Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu PC

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:

Prosím o kontrolu PC

#1 Příspěvek od rakato11 »

Předem děkuji a přikládám log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Otakar Vavrečka at 2015-11-19 11:05:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 41 GB (26%) free of 158 GB
Total RAM: 3066 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:06:43, on 19.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\SCANJET\PrecisionScanLT\hppwrsav.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\System32\MSTMON_N.EXE
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Otakar Vavrečka\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\postak.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe
C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files\Mamemail\Mamemail Postak\Postak.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Otakar Vavrečka\Desktop\RSIT.exe
C:\Program Files\trend micro\Otakar Vavrečka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\Windows\system32\MSTMON_N.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1400W STD] C:\Windows\system32\MSTMON_Y.EXE STARTUP
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Users\Otakar Vavrečka\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Viber] "C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - Startup: Mámemail Pošťák.lnk = C:\Program Files\Mamemail\Mamemail Postak\Postak.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5948 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe#

=========Mozilla firefox=========

ProfilePath - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default

prefs.js - "browser.search.useDBForOrder" - ""
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/MycameraPlugin]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\extensions\
{2d3fbcf7-be69-4433-8858-c621a8d0e58d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"KONICA MINOLTA PagePro 1400W STD"=C:\Windows\system32\MSTMON_Y.EXE [2006-03-01 184320]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5089480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"MP3 Skype Recorder"=C:\Users\Otakar Vavrečka\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe [2014-08-08 1544704]
"Seznam Postak"=C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-10-29 4826904]
"Viber"=C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe [2015-11-09 51657424]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files\Canon\ImageBrowser EX\MFManager.exe

