIR> HP HD Webcam Driver
15. 12. 2013 17:27 <DIR> Intel
12. 05. 2015 22:51 <DIR> Internet Explorer
12. 09. 2014 21:36 <DIR> iTunes
13. 03. 2015 02:56 <DIR> Java
12. 09. 2012 19:55 <DIR> JMicron
10. 12. 2012 17:25 <DIR> K-Lite Codec Pack
10. 04. 2013 10:01 <DIR> Logica Czech Republic s.r.o
02. 05. 2015 15:12 <DIR> Microsoft Office
22. 08. 2013 17:36 <DIR> Microsoft.NET
15. 12. 2013 17:10 <DIR> MSBuild
10. 12. 2012 16:37 <DIR> Online Services
10. 12. 2012 17:27 <DIR> PDF Architect
10. 12. 2012 17:41 <DIR> PDFCreator
08. 02. 2015 17:31 <DIR> QuickTime
12. 09. 2012 19:57 <DIR> Ralink Corporation
09. 09. 2012 07:34 <DIR> Realtek
15. 12. 2013 17:10 <DIR> Reference Assemblies
08. 06. 2014 22:29 <DIR> Skype
05. 05. 2015 15:32 <DIR> SystemAugment
21. 07. 2013 10:39 <DIR> trend micro
05. 05. 2015 15:26 <DIR> Utime
13. 03. 2015 02:17 <DIR> Windows Defender
13. 03. 2015 02:18 <DIR> Windows Mail
13. 03. 2015 02:18 <DIR> Windows Media Player
13. 03. 2015 02:18 <DIR> Windows Multimedia Platform
22. 08. 2013 17:36 <DIR> Windows NT
13. 03. 2015 02:18 <DIR> Windows Photo Viewer
13. 03. 2015 02:18 <DIR> Windows Portable Devices
22. 08. 2013 17:36 <DIR> WindowsPowerShell
21. 09. 2014 12:20 <DIR> ZAV
0 File(s) 0 bytes
43 Dir(s) 198�799�491�072 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~3" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\PROGRA~3
12. 09. 2014 21:36 <DIR> 34BE82C4-E596-4e99-A191-52C6199EBF69
10. 12. 2012 17:58 <DIR> Adobe
12. 09. 2014 21:33 <DIR> Apple
12. 09. 2014 21:34 <DIR> Apple Computer
29. 09. 2013 13:47 <DIR> CyberLink
12. 09. 2012 19:44 <DIR> FLEXnet
02. 01. 2013 02:24 <DIR> Hewlett-Packard
15. 12. 2013 16:00 <DIR> HPQLOG
25. 01. 2015 22:38 <DIR> I.CA SecureStore
12. 09. 2012 20:11 <DIR> install_clap
12. 09. 2012 19:55 <DIR> Intel
12. 09. 2012 19:45 <DIR> Macrovision
13. 03. 2015 02:57 <DIR> Oracle
10. 12. 2012 16:39 <DIR> PDFC
15. 12. 2013 17:27 <DIR> PRICache
12. 09. 2012 20:04 <DIR> Qualcomm Atheros
12. 09. 2012 19:57 <DIR> Ralink Bluetooth Stack
12. 09. 2012 19:58 <DIR> Ralink Driver
13. 03. 2015 02:18 <DIR> regid.1991-06.com.microsoft
08. 06. 2014 22:29 <DIR> Skype
10. 12. 2012 17:26 <DIR> Sun
12. 09. 2012 20:15 <DIR> Temp
12. 09. 2012 20:18 <DIR> Validity
09. 09. 2012 07:14 <DIR> {AFF99647-6D64-46F2-934A-F12F468037F6}
0 File(s) 0 bytes
24 Dir(s) 198�799�486�976 bytes free
========= End of CMD: =========
========= dir "%localappdata%" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\Users\U�ivatel\AppData\Local
12. 05. 2015 22:58 <DIR> .
12. 05. 2015 22:58 <DIR> ..
10. 12. 2012 17:25 <DIR> Adobe
12. 09. 2014 21:33 <DIR> Apple
12. 09. 2014 21:37 <DIR> Apple Computer
26. 12. 2012 16:28 <DIR> Apps
21. 07. 2013 07:18 <DIR> bluesoleil
15. 04. 2015 19:03 <DIR> Diagnostics
10. 12. 2012 16:37 <DIR> DigitalPersona
23. 12. 2013 10:36 <DIR> ElevatedDiagnostics
30. 06. 2014 22:30 <DIR> Facebook
01. 01. 2013 02:20 66�824 GDIPFONTCACHEV1.DAT
26. 12. 2012 16:29 <DIR> Google
22. 02. 2014 00:35 <DIR> Intel_Corporation
09. 08. 2014 23:27 <DIR> Microsoft
17. 12. 2013 17:02 <DIR> Packages
10. 12. 2012 16:38 <DIR> PDFC
10. 12. 2012 16:38 <DIR> Power2Go8
10. 12. 2012 17:25 <DIR> Programs
25. 01. 2015 22:29 17 resmon.resmoncfg
08. 06. 2014 22:30 <DIR> Skype
13. 05. 2015 01:33 <DIR> Temp
21. 07. 2013 01:37 <DIR> VirtualStore
2 File(s) 66�841 bytes
21 Dir(s) 198�799�486�976 bytes free
========= End of CMD: =========
========= dir "%appdata%" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\Users\U�ivatel\AppData\Roaming
12. 05. 2015 22:50 <DIR> .
12. 05. 2015 22:50 <DIR> ..
26. 04. 2013 19:29 <DIR> .minecraft
12. 04. 2015 10:06 <DIR> Adobe
12. 05. 2015 22:58 20 appdataFr3.bin
14. 09. 2014 23:10 <DIR> Apple Computer
10. 12. 2012 17:27 <DIR> APP_NAME_NON_STRING
23. 06. 2013 14:08 <DIR> CyberLink
10. 12. 2012 16:37 <DIR> DigitalPersona
15. 12. 2013 16:00 <DIR> hpqlog
10. 12. 2012 16:37 <DIR> Identities
26. 12. 2012 19:25 <DIR> Macromedia
28. 12. 2012 01:05 <DIR> Media Player Classic
01. 01. 2013 02:20 <DIR> PDF Architect
24. 05. 2014 19:15 <DIR> RealVNC
10. 06. 2014 20:22 <DIR> Skype
10. 12. 2012 16:37 <DIR> Synaptics
08. 01. 2013 00:44 <DIR> TeamViewer
1 File(s) 20 bytes
17 Dir(s) 198�799�486�976 bytes free
========= End of CMD: =========
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 2.9 GB temporary data.
The system needed a reboot.
==== End of Fixlog 01:57:40 ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by Uživatel at 2015-05-13 01:33:44 Run:3
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available profiles: Uživatel)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\...\Run: [Facebook Update] => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-30] (Facebook Inc.)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05]
ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2330285332-1516996101-1209863040-1002 -> {2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF Extension: IMPI - C:\Program Files\IMPI\Firefox [2013-02-14]
FF HKLM-x32\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] () [File not signed]
U4 BthAvrcpTg; No ImagePath
U4 bthhfhid; No ImagePath
C:\Program Files\IMPI
2015-05-12 22:47 - 2015-05-12 22:50 - 00000000 ____D () C:\AdwCleaner
2015-05-12 22:46 - 2015-05-12 22:46 - 02209792 _____ () C:\Users\Uživatel\Desktop\adwcleaner_4.204.exe
2015-05-11 23:03 - 2015-05-11 23:04 - 00031745 _____ () C:\Users\Uživatel\Desktop\Addition.txt
2015-05-11 23:01 - 2015-05-13 00:05 - 00015965 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2015-05-11 22:53 - 2015-05-11 22:53 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 840612.crdownload
2015-05-11 22:52 - 2015-05-11 22:52 - 00112107 _____ (forum.viry.cz) C:\Users\Uživatel\Downloads\Nepotvrzeno 728272.crdownload
2015-05-10 11:06 - 2015-05-10 11:06 - 00000000 ____D () C:\ProgramData\Browser AdBlocker
Task: {46BDE508-188B-4EEC-B89F-B1D7030B3E31} - System32\Tasks\Bidaily Synchronize Task => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe [2014-05-05] () <==== ATTENTION
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task.job => C:\ProgramData\{ec21ab8e-2e90-3a63-ec21-1ab8e2e9ae38}\Darktek - Decibel Of The hell [Live 2011].exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\bestadblocker
C:\Program Files (x86)\UniDeals
C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value not found.
C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell not found.
C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe not found.
HKLM\SOFTWARE\Policies\Google => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} => Key not found.
HKCR\CLSID\{2133ADB8-5C5C-4C65-A9D8-3A1A5AB1BE2E} => Key not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Value not found.
