Spomaleny notebook

[krtkopower222]

Zdravim,prosim mozete mi skontrolovat log z hijack this?Pred cca tyzdnom mi zacal z nicoho nic pomaly startovat ntb,
a teraz uz mi ide pomaly vsetko.Dakujem

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:03, on 9. 10. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.18969)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe
C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\krtkopower\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pandasecurity.mystart.com/?pr=vm ... 5614AFF9D6
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O15 - Trusted Zone: http://*.webcompanion.com
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe

--
End of file - 5381 bytes

[Rudy]

Zdravím!
HJT už dávno není to pravé ořechové. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[krtkopower222]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:08-10-2015
Ran by krtkopower (administrator) on KRTKOPOWER-PC (09-10-2015 21:05:24)
Running from C:\Users\krtkopower\Desktop
Loaded Profiles: krtkopower (Available Profiles: krtkopower & Guest)
Platform: Microsoft Windows 7 Enterprise Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_185_ActiveX.exe
(forum.viry.cz) C:\Users\krtkopower\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe [7992032 2015-08-27] ()
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-07-28] (Panda Security, S.L.)
HKU\S-1-5-21-1404250380-4153645060-118619260-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1404250380-4153645060-118619260-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-12-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-07] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-07] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-07] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-07] (Lavasoft Limited)
Winsock: Catalog9 30 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-07] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7D84E5D0-3DBA-4FEB-A255-C8F6EBED4B6A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{915437B3-08BC-4453-99A8-F18C9664550B}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1404250380-4153645060-118619260-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1404250380-4153645060-118619260-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pandasecurity.mystart.com/?pr=vmn&id=pandasecuritytb&v=4_3&utm_campaign=671&idate=2015-10-07&ent=hp_671&u=3821DE907B0A57252C60ED5614AFF9D6
URLSearchHook: [S-1-5-21-1404250380-4153645060-118619260-1001] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
SearchScopes: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D10071 ... earchTerms}
SearchScopes: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D10071 ... earchTerms}
SearchScopes: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasecuritytb&v=4_3&idate=2015-10-07&ent=ch_671&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-08-22] (Oracle Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files\pandasecuritytb\pandasecurityDx.dll [2015-08-27] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-08-22] (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll [2015-08-27] ()
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\krtkopower\AppData\Roaming\Mozilla\Firefox\Profiles\n99a83qe.default
FF Homepage: hxxp://www.bing.com/?pc=COSP&ptag=D100715-A60F ... =CT3332038
FF Keyword.URL:
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D100715-A60F ... =CT3332038
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-08-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-08-22] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-07] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF SearchPlugin: C:\Users\krtkopower\AppData\Roaming\Mozilla\Firefox\Profiles\n99a83qe.default\searchplugins\bing-lavasoft.xml [2015-10-07]
FF Extension: NoScript - C:\Users\krtkopower\AppData\Roaming\Mozilla\Firefox\Profiles\n99a83qe.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-08-29]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://feed.baboom.audio/?st=ds&query={searchTerms}
CHR DefaultSearchKeyword: Default -> Baboom Search
CHR Profile: C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-07]
CHR Extension: (Dokumenty Google) - C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-07]
CHR Extension: (Disk Google) - C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-07]
CHR Extension: (YouTube) - C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Google Search) - C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-07]
CHR Extension: (Tabuľky Google) - C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-07]
CHR Extension: (Gmail) - C:\Users\krtkopower\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-07]
CHR HKLM\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-10-07] (Adobe Systems) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe [659872 2015-08-27] ()
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-07-23] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [283448 2014-09-19] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2015-10-03] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-07-30] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-10-07] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [87032 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202104 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109688 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [121720 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [50992 2015-05-20] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [102264 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [64760 2015-07-09] ()