C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Mámemail Pošťák.lnk - C:\Program Files\Mamemail\Mamemail Postak\Postak.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-11-12 08:39:33 ----A---- C:\Windows\system32\win32k.sys
2015-11-11 09:51:22 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-11 09:51:21 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-11 09:50:57 ----A---- C:\Windows\system32\kerberos.dll
2015-11-11 09:50:56 ----A---- C:\Windows\system32\schannel.dll
2015-11-11 09:50:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-11 09:50:56 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-11-11 09:50:56 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-11 09:50:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-11 09:50:55 ----A---- C:\Windows\system32\ntdll.dll
2015-11-11 09:50:55 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-11 09:50:55 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-11 09:50:54 ----A---- C:\Windows\system32\wdigest.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\sspicli.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\srcore.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\srclient.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\smss.exe
2015-11-11 09:50:54 ----A---- C:\Windows\system32\rstrui.exe
2015-11-11 09:50:54 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\lsass.exe
2015-11-11 09:50:54 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\credssp.dll
2015-11-11 09:50:54 ----A---- C:\Windows\system32\auditpol.exe
2015-11-11 09:50:53 ----A---- C:\Windows\system32\secur32.dll
2015-11-11 09:50:53 ----A---- C:\Windows\system32\msobjs.dll
2015-11-11 09:50:53 ----A---- C:\Windows\system32\msaudite.dll
2015-11-11 09:50:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-11 09:50:53 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-11 09:50:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-11 09:50:53 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-11 09:50:53 ----A---- C:\Windows\system32\adtschema.dll
2015-11-11 09:50:22 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-11 09:50:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 09:50:17 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-11 09:50:17 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-11 09:50:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-11 09:50:16 ----A---- C:\Windows\system32\vbscript.dll
2015-11-11 09:50:16 ----A---- C:\Windows\system32\urlmon.dll
2015-11-11 09:50:16 ----A---- C:\Windows\system32\occache.dll
2015-11-11 09:50:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 09:50:16 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-11 09:50:16 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-11 09:50:16 ----A---- C:\Windows\system32\iernonce.dll
2015-11-11 09:50:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-11 09:50:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-11 09:50:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-11 09:50:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-11 09:50:15 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-11 09:50:14 ----A---- C:\Windows\system32\webcheck.dll
2015-11-11 09:50:14 ----A---- C:\Windows\system32\msrating.dll
2015-11-11 09:50:13 ----A---- C:\Windows\system32\wininet.dll
2015-11-11 09:50:13 ----A---- C:\Windows\system32\jscript.dll
2015-11-11 09:50:13 ----A---- C:\Windows\system32\iesetup.dll
2015-11-11 09:50:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 09:50:12 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-11 09:50:11 ----A---- C:\Windows\system32\ieui.dll
2015-11-11 09:50:11 ----A---- C:\Windows\system32\ieframe.dll
2015-11-11 09:50:09 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-11 09:50:09 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-11 09:50:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-11 09:50:08 ----A---- C:\Windows\system32\jscript9.dll
2015-11-11 09:50:07 ----A---- C:\Windows\system32\mshtml.dll
2015-11-11 09:50:06 ----A---- C:\Windows\system32\iertutil.dll
2015-11-11 09:49:43 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-11 09:49:43 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-11 09:49:18 ----A---- C:\Windows\system32\InkEd.dll
2015-11-11 09:49:17 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-11 09:49:05 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-11 09:49:05 ----A---- C:\Windows\system32\wups2.dll
2015-11-11 09:49:05 ----A---- C:\Windows\system32\wups.dll
2015-11-11 09:49:05 ----A---- C:\Windows\system32\wudriver.dll
2015-11-11 09:49:05 ----A---- C:\Windows\system32\wucltux.dll
2015-11-11 09:49:05 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-11 09:49:05 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-11 09:49:05 ----A---- C:\Windows\system32\wuapp.exe
2015-11-11 09:49:05 ----A---- C:\Windows\system32\wuapi.dll
2015-11-11 09:49:05 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-11 09:49:04 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-11-08 07:23:00 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-11-19 11:05:17 ----D---- C:\Windows\Prefetch
2015-11-19 11:05:08 ----D---- C:\Program Files\trend micro
2015-11-19 11:04:28 ----D---- C:\Windows\temp
2015-11-19 10:56:22 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ViberPC
2015-11-19 10:55:57 ----A---- C:\Windows\VTWAIN.INI
2015-11-19 10:55:40 ----D---- C:\Windows\system32\config
2015-11-18 17:46:43 ----AD---- C:\Windows\System32
2015-11-18 17:46:42 ----D---- C:\Windows\inf
2015-11-18 17:46:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-18 10:38:48 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2015-11-16 21:27:32 ----D---- C:\Windows
2015-11-16 18:45:06 ----SHD---- C:\Windows\Installer
2015-11-16 17:47:27 ----D---- C:\Windows\debug
2015-11-12 12:48:59 ----D---- C:\Windows\winsxs
2015-11-12 08:49:56 ----SHD---- C:\System Volume Information
2015-11-12 08:31:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 20:01:05 ----D---- C:\Windows\system32\catroot2
2015-11-11 13:06:43 ----D---- C:\Windows\Microsoft.NET
2015-11-11 13:04:42 ----RSD---- C:\Windows\assembly
2015-11-11 12:47:01 ----D---- C:\Windows\system32\drivers
2015-11-11 12:47:00 ----D---- C:\Windows\system32\cs-CZ
2015-11-11 12:46:59 ----D---- C:\Windows\system32\migration
2015-11-11 12:46:59 ----D---- C:\Windows\system32\en-US
2015-11-11 12:46:58 ----D---- C:\Program Files\Internet Explorer
2015-11-11 12:46:55 ----D---- C:\Program Files\Windows Journal
2015-11-11 10:18:51 ----D---- C:\Windows\system32\MRT
2015-11-11 10:18:43 ----A---- C:\Windows\system32\MRT.exe
2015-11-09 14:59:56 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2015-11-09 06:55:09 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-11-08 16:39:40 ----RD---- C:\Users
2015-11-08 16:37:49 ----D---- C:\Windows\system32\Tasks
2015-11-08 16:37:09 ----D---- C:\Program Files\Common Files\Adobe
2015-11-08 16:37:07 ----D---- C:\Program Files\Adobe
2015-11-08 16:22:44 ----RD---- C:\Program Files
2015-11-05 15:24:52 ----D---- C:\Windows\LiveKernelReports
2015-11-03 14:41:01 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 60552]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2013-06-03 46096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 21576]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-07-14 202704]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-07-14 144536]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 46656]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-07-14 185176]
R3 5U876UVC;HP Webcam [2 MP series]; C:\Windows\system32\DRIVERS\5U876.sys [2009-11-13 114688]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2013-09-26 4268608]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 MLPTDR_N;MLPTDR_N; \??\C:\Windows\system32\MLPTDR_N.SYS [2003-07-18 18848]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-10-10 13464]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2015-03-02 115672]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2015-07-08 1353720]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-30 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-08 147624]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-23 1343400]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Blbý můžeš být,ale musíš si umět poradit...