C:\Program Files\IMPI\Firefox not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Value not found.
IMPI Updater => Service not found.
BthAvrcpTg => Service not found.
bthhfhid => Service not found.
"C:\Program Files\IMPI" => File/Directory not found.
"C:\AdwCleaner" => File/Directory not found.
"C:\Users\Uživatel\Desktop\adwcleaner_4.204.exe" => File/Directory not found.
"C:\Users\Uživatel\Desktop\Addition.txt" => File/Directory not found.
"C:\Users\Uživatel\Desktop\FRST.txt" => File/Directory not found.
"C:\Users\Uživatel\Downloads\Nepotvrzeno 840612.crdownload" => File/Directory not found.
"C:\Users\Uživatel\Downloads\Nepotvrzeno 728272.crdownload" => File/Directory not found.
"C:\ProgramData\Browser AdBlocker" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46BDE508-188B-4EEC-B89F-B1D7030B3E31} => Key not found.
C:\Windows\System32\Tasks\Bidaily Synchronize Task not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task => Key not found.
C:\WINDOWS\Tasks\Bidaily Synchronize Task.job not found.
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job not found.
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job not found.
"C:\Program Files (x86)\bestadblocker" => File/Directory not found.
"C:\Program Files (x86)\UniDeals" => File/Directory not found.
"C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}" => File/Directory not found.
========= dir "C:\PROGRA~1" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\PROGRA~1
13. 05. 2015 01:29 <DIR> .
13. 05. 2015 01:29 <DIR> ..
12. 09. 2014 21:32 <DIR> Bonjour
12. 09. 2014 21:33 <DIR> Common Files
15. 12. 2013 16:23 <DIR> Hewlett-Packard
25. 01. 2015 22:38 <DIR> I.CA SecureStore
12. 09. 2012 20:10 <DIR> IDT
12. 09. 2012 19:55 <DIR> Intel
12. 05. 2015 22:51 <DIR> Internet Explorer
12. 09. 2014 21:35 <DIR> iPod
12. 09. 2014 21:36 <DIR> iTunes
15. 12. 2013 17:10 <DIR> MSBuild
01. 01. 2013 18:35 <DIR> RealVNC
15. 12. 2013 17:10 <DIR> Reference Assemblies
15. 12. 2013 17:18 <DIR> Synaptics
12. 09. 2012 20:17 <DIR> Validity Sensors
13. 03. 2015 02:18 <DIR> Windows Defender
12. 05. 2015 20:55 <DIR> Windows Journal
13. 03. 2015 02:27 <DIR> Windows Mail
13. 03. 2015 02:27 <DIR> Windows Media Player
13. 03. 2015 02:27 <DIR> Windows Multimedia Platform
15. 12. 2013 17:44 <DIR> Windows NT
13. 03. 2015 02:27 <DIR> Windows Photo Viewer
13. 03. 2015 02:27 <DIR> Windows Portable Devices
13. 03. 2015 02:18 <DIR> WindowsPowerShell
0 File(s) 0 bytes
25 Dir(s) 198�799�491�072 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~2" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\PROGRA~2
12. 05. 2015 22:50 <DIR> .
12. 05. 2015 22:50 <DIR> ..
10. 12. 2012 17:23 <DIR> 7-Zip
10. 12. 2012 17:24 <DIR> Adobe
12. 09. 2014 21:33 <DIR> Apple Software Update
12. 09. 2014 21:32 <DIR> Bonjour
02. 05. 2015 15:12 <DIR> Common Files
12. 09. 2012 20:15 <DIR> CyberLink
18. 11. 2013 22:10 <DIR> Gemalto
14. 12. 2013 06:16 <DIR> Google
15. 12. 2013 16:23 <DIR> Hewlett-Packard
25. 01. 2015 22:35 <DIR> HID Global
12. 09. 2012 20:04 <DIR> HP HD Webcam Driver
15. 12. 2013 17:27 <DIR> Intel
12. 05. 2015 22:51 <DIR> Internet Explorer
12. 09. 2014 21:36 <DIR> iTunes
13. 03. 2015 02:56 <DIR> Java
12. 09. 2012 19:55 <DIR> JMicron
10. 12. 2012 17:25 <DIR> K-Lite Codec Pack
10. 04. 2013 10:01 <DIR> Logica Czech Republic s.r.o
02. 05. 2015 15:12 <DIR> Microsoft Office
22. 08. 2013 17:36 <DIR> Microsoft.NET
15. 12. 2013 17:10 <DIR> MSBuild
10. 12. 2012 16:37 <DIR> Online Services
10. 12. 2012 17:27 <DIR> PDF Architect
10. 12. 2012 17:41 <DIR> PDFCreator
08. 02. 2015 17:31 <DIR> QuickTime
12. 09. 2012 19:57 <DIR> Ralink Corporation
09. 09. 2012 07:34 <DIR> Realtek
15. 12. 2013 17:10 <DIR> Reference Assemblies
08. 06. 2014 22:29 <DIR> Skype
05. 05. 2015 15:32 <DIR> SystemAugment
21. 07. 2013 10:39 <DIR> trend micro
05. 05. 2015 15:26 <DIR> Utime
13. 03. 2015 02:17 <DIR> Windows Defender
13. 03. 2015 02:18 <DIR> Windows Mail
13. 03. 2015 02:18 <DIR> Windows Media Player
13. 03. 2015 02:18 <DIR> Windows Multimedia Platform
22. 08. 2013 17:36 <DIR> Windows NT
13. 03. 2015 02:18 <DIR> Windows Photo Viewer
13. 03. 2015 02:18 <DIR> Windows Portable Devices
22. 08. 2013 17:36 <DIR> WindowsPowerShell
21. 09. 2014 12:20 <DIR> ZAV
0 File(s) 0 bytes
43 Dir(s) 198�799�491�072 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~3" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\PROGRA~3
12. 09. 2014 21:36 <DIR> 34BE82C4-E596-4e99-A191-52C6199EBF69
10. 12. 2012 17:58 <DIR> Adobe
12. 09. 2014 21:33 <DIR> Apple
12. 09. 2014 21:34 <DIR> Apple Computer
29. 09. 2013 13:47 <DIR> CyberLink
12. 09. 2012 19:44 <DIR> FLEXnet
02. 01. 2013 02:24 <DIR> Hewlett-Packard
15. 12. 2013 16:00 <DIR> HPQLOG
25. 01. 2015 22:38 <DIR> I.CA SecureStore
12. 09. 2012 20:11 <DIR> install_clap
12. 09. 2012 19:55 <DIR> Intel
12. 09. 2012 19:45 <DIR> Macrovision
13. 03. 2015 02:57 <DIR> Oracle
10. 12. 2012 16:39 <DIR> PDFC
15. 12. 2013 17:27 <DIR> PRICache
12. 09. 2012 20:04 <DIR> Qualcomm Atheros
12. 09. 2012 19:57 <DIR> Ralink Bluetooth Stack
12. 09. 2012 19:58 <DIR> Ralink Driver
13. 03. 2015 02:18 <DIR> regid.1991-06.com.microsoft
08. 06. 2014 22:29 <DIR> Skype
10. 12. 2012 17:26 <DIR> Sun
12. 09. 2012 20:15 <DIR> Temp
12. 09. 2012 20:18 <DIR> Validity
09. 09. 2012 07:14 <DIR> {AFF99647-6D64-46F2-934A-F12F468037F6}
0 File(s) 0 bytes
24 Dir(s) 198�799�486�976 bytes free
========= End of CMD: =========
========= dir "%localappdata%" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\Users\U�ivatel\AppData\Local
12. 05. 2015 22:58 <DIR> .
12. 05. 2015 22:58 <DIR> ..
10. 12. 2012 17:25 <DIR> Adobe
12. 09. 2014 21:33 <DIR> Apple
12. 09. 2014 21:37 <DIR> Apple Computer
26. 12. 2012 16:28 <DIR> Apps
21. 07. 2013 07:18 <DIR> bluesoleil
15. 04. 2015 19:03 <DIR> Diagnostics
10. 12. 2012 16:37 <DIR> DigitalPersona
23. 12. 2013 10:36 <DIR> ElevatedDiagnostics
30. 06. 2014 22:30 <DIR> Facebook
01. 01. 2013 02:20 66�824 GDIPFONTCACHEV1.DAT
26. 12. 2012 16:29 <DIR> Google
22. 02. 2014 00:35 <DIR> Intel_Corporation
09. 08. 2014 23:27 <DIR> Microsoft
17. 12. 2013 17:02 <DIR> Packages
10. 12. 2012 16:38 <DIR> PDFC
10. 12. 2012 16:38 <DIR> Power2Go8
10. 12. 2012 17:25 <DIR> Programs
25. 01. 2015 22:29 17 resmon.resmoncfg
08. 06. 2014 22:30 <DIR> Skype
13. 05. 2015 01:33 <DIR> Temp
21. 07. 2013 01:37 <DIR> VirtualStore
2 File(s) 66�841 bytes
21 Dir(s) 198�799�486�976 bytes free
========= End of CMD: =========
========= dir "%appdata%" =========
Volume in drive C is HP NOTEBOOK
Volume Serial Number is AE14-F5AB
Directory of C:\Users\U�ivatel\AppData\Roaming
12. 05. 2015 22:50 <DIR> .