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [120568 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [281720 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [209016 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [108408 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [240376 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [94968 2015-07-09] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [40024 2014-02-18] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [140024 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105208 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168696 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113912 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124664 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100600 2015-07-19] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50832 2015-05-22] (Panda Security, S.L.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2015-01-26] (Duplex Secure Ltd.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
U3 aw8quf9b; C:\Windows\system32\Drivers\aw8quf9b.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S1 ASPI32; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-09 21:05 - 2015-10-09 21:05 - 00015544 _____ C:\Users\krtkopower\Desktop\FRST.txt
2015-10-09 21:05 - 2015-10-09 21:05 - 00000000 ____D C:\FRST
2015-10-09 21:04 - 2015-10-09 21:04 - 00112640 _____ (forum.viry.cz) C:\Users\krtkopower\Desktop\FRSTLauncher.exe
2015-10-09 20:58 - 2015-10-09 20:58 - 01698304 _____ (Farbar) C:\Users\krtkopower\Desktop\FRST.exe
2015-10-09 20:43 - 2015-10-09 20:43 - 00005382 _____ C:\Users\krtkopower\Desktop\hijackthis.log
2015-10-09 20:42 - 2015-10-09 20:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\krtkopower\Desktop\hijackthis.exe
2015-10-09 18:00 - 2015-10-09 18:05 - 962686409 _____ C:\Users\krtkopower\Downloads\xxx Group Swingers párty 101.wmv
2015-10-09 18:00 - 2015-10-09 18:04 - 819294957 _____ C:\Users\krtkopower\Downloads\xxx Group Swingers párty 122.wmv
2015-10-09 17:56 - 2015-10-09 17:58 - 558966450 _____ C:\Users\krtkopower\Downloads\Czech+Sex+Party+4+%28amateri%2C+ceske+porno%2C+mlade+holky%2C+teen%29.avi
2015-10-09 17:55 - 2015-10-09 17:57 - 405060494 _____ C:\Users\krtkopower\Downloads\Czech-Sex-Party-3-%28amateri%2C-ceske-porno%2C-mlade-holky%2C-teen%29+xxx+sex+porno.avi
2015-10-09 17:38 - 2015-10-09 17:45 - 1102531593 _____ C:\Users\krtkopower\Downloads\FemaleAgent E234 - Lenny (720p) - NOVINKA 18.7.14.mp4
2015-10-09 17:35 - 2015-10-09 17:48 - 1574813085 _____ C:\Users\krtkopower\Downloads\FemaleAgent.E232.Lexi.XXX.1080p.MP4-KTR[PORNO].mp4
2015-10-09 17:33 - 2015-10-09 17:41 - 1281885691 _____ C:\Users\krtkopower\Downloads\PublicAgent.E201.Yenna.XXX.1080p.mov
2015-10-09 17:30 - 2015-10-09 17:38 - 1266375756 _____ C:\Users\krtkopower\Downloads\FemaleAgent.E302.Tommy.Beautiful.Agents.Perfect.Pussy.Gets.Creampied.By.Eager.Stud.XXX.1080p.mov
2015-10-09 17:05 - 2015-10-09 17:08 - 974208986 _____ C:\Users\krtkopower\Downloads\FabSluts - Alexa, Dusya - Sexy Russian Pornstars Epic Anal Threesome XXX WEBDL - PORNO.mp4
2015-10-09 16:59 - 2015-10-09 17:02 - 343464385 _____ C:\Users\krtkopower\Downloads\[SEX ČERNOŠKY] Macatý zralý černošky.mp4
2015-10-09 16:58 - 2015-10-09 17:00 - 435505827 _____ C:\Users\krtkopower\Downloads\[SEX ČERNOŠKY] Holky jdou rovnou na věc.mp4
2015-10-09 16:52 - 2015-10-09 16:54 - 438078804 _____ C:\Users\krtkopower\Downloads\xxx Group Dvě prsatý paničky ojedou kluka.mp4
2015-10-09 16:50 - 2015-10-09 17:12 - 1325115134 _____ C:\Users\krtkopower\Downloads\Clápek šoustá dvě holky na veřejnosti porno.avi
2015-10-09 16:39 - 2015-10-09 16:41 - 544037281 _____ C:\Users\krtkopower\Downloads\ATKGirlfriends - Skye West, Nikki Next and Victoria Rae Black - Three girls share ONE cock! NEW (July 02, 2015) NEW.mp4
2015-10-09 16:30 - 2015-10-09 16:39 - 1942011794 _____ C:\Users\krtkopower\Downloads\Sugar.Mamas.XXX.DVDRip.x264-CHiKANi.mp4
2015-10-09 16:28 - 2015-10-09 16:33 - 979024258 _____ C:\Users\krtkopower\Downloads\Auch Mamas wollen gefickt werden (2013).German.XXX.mp4
2015-10-09 16:27 - 2015-10-09 16:49 - 1031040496 _____ C:\Users\krtkopower\Downloads\Kleine.Schlampen.boeser.Onkel.German.XXX.DVDRip.x264-KissMyDick.mp4
2015-10-09 16:13 - 2015-10-09 16:15 - 189042195 _____ C:\Users\krtkopower\Downloads\xxx Amatéři České soukromé orgie 8 část 1.mp4
2015-10-09 16:11 - 2015-10-09 16:18 - 795316115 _____ C:\Users\krtkopower\Downloads\xxx Amatéři České soukromé orgie 5 část 3.wmv
2015-10-09 16:05 - 2015-10-09 16:05 - 00019556 _____ C:\Users\krtkopower\Downloads\[CzT]Czech_Estrogenolit_18_Vanesa_2015_CZ_720pLQ_.torrent
2015-10-09 16:05 - 2015-10-09 16:05 - 00017326 _____ C:\Users\krtkopower\Downloads\[CzT]CzechCasting_5850_Andrea_26_9_2015_CZ_1080p_.torrent
2015-10-09 16:03 - 2015-10-09 16:03 - 00017599 _____ C:\Users\krtkopower\Downloads\[CzT]Brazzers_Real_Wife_Stories_Kayla_Kayden_Keiran_Lee.torrent
2015-10-09 13:19 - 2015-05-22 10:45 - 00050832 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-10-08 19:38 - 2015-10-09 16:03 - 00000000 ____D C:\Users\krtkopower\AppData\LocalLow\uTorrent
2015-10-08 19:22 - 2015-10-08 19:22 - 00018152 _____ C:\Users\krtkopower\Downloads\[CzT]Focus_2015_CZ_.torrent