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu PC

#2 Příspěvek od altrok »

Krasny den Vam preju :bye:


:arrow: Pozorujete na PC nejake konkretni problemy, ci jde pouze o preventivku?

:arrow: Odinstalujte :arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#3 Příspěvek od rakato11 »

Na PC zatím nepozoruji žádné změny, pouze se mi při návštěvě jistých stránek zablokoval prohlížeč (něco jako policejní vírus) ale po vypnutí PC a opětovném zapnutí bylo zase vše v pořádku.
Chtěl bych se zeptat, jakým způsobem mám odinstalovat "Skype Click to Call".
Blbý můžeš být,ale musíš si umět poradit...

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu PC

#4 Příspěvek od altrok »

Stisknete Win + R (klavesa Win je mezi levym Alt a levym Ctrl) a vepiste

appwiz.cpl

odentruje, v seznamu najdete Skype Click to Call, jednou na nej kliknete a v horni casti okna zvolte Odinstalovat.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#5 Příspěvek od rakato11 »

Děkuji za pomoc př odinstalaci Skype Click to Call a přikládám log z AdwCleaner:

# AdwCleaner v5.021 - Logfile created 20/11/2015 at 09:57:12
# Updated 14/11/2015 by Xplode
# Database : 2015-11-19.4 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Otakar VavreÄŤka - PC-OTAKAR
# Running from : C:\Users\Otakar VavreÄŤka\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : swdumon

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Applian Technologies
[-] Folder Deleted : C:\Program Files\DAP
[-] Folder Deleted : C:\Program Files\Common Files\Speedbit
[-] Folder Deleted : C:\ProgramData\Speedbit
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[-] Folder Deleted : C:\Users\Otakar VavreÄŤka\AppData\Local\slimware utilities inc
[-] Folder Deleted : C:\Users\Otakar VavreÄŤka\Documents\VNT
[#] Folder Deleted : C:\Windows\system32\Tasks\DriverCure

***** [ Files ] *****

[-] File Deleted : C:\Windows\system32\drivers\swdumon.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\uus3url-pl
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1644 bytes] ##########
Blbý můžeš být,ale musíš si umět poradit...

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu PC

#6 Příspěvek od altrok »

:arrow: Po ransomwaru (policejnim viru) zatim ani vidu ani slechu, ale preventivne vycistime tempy, kam se podobna havet rada uklada.


:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#7 Příspěvek od rakato11 »

FRST jsem stáhnul bez problémů ale FRSTLauncher.exe i po vypnutí rezidenčního štítu i kompletní vypnutí antivíru se mi nepodařilo stáhnout, už mi sice nevyskakovala hláška útočná stránka ale stále mi po stažení vypisuje ve stahování "Blokováno" a neuložilo se to na plochu. Co bych měl k tomu udělat?
Blbý můžeš být,ale musíš si umět poradit...

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu PC

#8 Příspěvek od altrok »

FRSTLauncher neni vyslovene nutny - postaci kdyz spustite samotny FRST.exe
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#9 Příspěvek od rakato11 »