12. 05. 2015 22:50 <DIR> ..
26. 04. 2013 19:29 <DIR> .minecraft
12. 04. 2015 10:06 <DIR> Adobe
12. 05. 2015 22:58 20 appdataFr3.bin
14. 09. 2014 23:10 <DIR> Apple Computer
10. 12. 2012 17:27 <DIR> APP_NAME_NON_STRING
23. 06. 2013 14:08 <DIR> CyberLink
10. 12. 2012 16:37 <DIR> DigitalPersona
15. 12. 2013 16:00 <DIR> hpqlog
10. 12. 2012 16:37 <DIR> Identities
26. 12. 2012 19:25 <DIR> Macromedia
28. 12. 2012 01:05 <DIR> Media Player Classic
01. 01. 2013 02:20 <DIR> PDF Architect
24. 05. 2014 19:15 <DIR> RealVNC
10. 06. 2014 20:22 <DIR> Skype
10. 12. 2012 16:37 <DIR> Synaptics
08. 01. 2013 00:44 <DIR> TeamViewer
1 File(s) 20 bytes
17 Dir(s) 198�799�486�976 bytes free
========= End of CMD: =========
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 2.9 GB temporary data.
The system needed a reboot.
==== End of Fixlog 01:57:40 ====
Re: Vyskakující okna s reklamou
Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm
- spustte jako spravce
- do velkeho okna zkopirujte script uvedeny nize
- kliknete na Run script
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Vyskakující okna s reklamou
Hotovo. (Stále mrcha ty okna vyskakujou ).
Zde je log:
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by U§ivatel on st 13. 05. 2015 at 2:37:28,27.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Uživatel\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
13. 5. 2015 3:05:27 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\COMMON~1\InstallShield deleted successfully
C:\PROGRA~3\PDFC deleted successfully
C:\PROGRA~3\Validity deleted successfully
C:\Users\UIVATE~1\AppData\Local\PDFC deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_USERS\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\SystemAugment deleted
C:\PROGRA~2\Utime deleted
C:\Users\UIVATE~1\AppData\Roaming\appdataFr3.bin deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []
==== Chromium Look ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
"Default_Page_URL"="http://www.bing.com?pc=CMNTDFJS"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{C83724D7-77F1-497B-B529-38FFAD93E1AE} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
==== Reset Google Chrome ======================
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1de2f042.TMP was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF4ea1437d.TMP was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UIVATE~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\UIVATE~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=7 folders=32 2128684 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UIVATE~1\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\UIVATE~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on st 13. 05. 2015 at 3:28:24,47 ======================
Zde je log:
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by U§ivatel on st 13. 05. 2015 at 2:37:28,27.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Uživatel\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
13. 5. 2015 3:05:27 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\COMMON~1\InstallShield deleted successfully
C:\PROGRA~3\PDFC deleted successfully
C:\PROGRA~3\Validity deleted successfully
C:\Users\UIVATE~1\AppData\Local\PDFC deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_USERS\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\SystemAugment deleted
C:\PROGRA~2\Utime deleted
C:\Users\UIVATE~1\AppData\Roaming\appdataFr3.bin deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []
==== Chromium Look ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
"Default_Page_URL"="http://www.bing.com?pc=CMNTDFJS"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{C83724D7-77F1-497B-B529-38FFAD93E1AE} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
==== Reset Google Chrome ======================
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1de2f042.TMP was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF4ea1437d.TMP was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UIVATE~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\UIVATE~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=7 folders=32 2128684 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UIVATE~1\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\UIVATE~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on st 13. 05. 2015 at 3:28:24,47 ======================
Re: Vyskakující okna s reklamou
Dejte log FRST.txt, prilozte i Addition.txt. Pokud chceme vytvorit i Addition.txt pri druhem a dalsim spusteni FRST, je nutne tuto volbu pred zacatkem skenu explicitne zatrhnout - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Vyskakující okna s reklamou
Tady jsou oba logy:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Uživatel (administrator) on NTB1 on 13-05-2015 05:36:32
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available profiles: Uživatel)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-06] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-08-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364032 2012-08-16] (IVT Corporation)
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-05-02]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05]
ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-2330285332-1516996101-1209863040-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2330285332-1516996101-1209863040-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-13]
CHR Extension: (Docs) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (YouTube) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Google Search) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Google Sheets) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-13]
CHR Extension: (Gmail) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-08-29] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-06] (IDT, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4773768 2012-10-02] (RealVNC Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus)
S3 STIrUsb; C:\Windows\system32\DRIVERS\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 05:36 - 2015-05-13 05:36 - 00012808 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2015-05-13 03:28 - 2015-05-13 03:28 - 00000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-05-13 03:28 - 2015-05-13 03:28 - 00000000 ____D () C:\ProgramData\Validity
2015-05-13 03:27 - 2015-05-13 02:37 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-13 03:23 - 2015-05-13 03:28 - 00000000 ____D () C:\zoek
2015-05-13 03:04 - 2015-05-13 03:28 - 00006942 _____ () C:\zoek-results.log
2015-05-13 02:37 - 2015-05-13 03:24 - 00000000 ____D () C:\zoek_backup
2015-05-13 02:35 - 2015-05-13 02:35 - 01308672 _____ () C:\Users\Uživatel\Desktop\zoek.exe
2015-05-13 01:37 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 01:37 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-12 21:15 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:15 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:08 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-12 20:08 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-12 20:08 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-12 20:08 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-12 20:07 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 20:07 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-12 20:07 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-12 20:07 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-12 20:07 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-12 20:07 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-12 20:07 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-12 20:07 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-12 20:07 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-12 20:07 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-12 20:07 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-12 20:07 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-12 20:07 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-12 20:07 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-12 20:07 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-12 20:07 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-12 20:07 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-12 20:07 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-12 20:07 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-12 20:07 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-12 20:07 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-12 20:07 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 20:07 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 20:07 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-12 20:07 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-12 20:07 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-12 20:07 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-12 20:07 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-12 20:07 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-12 20:07 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-12 20:07 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-12 20:07 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-12 20:07 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-12 20:07 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-12 20:07 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-12 20:07 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-12 20:07 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-12 20:07 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 20:07 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-12 20:07 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-12 20:07 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-12 20:07 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-12 20:07 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 20:07 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 20:07 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-12 20:07 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 20:07 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 20:07 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 20:07 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-12 20:07 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-12 20:07 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-12 20:07 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-12 20:07 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 20:07 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 20:07 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 20:07 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 20:07 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-12 20:07 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 20:07 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 20:07 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 20:07 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-12 20:07 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-12 20:07 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 20:07 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 20:07 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 20:07 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 20:07 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 20:07 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-12 20:07 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-12 20:07 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 20:07 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 20:07 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-12 20:07 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-11 22:57 - 2015-05-11 22:58 - 02102784 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2015-05-06 20:00 - 2015-05-06 22:18 - 00000000 ____D () C:\Users\Uživatel\Desktop\SOCIÁLNÍ LÉKAŘSTVÍ