2015-10-07 07:58 - 2015-10-07 07:58 - 00002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-07 07:58 - 2015-10-07 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-07 07:57 - 2015-10-09 21:03 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-07 07:57 - 2015-10-09 20:25 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-07 07:39 - 2015-10-09 21:02 - 00000000 ____D C:\Users\krtkopower\AppData\LocalLow\pandasecuritytb
2015-10-07 07:39 - 2015-10-09 19:28 - 00000000 ____D C:\ProgramData\panda_url_filtering
2015-10-07 07:39 - 2015-10-07 07:39 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2015-10-07 07:39 - 2015-10-07 07:39 - 00000000 ____D C:\Program Files\pandasecuritytb
2015-10-07 07:38 - 2015-10-07 07:39 - 00000000 ____D C:\Program Files\Panda Security
2015-10-07 07:38 - 2015-10-07 07:38 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Panda Security
2015-10-07 07:38 - 2015-10-07 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-10-07 07:32 - 2015-10-07 07:39 - 00000000 ____D C:\ProgramData\Panda Security
2015-10-07 07:31 - 2015-10-07 07:31 - 00929872 _____ (Google Inc.) C:\Users\krtkopower\Downloads\ChromeSetup.exe
2015-10-07 04:25 - 2015-10-07 04:25 - 00000000 ____D C:\Users\krtkopower\Documents\AdobeStockPhotos
2015-10-07 03:57 - 2015-10-07 03:57 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\LavasoftStatistics
2015-10-07 03:56 - 2015-10-07 07:53 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Lavasoft
2015-10-07 03:56 - 2015-10-07 03:56 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2015-10-07 03:56 - 2015-10-07 03:56 - 00002944 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-07 03:55 - 2015-10-09 20:26 - 00002321 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-10-07 03:55 - 2015-10-07 07:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-10-07 03:52 - 2015-10-07 07:53 - 00000000 ____D C:\Program Files\Lavasoft
2015-10-07 03:51 - 2015-10-07 03:51 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-10-07 03:49 - 2015-10-07 07:53 - 00000000 ____D C:\ProgramData\Lavasoft
2015-10-07 03:16 - 2015-10-07 03:21 - 00000000 ____D C:\Windows\system32\MRT
2015-10-07 03:16 - 2015-08-26 18:36 - 132039072 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-07 03:11 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-07 02:41 - 2015-10-07 02:42 - 00000000 ____D C:\TPC.SK
2015-10-07 02:41 - 2015-10-07 02:41 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3PigsCasino.sk
2015-10-07 01:43 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-07 01:43 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-07 01:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-07 01:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-07 01:43 - 2015-08-14 19:54 - 01267712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-07 01:43 - 2015-08-14 19:54 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-07 01:43 - 2015-08-14 19:53 - 11031040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-07 01:43 - 2015-08-14 19:53 - 06034944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-07 01:43 - 2015-08-14 19:53 - 02088448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-07 01:43 - 2015-08-14 19:53 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-07 01:43 - 2015-08-05 19:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-07 01:43 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-10-07 01:43 - 2015-08-05 19:40 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-10-07 01:43 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-07 01:43 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-07 01:43 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-07 01:43 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-07 01:43 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-07 01:43 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-10-07 01:43 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-07 01:43 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-07 01:43 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-07 01:43 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-10-07 01:43 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-10-07 01:43 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-07 01:43 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-07 01:43 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-07 01:43 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-10-07 01:42 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-10-07 01:42 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-07 01:42 - 2015-09-02 04:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-10-07 01:42 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-10-07 01:42 - 2015-09-02 03:36 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-07 01:42 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-07 01:42 - 2015-08-14 19:54 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-07 01:42 - 2015-08-14 19:54 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-07 01:42 - 2015-08-14 19:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-07 01:42 - 2015-08-14 19:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-07 01:42 - 2015-08-14 19:53 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2015-10-07 01:42 - 2015-08-14 19:53 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-07 01:42 - 2015-08-14 19:52 - 01466368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-07 01:42 - 2015-08-14 19:17 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-07 