Až nyní jsem zjistil že se mi na ploše uložily dva scany, poprvé mi také vyskočily nějaké dva, ty jsem zkopíroval a vložil do příspěvku ale nyní zjišťuji že se vůbec neodeslaly, takže nyní posílám co jsem nalezl na ploše, doufám že to jsou ty co potřebujete.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-11-2015
Ran by Otakar Vavrečka (administrator) on PC-OTAKAR (20-11-2015 10:59:51)
Running from C:\Users\Otakar Vavrečka\Desktop
Loaded Profiles: Otakar Vavrečka (Available Profiles: Otakar Vavrečka & Guest)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\SCANJET\PrecisionScanLT\hppwrsav.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) C:\Windows\System32\MSTMON_N.EXE
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Otakar Vavrečka\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
() C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\postak.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
(TB development & investment, s.r.o.) C:\Program Files\Mamemail\Mamemail Postak\Postak.exe
(Baptiste Girod) C:\Users\Otakar Vavrečka\Desktop\Gmail Notifier Plus.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hppwrsav] => C:\SCANJET\PrecisionScanLT\hppwrsav.exe [23552 1999-06-07] ()
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] => C:\Windows\system32\MSTMON_N.EXE [151552 2004-11-25] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [KONICA MINOLTA PagePro 1400W STD] => C:\Windows\system32\MSTMON_Y.EXE [184320 2006-03-01] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5089480 2015-07-08] (ESET)
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\...\Run: [MP3 Skype Recorder] => C:\Users\Otakar Vavrečka\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe [1544704 2014-08-08] ()
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\...\Run: [Seznam Postak] => C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\...\Run: [Viber] => C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] ()
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\...\Policies\Explorer: [NoSecurityTab] 0
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-12-22] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-12-22] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-12-22] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-12-22] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-12-22] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-12-22] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-05-14]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mámemail Pošťák.lnk [2015-07-12]
ShortcutTarget: Mámemail Pošťák.lnk -> C:\Program Files\Mamemail\Mamemail Postak\Postak.exe (TB development & investment, s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7B2E29D8-C151-4499-9A12-89D37C4D46F3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-505298747-3480647553-2469496864-1000 -> {AA1A8F4B-E651-4E8B-B7F0-B1F0544A65BF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default
FF Homepage: hxxp://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-505298747-3480647553-2469496864-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-505298747-3480647553-2469496864-1000: @talk.google.com/O1DPlugin -> C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-505298747-3480647553-2469496864-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-505298747-3480647553-2469496864-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Otakar Vavrečka\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Otakar Vavrečka\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Widevine Media Optimizer - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-09-03] [not signed]
FF Extension: Video DownloadHelper - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.99\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Otakar Vavreka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Otakar Vavreka\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll => No File
CHR Profile: C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-15]
CHR Extension: (Disk Google) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-07-15]
CHR Extension: (Seznam Litika - Slovnk) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-01-14]
CHR Extension: (YouTube) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-15]
CHR Extension: (Avast Online Security) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-15]
CHR Extension: (Skype Click to Call) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-15]
CHR Extension: (Peněženka Google) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-15]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-15]
CHR Extension: (Gmail) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1353720 2015-07-08] (ESET)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [114688 2009-11-13] (Ricoh co.,Ltd.)
R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202704 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [144536 2015-07-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [185176 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [46656 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [60552 2015-07-14] (ESET)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S2 MLPTDR_N; C:\Windows\system32\MLPTDR_N.SYS [18848 2003-07-18] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [457856 2007-06-14] (PixArt Imaging Inc.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2013-06-03] (Corel Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-20 10:59 - 2015-11-20 11:00 - 00016641 _____ C:\Users\Otakar Vavrečka\Desktop\FRST.txt
2015-11-20 10:58 - 2015-11-20 10:59 - 00000000 ____D C:\FRST
2015-11-20 10:20 - 2015-11-20 10:20 - 01391104 _____ (Farbar) C:\Users\Otakar Vavrečka\Desktop\FRST.exe
2015-11-20 09:55 - 2015-11-20 10:04 - 00000000 ____D C:\AdwCleaner
2015-11-20 09:52 - 2015-11-20 09:52 - 01732096 _____ C:\Users\Otakar Vavrečka\Desktop\adwcleaner_5.021.exe
2015-11-19 23:39 - 2015-11-19 23:41 - 48128128 _____ (Skype Technologies S.A.) C:\Users\Otakar Vavrečka\Desktop\SkypeSetupFull.exe
2015-11-17 14:59 - 2015-11-17 16:59 - 00000000 ____D C:\Users\Otakar Vavrečka\Documents\TESCO-ClubCard
2015-11-16 21:27 - 2015-11-20 09:58 - 00000672 _____ C:\Windows\setupact.log
2015-11-16 21:27 - 2015-11-16 21:27 - 00000000 _____ C:\Windows\setuperr.log
2015-11-16 18:45 - 2015-11-16 18:45 - 00000951 _____ C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2015-11-16 18:45 - 2015-11-16 18:45 - 00000949 _____ C:\Users\Otakar Vavrečka\Desktop\Viber.lnk
2015-11-16 18:45 - 2015-11-16 18:45 - 00000000 ____D C:\Users\Otakar Vavrečka\.ViberPC
2015-11-16 18:45 - 2015-11-16 18:45 - 00000000 ____D C:\Users\Otakar Vavrečka\.QtWebEngineProcess
2015-11-16 18:44 - 2015-11-16 18:45 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2015-11-16 18:44 - 2015-11-16 18:45 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Local\Viber
2015-11-16 18:44 - 2015-11-16 18:44 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Local\Package Cache
2015-11-16 17:50 - 2015-11-16 17:50 - 00016812 _____ C:\Users\Otakar Vavrečka\Documents\cc_20151116_175029.reg
2015-11-14 20:08 - 2015-11-14 20:26 - 00000000 ____D C:\Users\Otakar Vavrečka\Downloads\Doktor Martin
2015-11-12 08:39 - 2015-11-03 18:46 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 09:51 - 2015-10-13 17:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 09:51 - 2015-10-13 17:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 09:50 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 09:50 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 09:50 - 2015-10-30 23:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 09:50 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 09:50 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 09:50 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 09:50 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 09:50 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 09:50 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 09:50 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 09:50 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 09:50 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 09:50 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 09:50 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 09:50 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 09:50 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 09:50 - 2015-10-30 23:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 09:50 - 2015-10-30 23:31 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 09:50 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 09:50 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 09:50 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 09:50 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 09:50 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 09:50 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 09:50 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 09:50 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 09:50 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 09:50 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 09:50 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 09:50 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 09:50 - 2015-10-30 23:09 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 09:50 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 09:50 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 09:50 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 09:50 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 09:50 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 09:50 - 2015-10-20 01:52 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 09:50 - 2015-10-20 01:52 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 09:50 - 2015-10-20 01:48 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 09:50 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 09:50 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 09:50 - 2015-10-20 01:45 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 09:50 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 09:50 - 2015-10-20 01:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 09:50 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 09:50 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 09:50 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 09:50 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 09:50 - 2015-10-20 00:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 09:50 - 2015-10-20 00:28 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 09:50 - 2015-10-20 00:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 09:50 - 2015-10-13 05:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 09:49 - 2015-10-20 18:46 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 09:49 - 2015-10-20 18:46 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 09:49 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 09:49 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 09:49 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 09:49 - 2015-10-20 18:46 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 09:49 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 09:49 - 2015-10-20 18:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 09:49 - 2015-10-20 18:45 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 09:49 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 09:49 - 2015-10-20 18:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 09:49 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 09:49 - 2015-10-01 18:50 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 09:49 - 2015-09-23 14:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 09:49 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-08 16:39 - 2015-11-08 16:39 - 00000000 ____D C:\Users\Otakar Vavre�ka\AppData\Local\Adobe
2015-11-08 16:39 - 2015-11-08 16:39 - 00000000 ____D C:\Users\Otakar Vavre�ka
2015-11-08 16:39 - 2015-11-08 16:39 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Local\CEF
2015-11-08 16:37 - 2015-11-12 07:50 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-08 07:23 - 2015-11-08 16:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-02 05:48 - 2015-11-12 07:48 - 00000000 ____D C:\Users\Otakar Vavrečka\Downloads\Četnické humoresky