2015-05-06 02:05 - 2014-06-03 03:08 - 00062386 _____ () C:\Users\Uživatel\Desktop\Palla logo s.r.o..bmp
2015-05-05 21:42 - 2015-05-05 21:42 - 00000362 _____ () C:\Users\Uživatel\Downloads\stažený soubor.vcf
2015-05-05 15:28 - 2015-05-05 15:28 - 00000570 _____ () C:\Users\Uivatel\Desktop\Darktek - Decibel Of The hell [Live 2011].mp4
2015-05-05 15:28 - 2015-05-05 15:28 - 00000000 ____D () C:\Users\Uivatel
2015-05-05 15:23 - 2015-05-05 15:23 - 00300544 _____ () C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe
2015-05-05 14:29 - 2015-05-05 14:29 - 00000787 _____ () C:\Users\Uživatel\Documents\records.html
2015-05-04 15:57 - 2015-05-05 01:11 - 00000000 ____D () C:\Users\Uživatel\Desktop\PATOLOGIE
2015-05-02 15:12 - 2015-05-02 15:12 - 00002747 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002695 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002693 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002685 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Otevřít dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Nový dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002639 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002629 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00000384 _____ () C:\WINDOWS\ODBC.INI
2015-05-02 15:12 - 2015-05-02 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje sady Microsoft Office
2015-05-02 15:11 - 2015-05-02 15:11 - 00000000 ____D () C:\WINDOWS\Msagent
2015-05-01 21:23 - 2015-05-01 21:23 - 00016124 _____ () C:\Users\Uživatel\Downloads\Sešit1 (1).xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00020170 _____ () C:\Users\Uživatel\Downloads\graf8.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00019312 _____ () C:\Users\Uživatel\Downloads\graf10.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00016739 _____ () C:\Users\Uživatel\Downloads\graf9.xlsx
2015-04-29 20:57 - 2015-04-29 20:57 - 00342251 _____ () C:\Users\Uživatel\Downloads\prilohy_1096.zip
2015-04-29 01:14 - 2015-04-29 01:14 - 00001130 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150429-011407.xml
2015-04-27 09:27 - 2015-04-27 09:27 - 00001145 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150427-092736.xml
2015-04-20 20:23 - 2015-04-20 20:27 - 14695130 _____ () C:\Users\Uživatel\Downloads\Laurent Wolf - No Stress.flv
2015-04-20 20:18 - 2015-04-20 20:19 - 38050716 _____ () C:\Users\Uživatel\Downloads\JAK NA STRES PRI UCENI [mp3s.nadruhou.net].mp4
2015-04-17 17:20 - 2015-04-17 19:03 - 1810354604 _____ () C:\Users\Uživatel\Downloads\Rychle-a-zběsile-7-cz-titulky.Novinka.2015..avi
2015-04-15 03:13 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 03:13 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 03:13 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 03:13 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 03:13 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 03:13 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 03:12 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 03:12 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 03:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 03:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 03:11 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 03:11 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 03:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 03:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 03:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 03:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 03:10 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 02:18 - 2015-04-15 02:18 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100131375 (1).pdf.mb9l74f.partial
2015-04-15 02:12 - 2015-04-15 02:12 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100056516 (2).pdf.ja9gzwn.partial
2015-04-14 22:34 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 22:34 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 22:34 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 22:34 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 22:34 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 22:34 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 22:34 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 22:34 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 22:34 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 22:34 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01.exe
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01 (1).exe
2015-04-13 00:51 - 2015-04-13 00:51 - 00634368 _____ () C:\Users\Uživatel\Downloads\cenikzs2007.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 05:36 - 2013-07-21 23:07 - 00000000 ____D () C:\FRST
2015-05-13 05:17 - 2013-11-14 14:40 - 01934988 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-13 05:17 - 2013-11-14 14:24 - 00802206 _____ () C:\WINDOWS\system32\perfh005.dat
2015-05-13 05:17 - 2013-11-14 14:24 - 00183700 _____ () C:\WINDOWS\system32\perfc005.dat
2015-05-13 05:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-13 04:40 - 2013-12-15 17:31 - 01272739 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-13 04:34 - 2014-06-30 22:29 - 00000950 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job
2015-05-13 04:12 - 2013-12-16 00:43 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9C5D9F1-B7AB-4A59-B859-92F4CBFA12E1}
2015-05-13 03:46 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-13 03:28 - 2013-08-22 16:46 - 00365709 _____ () C:\WINDOWS\setupact.log
2015-05-13 03:28 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-13 03:28 - 2012-08-16 02:46 - 00000787 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-05-13 03:27 - 2013-11-14 05:30 - 00023670 _____ () C:\WINDOWS\PFRO.log
2015-05-13 02:35 - 2012-12-26 22:34 - 07830016 ___SH () C:\Users\Uživatel\Downloads\Thumbs.db
2015-05-13 01:59 - 2012-12-28 03:21 - 00973312 ___SH () C:\Users\Uživatel\Desktop\Thumbs.db
2015-05-13 01:58 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-13 01:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-12 22:56 - 2013-08-22 16:44 - 00362608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-12 22:52 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-12 22:52 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-12 22:34 - 2014-06-30 22:29 - 00000928 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job
2015-05-12 21:12 - 2013-08-14 13:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-12 21:06 - 2012-12-25 11:28 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-12 20:55 - 2013-11-14 14:26 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 19:56 - 2012-12-25 04:44 - 00002344 ____H () C:\Users\Uživatel\Documents\Default.rdp
2015-05-11 22:17 - 2014-09-24 20:07 - 00004915 _____ () C:\Users\Uživatel\Documents\zav-report-veronika.pallova.html
2015-05-09 14:04 - 2012-12-10 16:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2330285332-1516996101-1209863040-1002
2015-05-09 13:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-09 02:48 - 2013-08-10 14:40 - 00826880 ___SH () C:\Users\Uživatel\Documents\Thumbs.db
2015-05-05 19:59 - 2015-03-13 02:37 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-13 02:37 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 17:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-02 15:12 - 2013-11-14 14:26 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-05-02 15:12 - 2012-09-09 07:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-02 15:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-05-02 15:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\System
2015-04-22 19:39 - 2013-12-15 17:25 - 00000000 ____D () C:\Users\Uživatel
2015-04-21 19:31 - 2014-10-10 15:15 - 00000000 ____D () C:\Users\Uživatel\Desktop\Avon
2015-04-15 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 10:08 - 2014-12-13 19:11 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 10:08 - 2014-07-09 09:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-14 22:29 - 2014-11-12 14:16 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
==================== Files in the root of some directories =======
2015-05-13 03:28 - 2015-05-13 03:28 - 0000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-01-25 22:29 - 2015-01-25 22:29 - 0000017 _____ () C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-13 03:42
==================== End Of Log ============================
a ještě addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Uživatel at 2015-05-13 05:37:50
Running from C:\Users\Uživatel\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2330285332-1516996101-1209863040-500 - Administrator - Disabled)
Guest (S-1-5-21-2330285332-1516996101-1209863040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2330285332-1516996101-1209863040-1004 - Limited - Enabled)
Uživatel (S-1-5-21-2330285332-1516996101-1209863040-1002 - Administrator - Enabled) => C:\Users\Uživatel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1924 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.2006 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4330 - CyberLink Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HID OMNIKEY 4040 PC/SC Driver (HKLM-x32\...\{E0F53D39-900E-40CA-969A-643DEF6D0B93}) (Version: 3.0.0.2 - HID Global Corporation)
HP 3D DriveGuard (HKLM\...\{29989969-FED8-4EFB-8FB2-39429D37E471}) (Version: 5.1.5.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.12 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
I.CA SecureStore 2.29.4 (HKLM\...\{313FF7F5-9193-4C71-A874-75B1A7673E69}) (Version: 2.29.4 - První certifikační autorita, a.s.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
IMPI 2.0.0.429 (HKLM\...\{17E113E6-CD0E-4045-B154-65F0E57959EF}_is1) (Version: - Bitcocktail)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
K-Lite Mega Codec Pack 9.5.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.0 - )
Logica PKI .NET Component (HKLM-x32\...\{A8213B4E-9D54-47F5-8DC1-A543CE644F41}) (Version: 1.0.2 - Logica Czech Republic s.r.o)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM-x32\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft (HKLM-x32\...\Minecraft) (Version: 1.2.* - )
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.0 - Frank Heindörfer, Philip Chinery)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Server 5.0.3 (HKLM\...\RealVNC_is1) (Version: 5.0.3 - RealVNC Ltd)
VNC Viewer 5.0.3 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.3 - RealVNC Ltd)
zavvyuka (HKLM-x32\...\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1) (Version: 0.9.102 - Novuco)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
22-04-2015 19:53:53 Naplánovaný kontrolní bod
01-05-2015 10:50:19 Naplánovaný kontrolní bod
02-05-2015 15:09:33 Nainstalováno: Microsoft Office XP Professional s aplikací FrontPage
10-05-2015 14:26:05 Naplánovaný kontrolní bod
13-05-2015 01:29:11 Restore Point Created by FRST
13-05-2015 01:33:45 Restore Point Created by FRST
13-05-2015 03:04:57 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2015-05-13 03:05 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1637EE0C-88CD-4AEA-AF14-FDAC445D0FD4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {2B59F52B-7B2F-4B50-9A41-AC7289467AFE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {3398192D-1797-4407-B4A4-8BCB1B94EFE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {3F2B0C55-0874-43CC-A76D-64F3E6F86AF6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {546D7B95-C5AC-4B9D-AC37-EE9502F3B69C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {64F3AE99-ECA3-4A53-AE90-52247FD662AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {77CE19F2-CE95-4BD1-93B6-E852F2391FA2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-30] (Facebook Inc.)