01:42 - 2015-08-14 18:57 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-07 01:42 - 2015-08-04 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-07 01:42 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-07 01:42 - 2015-08-04 19:47 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-07 01:42 - 2015-08-04 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-07 01:42 - 2015-08-04 19:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-07 01:42 - 2015-08-04 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-07 01:42 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-07 01:42 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-07 01:42 - 2015-07-22 19:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-07 01:42 - 2015-07-22 19:53 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-10-07 01:42 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-07 01:42 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-10-07 01:42 - 2015-07-22 18:38 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-10-07 01:42 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-07 01:42 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-10-07 01:42 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-07 01:41 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-07 01:41 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-07 01:41 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-07 01:41 - 2015-07-22 19:57 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-07 01:41 - 2015-07-22 19:57 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-07 01:41 - 2015-07-22 19:53 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-07 01:41 - 2015-07-22 19:53 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-07 01:41 - 2015-07-22 19:52 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-07 01:41 - 2015-07-22 19:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-07 01:41 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-07 01:41 - 2015-07-22 19:52 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-07 01:41 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-07 01:41 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-07 01:41 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-07 01:41 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-07 01:41 - 2015-07-22 18:34 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-07 01:41 - 2015-07-22 18:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-07 01:41 - 2015-07-22 18:33 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-07 01:41 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-07 01:41 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-07 01:41 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-10-07 01:41 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-10-07 01:41 - 2015-06-25 11:48 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-07 01:41 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-07 01:41 - 2015-06-25 11:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-07 01:40 - 2015-08-26 19:56 - 02953728 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-07 01:40 - 2015-08-26 19:56 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-07 01:40 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-07 01:40 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-07 01:40 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-07 01:40 - 2015-08-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-07 01:40 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-07 01:40 - 2015-08-26 19:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-07 01:40 - 2015-08-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-07 01:40 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-07 01:40 - 2015-08-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-07 01:40 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-07 00:19 - 2015-10-07 00:19 - 00000000 ____D C:\Users\krtkopower\Documents\Updater
2015-10-07 00:11 - 2015-10-07 00:11 - 00002055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2015-10-07 00:11 - 2015-10-07 00:11 - 00002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2015-10-07 00:11 - 2015-10-07 00:11 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2015-10-07 00:11 - 2015-10-07 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-10-07 00:11 - 2015-10-07 00:11 - 00000000 ____D C:\Program Files\Common Files\Adobe Systems Shared
2015-10-07 00:10 - 2015-10-07 00:11 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-10-07 00:10 - 2015-10-07 00:10 - 00002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2015-10-07 00:10 - 2015-10-07 00:10 - 00000000 ____D C:\ProgramData\Adobe
2015-10-07 00:09 - 2015-10-07 00:12 - 00000000 ____D C:\Program Files\Adobe
2015-10-07 00:06 - 2015-10-07 00:08 - 00000000 ____D C:\PhSp_CS2_UE_Ret
2015-10-06 23:49 - 2015-10-07 08:01 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-06 23:49 - 2015-10-06 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-06 23:49 - 2015-10-06 23:49 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-06 23:49 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-06 23:49 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-06 23:49 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-06 23:27 - 2015-10-06 23:27 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-10-06 23:24 - 2015-10-06 23:27 - 00000000 ____D C:\Program Files\GIMP 2
2015-10-06 22:58 - 2015-10-06 22:58 - 00000000 ____D C:\Program Files\Reason