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-20 10:31 - 2014-10-15 19:11 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-20 10:17 - 2011-02-22 14:31 - 01056515 _____ C:\Windows\WindowsUpdate.log
2015-11-20 10:06 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-20 10:06 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-20 10:00 - 2014-09-15 16:27 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\ViberPC
2015-11-20 09:58 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-20 09:50 - 2011-05-21 07:43 - 00000039 _____ C:\Windows\VTWAIN.INI
2015-11-20 09:47 - 2011-02-22 23:03 - 00000000 ___RD C:\Program Files\Skype
2015-11-19 23:46 - 2011-02-22 23:03 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2015-11-19 23:42 - 2011-02-22 23:03 - 00000000 ____D C:\ProgramData\Skype
2015-11-19 11:06 - 2015-09-14 18:40 - 00000000 ____D C:\rsit
2015-11-19 11:05 - 2015-09-14 18:40 - 00000000 ____D C:\Program Files\trend micro
2015-11-18 17:46 - 2011-02-22 14:51 - 01587926 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-18 10:38 - 2013-04-10 07:18 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2015-11-16 18:45 - 2011-02-22 15:02 - 00000000 ____D C:\Users\Otakar Vavrečka
2015-11-12 12:48 - 2009-07-14 05:53 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-12 12:48 - 2009-07-14 05:33 - 00298624 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 08:31 - 2012-04-03 10:08 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-12 08:31 - 2011-05-18 11:42 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-11 13:06 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-11-11 12:46 - 2009-07-14 08:49 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 10:24 - 2013-08-14 06:58 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 10:18 - 2011-02-23 08:18 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-09 06:55 - 2014-11-03 21:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-08 16:39 - 2014-08-28 14:44 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Local\Adobe
2015-11-08 16:37 - 2011-06-17 08:08 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-11-08 16:37 - 2011-06-17 08:08 - 00000000 ____D C:\Program Files\Adobe
2015-11-08 07:03 - 2015-05-19 09:04 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Děravý kotel
2015-11-05 15:24 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\LiveKernelReports
2015-10-29 10:51 - 2015-09-29 06:53 - 00000000 ____D C:\Users\Otakar Vavrečka\Downloads\První republika