Task: {8A919614-B0CF-4CE0-9362-96B22FC3DC9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-12] (Microsoft Corporation)
Task: {9B3FE447-21C1-4926-B007-958A8E0B7194} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {BD711A14-71AA-4D4F-AF36-C5281F91CCF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {DD748143-9829-4809-BF31-3582E3FE559B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30] (Synaptics Incorporated)
Task: {E049588F-AACA-4758-A6A7-BF8351E8C594} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {FA3E3237-8908-4073-B1C7-7BE50D4F7032} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-30] (Facebook Inc.)
Task: {FD894781-C143-4A91-B110-F5A9AC6017ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job => C:\Users\U~ivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job => C:\Users\U~ivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2012-08-14 23:13 - 2012-08-14 23:13 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00052736 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2012-08-16 02:20 - 2012-08-16 02:20 - 00356352 _____ () C:\Windows\system32\BsExtendFunc.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2012-09-12 19:54 - 2012-07-18 08:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C1046E5A-42D1-475F-A895-E0E29A29F365}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{061B73B2-BCDF-40B4-8742-87DCF36176E1}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{576BEBAA-759F-487C-B6D4-7370B000F886}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2783788A-E57A-48F9-9D29-108D25819821}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{436FA2A9-0598-4BB0-87C5-CE5F02759F38}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{AC012B71-BA44-4A2B-AC93-F5203B38B123}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{4DDCEA1B-9016-45E7-A11F-3ED5EF9B2DDB}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{5C420BB9-C455-4336-9BF2-613744278CA8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{63D3C00D-1A85-4EA1-A4AB-EAE2F735F4F3}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{F716E733-D28E-4293-B17E-405B56B18118}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [UDP Query User{B7E60686-85F0-49D8-A9CA-77564718AA83}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [TCP Query User{E70EC5DC-BEF2-4870-9C38-874A8E35F482}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [UDP Query User{E040C45F-C319-4D79-B669-8F9FE4733048}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [TCP Query User{108C280B-4C0C-4769-9595-EBC3571FE144}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [{7BA510F1-90D6-4FC2-B1FD-089C4CBD8E34}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{04F8DCF7-A714-497B-86AD-B34B86A2FECB}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{73FE3DB9-D985-46E0-8004-E5E72D2F1AF5}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1923F218-8251-4D79-9711-ECD2FC972ABD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BE1C135B-0589-489C-9193-143D0FC35C1B}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{0829DC16-1C2D-40C5-91DC-44B0050C85EE}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [TCP Query User{0124CC54-E75D-4052-A9BA-4822CC4D34D9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{53B255EF-250E-4483-BD04-6FACC02F97AE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{744E785F-3376-4E69-8737-F3DB6BE1AED6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4ABE549A-3628-4C66-9DE7-E72BE40CA9E9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{88439917-9F77-4B47-87C2-5E5657F5BD16}] => (Allow) C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{D928CAEC-34E4-4D15-B2A0-84B0FE8CC7E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{131B0AED-3C35-4C3D-A643-63A163962DB6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1F69865-19F0-4F34-8325-0012C62D1D3A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2F0532D9-670D-4900-92B3-9EFB1234B31E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{267FC6CB-A7F2-49F9-BE8F-3350E1FE70FA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DD0288DD-718B-40C7-8690-FBBA177ABE0C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/13/2015 03:28:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.17667, časové razítko: 0x54c6f7c2
Název chybujícího modulu: twinui.dll, verze: 6.3.9600.17415, časové razítko: 0x54503c45
Kód výjimky: 0x80270249
Posun chyby: 0x00000000002f497f
ID chybujícího procesu: 0x420
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
Error: (05/13/2015 01:59:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.17667, časové razítko: 0x54c6f7c2
Název chybujícího modulu: twinui.dll, verze: 6.3.9600.17415, časové razítko: 0x54503c45
Kód výjimky: 0x80270249
Posun chyby: 0x00000000002f497f
ID chybujícího procesu: 0x188
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
Error: (05/13/2015 01:33:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service IMPI Updater since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (05/13/2015 01:32:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRST64.exe, verze: 9.5.2015.0, časové razítko: 0x554dd2eb
Název chybujícího modulu: FRST64.exe, verze: 9.5.2015.0, časové razítko: 0x554dd2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000247c9
ID chybujícího procesu: 0x146c
Čas spuštění chybující aplikace: 0xFRST64.exe0
Cesta k chybující aplikaci: FRST64.exe1
Cesta k chybujícímu modulu: FRST64.exe2
ID zprávy: FRST64.exe3
Úplný název chybujícího balíčku: FRST64.exe4
ID aplikace související s chybujícím balíčkem: FRST64.exe5
Error: (05/13/2015 01:29:11 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4da05951-fe18-410a-9a5a-5f7ada435eb4}
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2016
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2016
Error: (05/11/2015 04:48:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18506047
System errors:
=============
Error: (05/13/2015 03:43:29 AM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/13/2015 03:42:59 AM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/13/2015 03:24:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 03:24:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 03:24:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 03:24:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 03:24:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 02:09:46 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (05/13/2015 02:04:06 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (05/13/2015 01:58:58 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Microsoft Office Sessions:
=========================
Error: (05/13/2015 03:28:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2twinui.dll6.3.9600.1741554503c458027024900000000002f497f42001d08d1c0e82c363C:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\twinui.dll5b8d7cd6-f90f-11e4-bf0c-b4b52f780a5e
Error: (05/13/2015 01:59:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2twinui.dll6.3.9600.1741554503c458027024900000000002f497f18801d08d0f963ec7cdC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\twinui.dlle3e046fd-f902-11e4-bf0b-b4b52f780a5e
Error: (05/13/2015 01:33:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service IMPI Updater since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
Error: (05/13/2015 01:32:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe9.5.2015.0554dd2ebFRST64.exe9.5.2015.0554dd2ebc000000500000000000247c9146c01d08d0b627a2561C:\Users\Uživatel\Desktop\FRST64.exeC:\Users\Uživatel\Desktop\FRST64.exe1de13a3f-f8ff-11e4-bf0a-b4b52f780a5e
Error: (05/13/2015 01:29:11 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Přístup byl odepřen.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4da05951-fe18-410a-9a5a-5f7ada435eb4}
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2016
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2016
Error: (05/11/2015 04:48:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18506047
CodeIntegrity Errors:
===================================
Date: 2015-05-11 22:56:50.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-11 22:56:50.270
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:16.488
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:16.092
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:15.668
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:15.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:50.200
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:49.785
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:49.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:48.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 39%
Total physical RAM: 3976.39 MB
Available physical RAM: 2397.68 MB
Total Pagefile: 5256.39 MB
Available Pagefile: 3354.12 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (HP NOTEBOOK) (Fixed) (Total:449.35 GB) (Free:185.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:0.43 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:12.87 GB) (Free:2 GB) NTFS
Drive g: () (Removable) (Total:28.91 GB) (Free:21.87 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A50E1C7D)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 28.9 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Uživatel (administrator) on NTB1 on 13-05-2015 05:36:32
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available profiles: Uživatel)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-06] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-08-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364032 2012-08-16] (IVT Corporation)
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-05-02]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05]
ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-2330285332-1516996101-1209863040-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2330285332-1516996101-1209863040-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-13]
CHR Extension: (Docs) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (YouTube) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Google Search) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Google Sheets) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-13]
CHR Extension: (Gmail) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-08-29] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-06] (IDT, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4773768 2012-10-02] (RealVNC Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus)
S3 STIrUsb; C:\Windows\system32\DRIVERS\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 05:36 - 2015-05-13 05:36 - 00012808 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2015-05-13 03:28 - 2015-05-13 03:28 - 00000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-05-13 03:28 - 2015-05-13 03:28 - 00000000 ____D () C:\ProgramData\Validity
2015-05-13 03:27 - 2015-05-13 02:37 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-13 03:23 - 2015-05-13 03:28 - 00000000 ____D () C:\zoek
2015-05-13 03:04 - 2015-05-13 03:28 - 00006942 _____ () C:\zoek-results.log
2015-05-13 02:37 - 2015-05-13 03:24 - 00000000 ____D () C:\zoek_backup
2015-05-13 02:35 - 2015-05-13 02:35 - 01308672 _____ () C:\Users\Uživatel\Desktop\zoek.exe