2015-10-06 21:26 - 2015-10-06 23:41 - 00000000 ____D C:\AdwCleaner
2015-10-06 21:25 - 2015-10-06 21:25 - 00000079 _____ C:\Windows\wininit.ini
2015-10-03 09:53 - 2015-10-06 21:29 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2015-10-03 09:53 - 2015-10-06 21:25 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-03 09:23 - 2015-10-03 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMillion
2015-10-03 09:19 - 2015-10-03 09:38 - 00000000 ____D C:\Program Files\PlayMillion
2015-10-03 05:18 - 2015-10-03 05:18 - 00000000 ___SD C:\Users\krtkopower\Documents\Weby
2015-10-03 05:15 - 2015-10-03 05:15 - 00000384 _____ C:\Windows\ODBC.INI
2015-10-03 05:14 - 2015-10-08 20:15 - 00002663 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Otevřít dokument Office.lnk
2015-10-03 05:14 - 2015-10-08 20:15 - 00002639 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Nový dokument Office.lnk
2015-10-03 05:14 - 2015-10-08 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-03 05:13 - 2015-10-07 03:23 - 00000000 ____D C:\Program Files\Microsoft Works
2015-10-03 05:13 - 2015-10-03 05:13 - 00000000 ____D C:\Windows\PCHEALTH
2015-10-03 05:13 - 2015-10-03 05:13 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2015-10-03 05:13 - 2015-10-03 05:13 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-03 05:13 - 2015-10-03 05:13 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-10-03 05:12 - 2015-10-03 05:12 - 00000000 ____D C:\Users\krtkopower\Documents\MAGIX_Music_Maker_17_Silver
2015-10-03 05:11 - 2015-10-03 05:11 - 00000000 __RHD C:\MSOCache
2015-10-03 05:10 - 2015-10-07 07:27 - 00000000 ____D C:\Program Files\Common Files\MAGIX Services
2015-10-03 05:10 - 2015-10-03 05:10 - 00000000 ____D C:\Users\Public\Documents\MAGIX_Music_Maker_17_Silver
2015-10-03 05:02 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-10-03 05:01 - 2015-10-03 05:01 - 00000000 ____D C:\Program Files\Common Files\PX Storage Engine
2015-10-03 05:01 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-10-03 03:47 - 2015-10-03 03:47 - 00000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-10-03 03:47 - 2015-10-03 03:47 - 00000000 ____D C:\Program Files\Audacity
2015-10-03 03:02 - 2015-10-03 06:16 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\BitTorrent
2015-10-03 02:10 - 2015-10-03 04:57 - 00000000 ____D C:\ProgramData\eJay
2015-10-03 02:09 - 2010-09-24 13:25 - 00097280 _____ (Common Controls Replacement Project (CCRP)) C:\Windows\system32\ccrpbds5.dll
2015-10-03 02:09 - 2010-07-05 01:48 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\mpg4ds32.ax
2015-10-03 02:09 - 2010-06-09 10:15 - 00286720 _____ (Ejay AG) C:\Windows\system32\EjWaveEditorCtrl.ocx
2015-10-03 02:09 - 2010-06-07 08:26 - 00528384 _____ (eJay Entertainment GmbH) C:\Windows\system32\eJayxAudio.ax
2015-10-03 02:09 - 2010-06-07 08:26 - 00348160 _____ (eJay AG) C:\Windows\system32\eJ_UniDialog.ocx
2015-10-03 02:09 - 2010-06-07 08:26 - 00108336 _____ (Microsoft Corporation) C:\Windows\system32\MSWINSCK.OCX
2015-10-03 02:09 - 2010-06-07 08:26 - 00100864 _____ (zwei) C:\Windows\system32\eJ_Explorer.ocx
2015-10-03 02:09 - 2010-06-07 08:26 - 00057344 _____ C:\Windows\system32\eJayxQuell.ax
2015-10-03 02:09 - 2010-06-07 08:26 - 00045056 _____ C:\Windows\system32\eJayxWaveDest.ax
2015-10-03 01:28 - 2015-10-03 01:28 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-10-03 01:25 - 2002-11-02 09:53 - 00057344 _____ (NexiTech, Inc.) C:\Windows\system32\WNASPINT.DLL
2015-10-02 23:40 - 2015-10-02 23:40 - 00026900 _____ C:\Users\krtkopower\AppData\Local\dt.dat
2015-10-02 23:26 - 2015-10-02 23:26 - 00000932 _____ C:\Users\Guest\Desktop\Total Video Player.lnk
2015-10-02 23:26 - 2015-10-02 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Player
2015-10-02 23:26 - 2015-10-02 23:26 - 00000000 ____D C:\Program Files\Total Video Player
2015-09-30 03:51 - 2015-09-30 03:51 - 00001784 _____ C:\Users\krtkopower\AppData\Local\recently-used.xbel
2015-09-30 03:50 - 2015-09-30 03:51 - 00000000 ____D C:\Users\krtkopower\AppData\Local\gtk-2.0
2015-09-30 03:26 - 2015-09-30 03:26 - 00000000 ____D C:\Users\krtkopower\.thumbnails
2015-09-30 02:59 - 2015-09-30 02:59 - 00000000 ____D C:\Program Files\WindowsUpdate
2015-09-26 04:21 - 2015-10-03 05:09 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Winamp
2015-09-26 04:21 - 2015-10-03 05:04 - 00000000 ____D C:\Program Files\Winamp
2015-09-26 04:10 - 2015-09-26 04:10 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoldWave
2015-09-26 04:10 - 2015-09-26 04:10 - 00000000 ____D C:\Program Files\GoldWave
2015-09-20 09:02 - 2015-10-07 07:37 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-20 09:02 - 2015-09-20 09:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2015-09-20 09:02 - 2015-09-20 09:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-09-20 04:41 - 2015-09-21 15:09 - 00000000 ____D C:\Users\krtkopower\Documents\VirtualDJ
2015-09-20 04:41 - 2015-09-20 05:11 - 00000000 ____D C:\Program Files\VirtualDJ
2015-09-20 04:41 - 2015-09-20 04:41 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-09-20 04:29 - 2015-09-20 04:29 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\AVG2012
2015-09-20 04:28 - 2015-09-20 04:28 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\TuneUp Software
2015-09-20 04:26 - 2015-10-08 16:06 - 00000000 ____D C:\ProgramData\AVG2012
2015-09-20 04:26 - 2015-10-07 07:36 - 00000000 ___HD C:\$AVG
2015-09-20 04:25 - 2015-09-20 04:25 - 00000000 ____D C:\Program Files\AVG