==================== Files in the root of some directories =======

2015-05-07 05:06 - 2015-05-07 05:06 - 0087608 _____ () C:\Users\Otakar Vavrečka\AppData\Roaming\inst.exe
2015-05-07 05:06 - 2015-05-07 05:06 - 0007887 _____ () C:\Users\Otakar Vavrečka\AppData\Roaming\pcouffin.cat
2015-05-07 05:06 - 2015-05-07 05:06 - 0001144 _____ () C:\Users\Otakar Vavrečka\AppData\Roaming\pcouffin.inf
2015-05-07 05:06 - 2015-05-07 05:06 - 0000055 _____ () C:\Users\Otakar Vavrečka\AppData\Roaming\pcouffin.log
2015-05-07 05:06 - 2015-05-07 05:06 - 0047360 _____ (VSO Software) C:\Users\Otakar Vavrečka\AppData\Roaming\pcouffin.sys
2011-08-28 17:17 - 2015-05-07 05:05 - 0001189 _____ () C:\Users\Otakar Vavrečka\AppData\Roaming\vso_ts_preview.xml
2012-03-07 11:43 - 2014-04-01 07:43 - 0012288 _____ () C:\Users\Otakar Vavrečka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-08-28 09:31 - 2011-08-28 09:31 - 0000061 _____ () C:\Users\Otakar Vavrečka\AppData\Local\SRDownloader.err
2011-07-07 06:28 - 2013-06-10 20:39 - 0000888 _____ () C:\Users\Otakar Vavrečka\AppData\Local\SRDownloader.nast
2011-08-06 11:27 - 2011-08-06 11:27 - 0000000 _____ () C:\Users\Otakar Vavrečka\AppData\Local\{C9479304-8CCB-45C2-B189-3DC354E03AA2}
2011-02-22 23:05 - 2011-02-22 23:05 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some files in TEMP:
====================
C:\Users\Otakar Vavrečka\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-17 15:44

==================== End of FRST.txt ============================
Blbý můžeš být,ale musíš si umět poradit...

Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#10 Příspěvek od rakato11 »