2015-05-13 01:37 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 01:37 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-12 21:15 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:15 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:08 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-12 20:08 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-12 20:08 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-12 20:08 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-12 20:07 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 20:07 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-12 20:07 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-12 20:07 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-12 20:07 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-12 20:07 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-12 20:07 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-12 20:07 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-12 20:07 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-12 20:07 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-12 20:07 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-12 20:07 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-12 20:07 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-12 20:07 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-12 20:07 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-12 20:07 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-12 20:07 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-12 20:07 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-12 20:07 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-12 20:07 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-12 20:07 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-12 20:07 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 20:07 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 20:07 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-12 20:07 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-12 20:07 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-12 20:07 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-12 20:07 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-12 20:07 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-12 20:07 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-12 20:07 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-12 20:07 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-12 20:07 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-12 20:07 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-12 20:07 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-12 20:07 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-12 20:07 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-12 20:07 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 20:07 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-12 20:07 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-12 20:07 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-12 20:07 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-12 20:07 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 20:07 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 20:07 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-12 20:07 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 20:07 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 20:07 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 20:07 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-12 20:07 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-12 20:07 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-12 20:07 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-12 20:07 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 20:07 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 20:07 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 20:07 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 20:07 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-12 20:07 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 20:07 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 20:07 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 20:07 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-12 20:07 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-12 20:07 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 20:07 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 20:07 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 20:07 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 20:07 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 20:07 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-12 20:07 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-12 20:07 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 20:07 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 20:07 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-12 20:07 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-11 22:57 - 2015-05-11 22:58 - 02102784 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2015-05-06 20:00 - 2015-05-06 22:18 - 00000000 ____D () C:\Users\Uživatel\Desktop\SOCIÁLNÍ LÉKAŘSTVÍ
2015-05-06 02:05 - 2014-06-03 03:08 - 00062386 _____ () C:\Users\Uživatel\Desktop\Palla logo s.r.o..bmp
2015-05-05 21:42 - 2015-05-05 21:42 - 00000362 _____ () C:\Users\Uživatel\Downloads\stažený soubor.vcf
2015-05-05 15:28 - 2015-05-05 15:28 - 00000570 _____ () C:\Users\Uivatel\Desktop\Darktek - Decibel Of The hell [Live 2011].mp4
2015-05-05 15:28 - 2015-05-05 15:28 - 00000000 ____D () C:\Users\Uivatel
2015-05-05 15:23 - 2015-05-05 15:23 - 00300544 _____ () C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe
2015-05-05 14:29 - 2015-05-05 14:29 - 00000787 _____ () C:\Users\Uživatel\Documents\records.html
2015-05-04 15:57 - 2015-05-05 01:11 - 00000000 ____D () C:\Users\Uživatel\Desktop\PATOLOGIE
2015-05-02 15:12 - 2015-05-02 15:12 - 00002747 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002695 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002693 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002685 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Otevřít dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Nový dokument Office.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002639 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00002629 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2015-05-02 15:12 - 2015-05-02 15:12 - 00000384 _____ () C:\WINDOWS\ODBC.INI
2015-05-02 15:12 - 2015-05-02 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje sady Microsoft Office
2015-05-02 15:11 - 2015-05-02 15:11 - 00000000 ____D () C:\WINDOWS\Msagent
2015-05-01 21:23 - 2015-05-01 21:23 - 00016124 _____ () C:\Users\Uživatel\Downloads\Sešit1 (1).xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00020170 _____ () C:\Users\Uživatel\Downloads\graf8.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00019312 _____ () C:\Users\Uživatel\Downloads\graf10.xlsx
2015-05-01 21:00 - 2015-05-01 21:00 - 00016739 _____ () C:\Users\Uživatel\Downloads\graf9.xlsx
2015-04-29 20:57 - 2015-04-29 20:57 - 00342251 _____ () C:\Users\Uživatel\Downloads\prilohy_1096.zip
2015-04-29 01:14 - 2015-04-29 01:14 - 00001130 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150429-011407.xml
2015-04-27 09:27 - 2015-04-27 09:27 - 00001145 _____ () C:\Users\Uživatel\Downloads\DPHDP3-0027742806-20150427-092736.xml
2015-04-20 20:23 - 2015-04-20 20:27 - 14695130 _____ () C:\Users\Uživatel\Downloads\Laurent Wolf - No Stress.flv
2015-04-20 20:18 - 2015-04-20 20:19 - 38050716 _____ () C:\Users\Uživatel\Downloads\JAK NA STRES PRI UCENI [mp3s.nadruhou.net].mp4
2015-04-17 17:20 - 2015-04-17 19:03 - 1810354604 _____ () C:\Users\Uživatel\Downloads\Rychle-a-zběsile-7-cz-titulky.Novinka.2015..avi
2015-04-15 03:13 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 03:13 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 03:13 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 03:13 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 03:13 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 03:13 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 03:13 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 03:13 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 03:13 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 03:12 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 03:12 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 03:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 03:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 03:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 03:11 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 03:11 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 03:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 03:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 03:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 03:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 03:10 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 02:18 - 2015-04-15 02:18 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100131375 (1).pdf.mb9l74f.partial
2015-04-15 02:12 - 2015-04-15 02:12 - 00039064 _____ () C:\Users\Uživatel\Downloads\1100056516 (2).pdf.ja9gzwn.partial
2015-04-14 22:34 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 22:34 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 22:34 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 22:34 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 22:34 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 22:34 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 22:34 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 22:34 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 22:34 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 22:34 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 22:34 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 22:34 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 22:34 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01.exe
2015-04-14 22:11 - 2015-04-14 22:11 - 10162330 _____ (Novuco ) C:\Users\Uživatel\Downloads\zavvyuka-install-1.0.01 (1).exe
2015-04-13 00:51 - 2015-04-13 00:51 - 00634368 _____ () C:\Users\Uživatel\Downloads\cenikzs2007.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 05:36 - 2013-07-21 23:07 - 00000000 ____D () C:\FRST
2015-05-13 05:17 - 2013-11-14 14:40 - 01934988 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-13 05:17 - 2013-11-14 14:24 - 00802206 _____ () C:\WINDOWS\system32\perfh005.dat
2015-05-13 05:17 - 2013-11-14 14:24 - 00183700 _____ () C:\WINDOWS\system32\perfc005.dat
2015-05-13 05:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-13 04:40 - 2013-12-15 17:31 - 01272739 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-13 04:34 - 2014-06-30 22:29 - 00000950 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job
2015-05-13 04:12 - 2013-12-16 00:43 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9C5D9F1-B7AB-4A59-B859-92F4CBFA12E1}
2015-05-13 03:46 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-13 03:28 - 2013-08-22 16:46 - 00365709 _____ () C:\WINDOWS\setupact.log
2015-05-13 03:28 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-13 03:28 - 2012-08-16 02:46 - 00000787 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-05-13 03:27 - 2013-11-14 05:30 - 00023670 _____ () C:\WINDOWS\PFRO.log
2015-05-13 02:35 - 2012-12-26 22:34 - 07830016 ___SH () C:\Users\Uživatel\Downloads\Thumbs.db
2015-05-13 01:59 - 2012-12-28 03:21 - 00973312 ___SH () C:\Users\Uživatel\Desktop\Thumbs.db
2015-05-13 01:58 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-13 01:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-12 22:56 - 2013-08-22 16:44 - 00362608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-12 22:52 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-12 22:52 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-12 22:34 - 2014-06-30 22:29 - 00000928 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job
2015-05-12 21:12 - 2013-08-14 13:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-12 21:06 - 2012-12-25 11:28 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-12 20:55 - 2013-11-14 14:26 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 19:56 - 2012-12-25 04:44 - 00002344 ____H () C:\Users\Uživatel\Documents\Default.rdp