2015-09-20 04:22 - 2015-10-07 07:37 - 00000000 ____D C:\ProgramData\MFAData
2015-09-19 21:57 - 2015-09-19 22:43 - 00000000 ____D C:\Users\krtkopower\Documents\Usenet.nl
2015-09-12 11:47 - 2015-09-12 19:00 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\44372980.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-09 20:59 - 2014-12-26 14:36 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-09 20:34 - 2009-07-14 06:34 - 00017088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-09 20:34 - 2009-07-14 06:34 - 00017088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-09 20:32 - 2014-12-24 20:54 - 02000172 _____ C:\Windows\WindowsUpdate.log
2015-10-09 20:30 - 2015-08-24 15:37 - 00000000 ____D C:\Windows\pss
2015-10-09 20:28 - 2014-12-26 21:21 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\uTorrent
2015-10-09 20:24 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-09 19:21 - 2015-01-03 13:25 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\vlc
2015-10-09 15:55 - 2015-07-30 19:55 - 00000450 ____H C:\Windows\Tasks\Norton Security Scan for krtkopower.job
2015-10-08 19:58 - 2014-12-25 21:31 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-08 16:07 - 2009-07-14 06:53 - 00032518 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-08 16:07 - 2009-07-14 06:33 - 00575008 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-07 11:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-10-07 08:00 - 2014-12-26 14:37 - 00000000 ____D C:\Users\krtkopower\AppData\Local\Google
2015-10-07 07:57 - 2014-12-26 14:37 - 00000000 ____D C:\Program Files\Google
2015-10-07 07:47 - 2015-07-17 22:46 - 00000000 ____D C:\STUFF
2015-10-07 07:43 - 2014-12-25 21:29 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Opera Software
2015-10-07 07:43 - 2014-12-25 21:29 - 00000000 ____D C:\Users\krtkopower\AppData\Local\Opera Software
2015-10-07 07:43 - 2014-12-25 21:28 - 00000000 ____D C:\Program Files\Opera
2015-10-07 07:43 - 2014-12-24 21:11 - 00001413 _____ C:\Users\krtkopower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-07 07:38 - 2014-12-26 21:07 - 00106984 _____ C:\Users\krtkopower\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 07:30 - 2015-08-22 04:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synfig
2015-10-07 07:29 - 2015-08-29 09:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-10-07 07:29 - 2015-01-26 20:46 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2015-10-07 07:28 - 2015-01-26 20:52 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-10-07 07:03 - 2014-12-24 21:11 - 00000000 ____D C:\Users\krtkopower
2015-10-07 04:25 - 2015-03-02 20:27 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Adobe
2015-10-07 03:33 - 2014-12-27 13:04 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-07 03:33 - 2014-12-27 13:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-07 03:33 - 2009-07-14 09:54 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-07 03:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sk-SK
2015-10-07 03:23 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-07 01:57 - 2015-09-04 08:13 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Audacity
2015-10-07 01:22 - 2015-07-21 00:07 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\Sony
2015-10-07 01:19 - 2015-07-21 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-10-07 01:19 - 2015-07-21 00:08 - 00000000 ____D C:\Program Files\Sony
2015-10-07 00:19 - 2014-12-26 14:36 - 00000000 ____D C:\Users\krtkopower\AppData\Local\Adobe
2015-10-07 00:13 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\Performance
2015-10-06 23:35 - 2015-05-28 10:46 - 00000000 ____D C:\Users\krtkopower\.gimp-2.8
2015-10-06 23:02 - 2015-09-04 00:42 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\New Version Available
2015-10-06 21:56 - 2015-09-04 01:26 - 00000209 _____ C:\Users\krtkopower\Desktop\Nový textový dokument.txt
2015-10-03 06:16 - 2015-01-26 20:18 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\DAEMON Tools Lite
2015-10-03 05:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\IME
2015-10-03 05:13 - 2014-12-27 13:10 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-10-03 05:11 - 2015-08-17 06:01 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\MAGIX
2015-10-03 05:11 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system
2015-10-03 05:10 - 2015-08-17 06:01 - 00000000 ____D C:\ProgramData\MAGIX
2015-10-03 03:44 - 2015-08-22 04:28 - 00000000 ____D C:\Users\krtkopower\Synfig
2015-10-03 03:04 - 2015-06-01 15:01 - 00000000 ____D C:\Users\krtkopower\AppData\Local\Downloaded Installations
2015-10-03 02:51 - 2015-08-28 15:07 - 00000941 _____ C:\Users\krtkopower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-10-03 02:11 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Speech
2015-10-03 01:28 - 2015-01-26 20:18 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-09-22 16:59 - 2014-12-26 14:36 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-22 16:59 - 2014-12-26 14:36 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-20 07:14 - 2014-12-26 21:07 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-20 04:16 - 2015-05-23 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-09-20 04:15 - 2015-06-01 15:21 - 00000000 ____D C:\Program Files\NCH Software
2015-09-20 04:13 - 2015-08-27 21:03 - 00000000 ____D C:\Users\krtkopower\AppData\Roaming\BSplayer
2015-09-20 04:13 - 2015-08-27 21:03 - 00000000 ____D C:\Program Files\Webteh