Additional scan result of Farbar Recovery Scan Tool (x86) Version:19-11-2015
Ran by Otakar Vavrečka (2015-11-20 11:01:10)
Running from C:\Users\Otakar Vavrečka\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-02-22 14:02:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-505298747-3480647553-2469496864-500 - Administrator - Disabled)
Guest (S-1-5-21-505298747-3480647553-2469496864-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-505298747-3480647553-2469496864-1002 - Limited - Enabled)
Otakar Vavrečka (S-1-5-21-505298747-3480647553-2469496864-1000 - Administrator - Enabled) => C:\Users\Otakar Vavrečka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personálny Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
AxCrypt 1.7.2976.0 (HKLM\...\{38350E9E-D50E-454A-BAFC-58BBDDBE08C4}) (Version: 1.7.2976.0 - Axantum Software AB)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.9.0.6 - Canon Inc.)
Canon PhotoRecord (HKLM\...\PhotoRecord) (Version: - )
Canon RAW Codec (HKLM\...\Canon RAW Codec) (Version: 1.7.0.56 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM\...\ImageBrowser EX) (Version: 1.2.1.13 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 04.00.00024 - CISRA)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.9.0.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CDBurnerXP (HKLM\...\{5932A5C4-BB44-4CFB-AD66-1B826F4D788B}) (Version: 4.3.8.2568 - Canneverbe Limited)
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cryptext (Remove Only) (HKLM\...\CryptextNT4) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
doPDF 7.2 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
EAGLE 6.4.0 (HKLM\...\EAGLE 6.4.0) (Version: 6.4.0 - CadSoft Computer GmbH)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
ESET Smart Security (HKLM\...\{B875AF8F-C39F-4109-B1DA-B204420F1FC8}) (Version: 8.0.319.1 - ESET, spol s r. o.)
Eusing Free MP3 Cutter (HKLM\...\Eusing Free MP3 Cutter) (Version: - )
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FastStone Image Viewer 4.6 (HKLM\...\FastStone Image Viewer) (Version: 4.6 - FastStone Soft)
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Drive (HKLM\...\{240D2B48-E06E-446F-A806-01CF36882EB7}) (Version: 1.19.8268.4572 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
HP PrecisionScan LT Software (HKLM\...\HP PrecisionScan LT Software) (Version: - )
HP Support Solutions Framework (HKLM\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0 - Roxio)
Chinese Traditional Fonts Support For Adobe Reader X (HKLM\...\{AC76BA86-7AD7-2448-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
ICQ7.6 (HKLM\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
Integrated Camera Driver Installer Package Ver.1.33.110.0 (HKLM\...\{B0344B38-378B-47E0-BDCC-977785D24768}) (Version: 1.33.110.0 - BISON)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
KONICA MINOLTA PagePro 1300W (HKLM\...\KONICA MINOLTA PagePro 1300W) (Version: - )
KONICA MINOLTA PagePro 1400W (HKLM\...\KONICA MINOLTA PagePro 1400W) (Version: - )
Mámemail Pošťák verze 1.3 (HKLM\...\{FF58C679-3D55-4F3C-90CF-A5F026710AE0}_is1) (Version: 1.3 - Mamemail.cz)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 cs) (HKLM\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MP3 Skype recorder (HKLM\...\{78A8FADA-B8DF-4AA4-AED7-C91EE58EB7E9}) (Version: 4.6.1.0 - Alexander Nikiforov)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1029}) (Version: 7.03.1152 - Nero AG)
Odinstalace tiskárny EPSON Stylus SX200 Series (HKLM\...\EPSON Stylus SX200 Series) (Version: - SEIKO EPSON Corporation)
OpenOffice.org 3.3 (HKLM\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Revo Uninstaller Pro 2.5.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.8 - VS Revo Group, Ltd.)
Seznam Pošťák 2 (Pouze já.) (HKU\S-1-5-21-505298747-3480647553-2469496864-1000\...\szn-software-postak) (Version: - )
Skype™ 7.14 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.104 - Skype Technologies S.A.)
sPlan 7.0 (Demo) (HKLM\...\sPlan_70_Demo_is1) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.88 - TuneUp Software) Hidden
Uschovna.cz 1.1.0 (HKLM\...\{8531A154-5045-4E32-885A-391F750C5DE2}_is1) (Version: 1.1.0 - Capsa.cz)
Viber (HKU\S-1-5-21-505298747-3480647553-2469496864-1000\...\{7de2db6a-6f4b-4b45-82b9-57d5d7f1c952}) (Version: 5.4.0.1664 - Viber Media Inc.)
Viber (Version: 5.4.0.1664 - Viber Media Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
X-Lite 3.0 (HKLM\...\X-Lite 3.0_is1) (Version: - CounterPath Solutions Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.28.13\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{EA837F47-5AD1-443E-AE34-FFE03CBF3099}\InprocServer32 -> C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\core.4.dll ()
CustomCLSID: HKU\S-1-5-21-505298747-3480647553-2469496864-1000_Classes\CLSID\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}\InprocServer32 -> C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\core.4.dll ()