2015-05-11 22:17 - 2014-09-24 20:07 - 00004915 _____ () C:\Users\Uživatel\Documents\zav-report-veronika.pallova.html
2015-05-09 14:04 - 2012-12-10 16:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2330285332-1516996101-1209863040-1002
2015-05-09 13:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-09 02:48 - 2013-08-10 14:40 - 00826880 ___SH () C:\Users\Uživatel\Documents\Thumbs.db
2015-05-05 19:59 - 2015-03-13 02:37 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-13 02:37 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 17:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-02 15:12 - 2013-11-14 14:26 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-05-02 15:12 - 2012-09-09 07:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-02 15:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-05-02 15:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\System
2015-04-22 19:39 - 2013-12-15 17:25 - 00000000 ____D () C:\Users\Uživatel
2015-04-21 19:31 - 2014-10-10 15:15 - 00000000 ____D () C:\Users\Uživatel\Desktop\Avon
2015-04-15 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 10:08 - 2014-12-13 19:11 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 10:08 - 2014-07-09 09:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-14 22:29 - 2014-11-12 14:16 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
==================== Files in the root of some directories =======
2015-05-13 03:28 - 2015-05-13 03:28 - 0000020 _____ () C:\Users\Uživatel\AppData\Roaming\appdataFr3.bin
2015-01-25 22:29 - 2015-01-25 22:29 - 0000017 _____ () C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-13 03:42
==================== End Of Log ============================
a ještě addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Uživatel at 2015-05-13 05:37:50
Running from C:\Users\Uživatel\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2330285332-1516996101-1209863040-500 - Administrator - Disabled)
Guest (S-1-5-21-2330285332-1516996101-1209863040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2330285332-1516996101-1209863040-1004 - Limited - Enabled)
Uživatel (S-1-5-21-2330285332-1516996101-1209863040-1002 - Administrator - Enabled) => C:\Users\Uživatel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1924 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.2006 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4330 - CyberLink Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HID OMNIKEY 4040 PC/SC Driver (HKLM-x32\...\{E0F53D39-900E-40CA-969A-643DEF6D0B93}) (Version: 3.0.0.2 - HID Global Corporation)
HP 3D DriveGuard (HKLM\...\{29989969-FED8-4EFB-8FB2-39429D37E471}) (Version: 5.1.5.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.12 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
I.CA SecureStore 2.29.4 (HKLM\...\{313FF7F5-9193-4C71-A874-75B1A7673E69}) (Version: 2.29.4 - První certifikační autorita, a.s.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
IMPI 2.0.0.429 (HKLM\...\{17E113E6-CD0E-4045-B154-65F0E57959EF}_is1) (Version: - Bitcocktail)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
K-Lite Mega Codec Pack 9.5.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.0 - )
Logica PKI .NET Component (HKLM-x32\...\{A8213B4E-9D54-47F5-8DC1-A543CE644F41}) (Version: 1.0.2 - Logica Czech Republic s.r.o)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM-x32\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft (HKLM-x32\...\Minecraft) (Version: 1.2.* - )
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.0 - Frank Heindörfer, Philip Chinery)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Server 5.0.3 (HKLM\...\RealVNC_is1) (Version: 5.0.3 - RealVNC Ltd)
VNC Viewer 5.0.3 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.3 - RealVNC Ltd)
zavvyuka (HKLM-x32\...\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1) (Version: 0.9.102 - Novuco)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
22-04-2015 19:53:53 Naplánovaný kontrolní bod
01-05-2015 10:50:19 Naplánovaný kontrolní bod
02-05-2015 15:09:33 Nainstalováno: Microsoft Office XP Professional s aplikací FrontPage
10-05-2015 14:26:05 Naplánovaný kontrolní bod
13-05-2015 01:29:11 Restore Point Created by FRST
13-05-2015 01:33:45 Restore Point Created by FRST
13-05-2015 03:04:57 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2015-05-13 03:05 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1637EE0C-88CD-4AEA-AF14-FDAC445D0FD4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {2B59F52B-7B2F-4B50-9A41-AC7289467AFE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {3398192D-1797-4407-B4A4-8BCB1B94EFE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {3F2B0C55-0874-43CC-A76D-64F3E6F86AF6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {546D7B95-C5AC-4B9D-AC37-EE9502F3B69C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {64F3AE99-ECA3-4A53-AE90-52247FD662AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {77CE19F2-CE95-4BD1-93B6-E852F2391FA2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-30] (Facebook Inc.)
Task: {8A919614-B0CF-4CE0-9362-96B22FC3DC9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-12] (Microsoft Corporation)
Task: {9B3FE447-21C1-4926-B007-958A8E0B7194} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {BD711A14-71AA-4D4F-AF36-C5281F91CCF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {DD748143-9829-4809-BF31-3582E3FE559B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30] (Synaptics Incorporated)
Task: {E049588F-AACA-4758-A6A7-BF8351E8C594} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {FA3E3237-8908-4073-B1C7-7BE50D4F7032} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-30] (Facebook Inc.)
Task: {FD894781-C143-4A91-B110-F5A9AC6017ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job => C:\Users\U~ivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job => C:\Users\U~ivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2012-08-14 23:13 - 2012-08-14 23:13 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00052736 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2012-08-16 02:20 - 2012-08-16 02:20 - 00356352 _____ () C:\Windows\system32\BsExtendFunc.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-08-14 23:13 - 2012-08-14 23:13 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2012-08-14 23:11 - 2012-08-14 23:11 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-30 15:58 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2012-09-12 19:54 - 2012-07-18 08:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2330285332-1516996101-1209863040-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C1046E5A-42D1-475F-A895-E0E29A29F365}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{061B73B2-BCDF-40B4-8742-87DCF36176E1}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{576BEBAA-759F-487C-B6D4-7370B000F886}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2783788A-E57A-48F9-9D29-108D25819821}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{436FA2A9-0598-4BB0-87C5-CE5F02759F38}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{AC012B71-BA44-4A2B-AC93-F5203B38B123}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{4DDCEA1B-9016-45E7-A11F-3ED5EF9B2DDB}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{5C420BB9-C455-4336-9BF2-613744278CA8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{63D3C00D-1A85-4EA1-A4AB-EAE2F735F4F3}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{F716E733-D28E-4293-B17E-405B56B18118}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [UDP Query User{B7E60686-85F0-49D8-A9CA-77564718AA83}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [TCP Query User{E70EC5DC-BEF2-4870-9C38-874A8E35F482}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [UDP Query User{E040C45F-C319-4D79-B669-8F9FE4733048}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [TCP Query User{108C280B-4C0C-4769-9595-EBC3571FE144}C:\program files\realvnc\vnc viewer\vncviewer.exe] => (Block) C:\program files\realvnc\vnc viewer\vncviewer.exe
FirewallRules: [{7BA510F1-90D6-4FC2-B1FD-089C4CBD8E34}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{04F8DCF7-A714-497B-86AD-B34B86A2FECB}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{73FE3DB9-D985-46E0-8004-E5E72D2F1AF5}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1923F218-8251-4D79-9711-ECD2FC972ABD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BE1C135B-0589-489C-9193-143D0FC35C1B}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{0829DC16-1C2D-40C5-91DC-44B0050C85EE}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [TCP Query User{0124CC54-E75D-4052-A9BA-4822CC4D34D9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{53B255EF-250E-4483-BD04-6FACC02F97AE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{744E785F-3376-4E69-8737-F3DB6BE1AED6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4ABE549A-3628-4C66-9DE7-E72BE40CA9E9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{88439917-9F77-4B47-87C2-5E5657F5BD16}] => (Allow) C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{D928CAEC-34E4-4D15-B2A0-84B0FE8CC7E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{131B0AED-3C35-4C3D-A643-63A163962DB6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1F69865-19F0-4F34-8325-0012C62D1D3A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2F0532D9-670D-4900-92B3-9EFB1234B31E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{267FC6CB-A7F2-49F9-BE8F-3350E1FE70FA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DD0288DD-718B-40C7-8690-FBBA177ABE0C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/13/2015 03:28:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.17667, časové razítko: 0x54c6f7c2
Název chybujícího modulu: twinui.dll, verze: 6.3.9600.17415, časové razítko: 0x54503c45
Kód výjimky: 0x80270249
Posun chyby: 0x00000000002f497f
ID chybujícího procesu: 0x420
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
Error: (05/13/2015 01:59:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.17667, časové razítko: 0x54c6f7c2
Název chybujícího modulu: twinui.dll, verze: 6.3.9600.17415, časové razítko: 0x54503c45
Kód výjimky: 0x80270249
Posun chyby: 0x00000000002f497f
ID chybujícího procesu: 0x188
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
Error: (05/13/2015 01:33:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service IMPI Updater since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (05/13/2015 01:32:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRST64.exe, verze: 9.5.2015.0, časové razítko: 0x554dd2eb
Název chybujícího modulu: FRST64.exe, verze: 9.5.2015.0, časové razítko: 0x554dd2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000247c9
ID chybujícího procesu: 0x146c
Čas spuštění chybující aplikace: 0xFRST64.exe0
Cesta k chybující aplikaci: FRST64.exe1
Cesta k chybujícímu modulu: FRST64.exe2
ID zprávy: FRST64.exe3
Úplný název chybujícího balíčku: FRST64.exe4
ID aplikace související s chybujícím balíčkem: FRST64.exe5
Error: (05/13/2015 01:29:11 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4da05951-fe18-410a-9a5a-5f7ada435eb4}
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2016
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2016
Error: (05/11/2015 04:48:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18506047
System errors:
=============