==================== Files in the root of some directories =======

2014-12-26 14:43 - 2014-12-26 14:43 - 6000640 _____ () C:\Program Files\GUTEDB9.tmp
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\krtkopower\AppData\Roaming\5FH4geXhHokj3MoHpIEw5b2
2015-06-01 16:40 - 2015-06-01 16:40 - 0001162 _____ () C:\Users\krtkopower\AppData\Roaming\ACInitialize.log
2015-07-17 23:34 - 2015-08-10 06:51 - 0000204 _____ () C:\Users\krtkopower\AppData\Roaming\varicad-work.ini
2015-09-04 01:26 - 2015-09-04 01:26 - 0106456 _____ () C:\Users\krtkopower\AppData\Roaming\WavePad.dmp
2015-08-17 05:57 - 2015-08-17 06:38 - 0005632 _____ () C:\Users\krtkopower\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-02 23:40 - 2015-10-02 23:40 - 0026900 _____ () C:\Users\krtkopower\AppData\Local\dt.dat
2015-09-30 03:51 - 2015-09-30 03:51 - 0001784 _____ () C:\Users\krtkopower\AppData\Local\recently-used.xbel
2015-08-22 05:05 - 2015-08-22 05:05 - 0000187 _____ () C:\Users\krtkopower\AppData\Local\Transfase.exe.config

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for krtkopower.job => C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Panda Free Antivirus (Disabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Ad-Aware Antivirus (Disabled - Out of date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AS: Panda Free Antivirus (Disabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Ad-Aware Antivirus (Disabled - Out of date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\krtkopower\Desktop" je 2 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_8A90C09CF066923F25429FFA3180B2FD
"C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^krtkopower^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * sdnclean.exe
HKU\S-1-5-21-1404250380-4153645060-118619260-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pandasecurity.mystart.com/?pr=vm ... 5614AFF9D6
SearchScopes: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag ... 3332038&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag ... 3332038&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://pandasecurity.mystart.com/result ... =ch_671&q={searchTerms}
FF Homepage: hxxp://www.bing.com/?pc=COSP&ptag=D1007 ... =CT3332038
FF Keyword.URL:
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D1007 ... =CT3332038
S1 ASPI32; no ImagePath
C:\Program Files\GUTEDB9.tmp
C:\Users\krtkopower\AppData\Roaming\5FH4geXhHokj3MoHpIEw5b2
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[krtkopower222]