Error: (05/13/2015 03:43:29 AM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/13/2015 03:42:59 AM) (Source: DCOM) (EventID: 10010) (User: NTB1)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/13/2015 03:24:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 03:24:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 03:24:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 03:24:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 03:24:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/13/2015 02:09:46 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (05/13/2015 02:04:06 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (05/13/2015 01:58:58 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Microsoft Office Sessions:
=========================
Error: (05/13/2015 03:28:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2twinui.dll6.3.9600.1741554503c458027024900000000002f497f42001d08d1c0e82c363C:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\twinui.dll5b8d7cd6-f90f-11e4-bf0c-b4b52f780a5e
Error: (05/13/2015 01:59:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2twinui.dll6.3.9600.1741554503c458027024900000000002f497f18801d08d0f963ec7cdC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\twinui.dlle3e046fd-f902-11e4-bf0b-b4b52f780a5e
Error: (05/13/2015 01:33:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service IMPI Updater since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
Error: (05/13/2015 01:32:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe9.5.2015.0554dd2ebFRST64.exe9.5.2015.0554dd2ebc000000500000000000247c9146c01d08d0b627a2561C:\Users\Uživatel\Desktop\FRST64.exeC:\Users\Uživatel\Desktop\FRST64.exe1de13a3f-f8ff-11e4-bf0a-b4b52f780a5e
Error: (05/13/2015 01:29:11 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Přístup byl odepřen.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4da05951-fe18-410a-9a5a-5f7ada435eb4}
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2016
Error: (05/11/2015 04:48:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2016
Error: (05/11/2015 04:48:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18506047
Error: (05/10/2015 10:25:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18506047
CodeIntegrity Errors:
===================================
Date: 2015-05-11 22:56:50.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-11 22:56:50.270
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:16.488
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:16.092
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:15.668
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-17 00:22:15.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:50.200
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:49.785
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:49.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-14 14:23:48.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 39%
Total physical RAM: 3976.39 MB
Available physical RAM: 2397.68 MB
Total Pagefile: 5256.39 MB
Available Pagefile: 3354.12 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (HP NOTEBOOK) (Fixed) (Total:449.35 GB) (Free:185.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:0.43 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:12.87 GB) (Free:2 GB) NTFS
Drive g: () (Removable) (Total:28.91 GB) (Free:21.87 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A50E1C7D)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 28.9 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Re: Vyskakující okna s reklamou
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: Folder: C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69 Folder: C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6} Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05] ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File) 2015-05-13 03:27 - 2015-05-13 02:37 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe 2015-05-13 03:23 - 2015-05-13 03:28 - 00000000 ____D () C:\zoek 2015-05-13 03:04 - 2015-05-13 03:28 - 00006942 _____ () C:\zoek-results.log 2015-05-13 02:37 - 2015-05-13 03:24 - 00000000 ____D () C:\zoek_backup 2015-05-13 02:35 - 2015-05-13 02:35 - 01308672 _____ () C:\Users\Uživatel\Desktop\zoek.exe 2015-05-05 15:23 - 2015-05-05 15:23 - 00300544 _____ () C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job C:\Users\Uživatel\AppData\Local\Temp End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Vyskakující okna s reklamou
Hotovo. Zde je log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-05-2015 01
Ran by Uživatel at 2015-05-13 23:51:09 Run:4
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available profiles: Uživatel)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
Folder: C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69
Folder: C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6}
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05]
ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File)
2015-05-13 03:27 - 2015-05-13 02:37 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-13 03:23 - 2015-05-13 03:28 - 00000000 ____D () C:\zoek
2015-05-13 03:04 - 2015-05-13 03:28 - 00006942 _____ () C:\zoek-results.log
2015-05-13 02:37 - 2015-05-13 03:24 - 00000000 ____D () C:\zoek_backup
2015-05-13 02:35 - 2015-05-13 02:35 - 01308672 _____ () C:\Users\Uživatel\Desktop\zoek.exe
2015-05-05 15:23 - 2015-05-05 15:23 - 00300544 _____ () C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job
C:
*****************
Processes closed successfully.
========================= Folder: C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69 ========================
2012-08-21 13:01 - 2012-08-21 13:01 - 1977816 _____ (GEAR Software, Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\GEARDIFx.exe
2014-09-12 21:36 - 2014-09-12 21:36 - 0000000 ____D () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64
2012-08-21 13:01 - 2012-08-21 13:01 - 0519048 _____ (Microsoft Corporation) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxAPI.dll
2012-08-21 13:01 - 2012-08-21 13:01 - 0131544 _____ (GEAR Software, Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DifXInst64.exe
2014-09-12 21:36 - 2014-09-12 21:37 - 0003752 _____ () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxInstallLog.txt
2012-08-21 13:01 - 2012-08-21 13:01 - 0106928 _____ (GEAR Software Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi.dll
2012-08-21 13:01 - 2012-08-21 13:01 - 0125872 _____ (GEAR Software Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi64.dll
2012-08-21 13:01 - 2012-08-21 13:01 - 0002561 _____ () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspiWDM.inf
2012-08-21 13:01 - 2012-08-21 13:01 - 0007638 _____ () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\gearaspiwdmx64.cat
2014-09-12 21:36 - 2014-09-12 21:36 - 0000000 ____D () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\x64
2012-08-21 13:01 - 2012-08-21 13:01 - 0033240 _____ (GEAR Software Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\x64\GEARAspiWDM.sys
====== End of Folder: ======
========================= Folder: C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6} ========================
2012-09-09 07:14 - 2012-09-09 07:14 - 0021494 _____ () C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6}\0x0409.ini
2012-09-09 07:14 - 2012-09-09 07:14 - 46393344 _____ () C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6}\HP Support Assistant.msi
====== End of Folder: ======
C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell not found.
C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe not found.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Uživatel\Desktop\zoek.exe => Moved successfully.
C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe => Moved successfully.
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job not found.
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job not found.
C: => Error: No automatic fix found for this entry.
The system needed a reboot.
==== End of Fixlog 23:51:11 ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-05-2015 01
Ran by Uživatel at 2015-05-13 23:51:09 Run:4
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available profiles: Uživatel)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
Folder: C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69
Folder: C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6}
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell [Live 2011].lnk [2015-05-05]
ShortcutTarget: Darktek - Decibel Of The hell [Live 2011].lnk -> C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe (No File)
2015-05-13 03:27 - 2015-05-13 02:37 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-13 03:23 - 2015-05-13 03:28 - 00000000 ____D () C:\zoek
2015-05-13 03:04 - 2015-05-13 03:28 - 00006942 _____ () C:\zoek-results.log
2015-05-13 02:37 - 2015-05-13 03:24 - 00000000 ____D () C:\zoek_backup
2015-05-13 02:35 - 2015-05-13 02:35 - 01308672 _____ () C:\Users\Uživatel\Desktop\zoek.exe
2015-05-05 15:23 - 2015-05-05 15:23 - 00300544 _____ () C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job
C:
*****************
Processes closed successfully.
========================= Folder: C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69 ========================
2012-08-21 13:01 - 2012-08-21 13:01 - 1977816 _____ (GEAR Software, Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\GEARDIFx.exe
2014-09-12 21:36 - 2014-09-12 21:36 - 0000000 ____D () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64
2012-08-21 13:01 - 2012-08-21 13:01 - 0519048 _____ (Microsoft Corporation) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxAPI.dll
2012-08-21 13:01 - 2012-08-21 13:01 - 0131544 _____ (GEAR Software, Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DifXInst64.exe
2014-09-12 21:36 - 2014-09-12 21:37 - 0003752 _____ () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxInstallLog.txt
2012-08-21 13:01 - 2012-08-21 13:01 - 0106928 _____ (GEAR Software Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi.dll
2012-08-21 13:01 - 2012-08-21 13:01 - 0125872 _____ (GEAR Software Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi64.dll
2012-08-21 13:01 - 2012-08-21 13:01 - 0002561 _____ () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspiWDM.inf
2012-08-21 13:01 - 2012-08-21 13:01 - 0007638 _____ () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\gearaspiwdmx64.cat
2014-09-12 21:36 - 2014-09-12 21:36 - 0000000 ____D () C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\x64
2012-08-21 13:01 - 2012-08-21 13:01 - 0033240 _____ (GEAR Software Inc.) C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\x64\GEARAspiWDM.sys
====== End of Folder: ======
========================= Folder: C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6} ========================
2012-09-09 07:14 - 2012-09-09 07:14 - 0021494 _____ () C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6}\0x0409.ini
2012-09-09 07:14 - 2012-09-09 07:14 - 46393344 _____ () C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6}\HP Support Assistant.msi
====== End of Folder: ======
C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Darktek - Decibel Of The hell not found.
C:\ProgramData\{960b0f0f-fe47-88f7-960b-b0f0ffe43c3f}\Darktek - Decibel Of The hell [Live 2011].exe not found.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Uživatel\Desktop\zoek.exe => Moved successfully.
C:\Users\Uživatel\Downloads\Darktek - Decibel Of The hell [Live 2011].exe => Moved successfully.
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002Core.job not found.
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2330285332-1516996101-1209863040-1002UA.job not found.
C: => Error: No automatic fix found for this entry.
The system needed a reboot.
==== End of Fixlog 23:51:11 ====
Naposledy upravil(a) Palla dne 13 kvě 2015 23:04, celkem upraveno 1 x.
Re: Vyskakující okna s reklamou
Reklamy stale vyskakuji?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?