Fix result of Farbar Recovery Scan Tool (x86) Version:08-10-2015
Ran by krtkopower (2015-10-10 00:34:10) Run:1
Running from C:\Users\krtkopower\Desktop
Loaded Profiles: krtkopower (Available Profiles: krtkopower & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)

HKU\S-1-5-21-1721623860-632071954-635628886-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-1721623860-632071954-635628886-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-1721623860-632071954-635628886-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-1721623860-632071954-635628886-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-1721623860-632071954-635628886-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1721623860-632071954-635628886-1006 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1721623860-632071954-635628886-1006 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-1721623860-632071954-635628886-1006 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1721623860-632071954-635628886-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FF Homepage: hxxp://abetterlife.quora.com/
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-04] (Pando Networks)
FF Plugin HKU\S-1-5-21-1721623860-632071954-635628886-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-04] (Pando Networks)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]

CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Extension: (Skype Click to Call) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mikogo
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIM PeerManager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1721623860-632071954-635628886-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-1721623860-632071954-635628886-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKU\S-1-5-21-1721623860-632071954-635628886-1006\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-1721623860-632071954-635628886-1006\Software\Microsoft\Internet Explorer\Main\\First Home Page => value not found.
HKU\S-1-5-21-1721623860-632071954-635628886-1006\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
\\DefaultScope => value not found.
\\SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox => value not found.
HKU\S-1-5-21-1721623860-632071954-635628886-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-1721623860-632071954-635628886-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found.
HKU\S-1-5-21-1721623860-632071954-635628886-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => key not found.
HKCR\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key not found.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key not found.
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1721623860-632071954-635628886-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value not found.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
HKCR\PROTOCOLS\Handler\skypec2c => key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) => Error: No automatic fix found for this entry.
Firefox "homepage" removed successfully.
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-04] (Pando Networks) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1721623860-632071954-635628886-1001\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin => key not found.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => not found.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => not found.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => not found.
c2cautoupdatesvc => service not found.
c2cpnrsvc => service not found.
GGSAFERDriver => service not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7 => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mikogo => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIM PeerManager => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => Error: No automatic fix found for this entry.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 213.4 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 00:35:26 ====

[Rudy]

Toto není skript, který jsem sem vložil v předchozím svém postu.

[krtkopower222]

ospravedlnujem sa,ale robil som to takto najprv som skopiroval ten vas script,ulozil som ho do fixlist.txt,spustil frst dal fix a z plochy mi zmizol ten fixlist a nahradil sa suborom fixlog.txt.ten som skopiroval a pridal sem.Ja sa v tom moc nevyznam,prepacte za komplikacie.Vypol som si firewall aj antivir.spravil som to nanovo,tu mate ten log:


Fix result of Farbar Recovery Scan Tool (x86) Version:08-10-2015
Ran by krtkopower (2015-10-10 12:02:36) Run:2
Running from C:\Users\krtkopower\Desktop
Loaded Profiles: krtkopower (Available Profiles: krtkopower & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * sdnclean.exe
HKU\S-1-5-21-1404250380-4153645060-118619260-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pandasecurity.mystart.com/?pr=vm ... 5614AFF9D6
SearchScopes: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag ... 3332038&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag ... 3332038&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1404250380-4153645060-118619260-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://pandasecurity.mystart.com/result ... =ch_671&q={searchTerms}
FF Homepage: hxxp://www.bing.com/?pc=COSP&ptag=D1007 ... =CT3332038
FF Keyword.URL:
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D1007 ... =CT3332038
S1 ASPI32; no ImagePath
C:\Program Files\GUTEDB9.tmp
C:\Users\krtkopower\AppData\Roaming\5FH4geXhHokj3MoHpIEw5b2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKU\S-1-5-21-1404250380-4153645060-118619260-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1404250380-4153645060-118619260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-1404250380-4153645060-118619260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-1404250380-4153645060-118619260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}" => key removed successfully.
HKCR\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => key not found.
Firefox "homepage" removed successfully.
Firefox "Keyword.URL" removed successfully.
Firefox DefaultSearchEngine removed successfully.
Firefox SelectedSearchEngine removed successfully.
Firefox "newtab" removed successfully.
ASPI32 => service removed successfully.
C:\Program Files\GUTEDB9.tmp => moved successfully
C:\Users\krtkopower\AppData\Roaming\5FH4geXhHokj3MoHpIEw5b2 => moved successfully

==== End of Fixlog 12:02:37 ====