==================== Restore Points =========================

16-09-2015 07:42:44 ComboFix created restore point
16-09-2015 11:07:34 Windows Zálohování
02-10-2015 09:33:00 Naplánovaný kontrolní bod
07-10-2015 08:11:29 Windows Zálohování
15-10-2015 08:42:59 Windows Update
08-11-2015 06:46:45 Windows Zálohování
11-11-2015 10:11:17 Windows Update
12-11-2015 08:49:39 Windows Update
20-11-2015 09:46:42 Removed Skype Click to Call

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2015-09-15 20:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01CA5ECE-9DAC-47A1-B33B-8849370604AE} - System32\Tasks\{142BAA19-9C0E-4940-AD01-37838C9BCCD2} => pcalua.exe -a "H:\HP ProBook 4710s\Programy\irfanview_lang_czech.exe" -d "H:\HP ProBook 4710s\Programy"
Task: {0A7BBC7F-EA44-49DA-9F98-DFDF996615CC} - System32\Tasks\{8837DE81-A262-4804-A9DA-948CC5CFBF46} => C:\Users\Otakar Vavrečka\Desktop\dotnetfx35.exe
Task: {0BCECAD3-7E41-45C9-A909-173030123F94} - System32\Tasks\{E84A7D35-4C89-405E-B541-1ED3B040A08F} => pcalua.exe -a "C:\Program Files\Alwil Software\Avast5\aswRunDll.exe" -c "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Task: {0FC0CAF7-7267-4D67-9BCD-ECAB9A2B3BB1} - System32\Tasks\{EDA0F073-4ABE-443A-B014-97165BCDDC37} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\iview428_setup.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
Task: {134F6F98-8CE4-459F-BDF5-D2C56B9F0796} - System32\Tasks\{FF406F8A-6A3E-44F5-95D2-358E780EBEB1} => C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
Task: {14340666-4E99-4AB2-8267-897E54EB3322} - System32\Tasks\{8895351E-60C9-4702-A806-956922D6BED9} => pcalua.exe -a D:\Programy-1\DISK1\instmsiw.exe -d D:\Programy-1\DISK1
Task: {19BEF07A-955C-49B9-86E7-3D1E4776595E} - System32\Tasks\{F10D7645-90FB-4D11-A4AA-2B5B2F604664} => C:\Program Files\YTD\ytd.exe
Task: {1B37094A-8A26-4970-9610-9CF981C4AFB2} - System32\Tasks\{F0150743-E3C6-4235-96B0-40D74873D707} => C:\Users\Otakar Vavrečka\Desktop\JDownloaderSetup.exe
Task: {1DE01025-3372-47F9-88C1-6D253B3C4001} - System32\Tasks\{13FBC005-0AF3-4F20-9DF1-36508DE5DFDB} => C:\Users\Otakar Vavrečka\Desktop\MP3SkypeRecorderSetup.exe
Task: {1E97DEFE-56CD-43DA-9D17-E238D9194780} - \DriverCure -> No File <==== ATTENTION
Task: {215520DF-96FC-4AAF-80B5-F904AA44FE80} - System32\Tasks\{CAE32497-34EF-4452-840C-6F4750A66D63} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\irfanview_lang_czech.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
Task: {26C3DD70-DB9D-4D7E-91BB-5969D8C67A06} - System32\Tasks\{C604AE1E-7C34-4608-A678-595AF7F1A99C} => pcalua.exe -a D:\Programy-1\DISK1.exe -d "C:\Program Files\Mozilla Firefox"
Task: {319C6C21-DA9D-40B9-8EDD-6E7F490B1911} - System32\Tasks\{11AB4839-9909-4AA7-AD14-EA2EAFA4D911} => C:\Program Files\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe
Task: {3281551C-7D20-4899-932E-F0018120255E} - System32\Tasks\{045415CC-4E58-4BEC-806E-1516B880BF6A} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\dotnetfx35.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
Task: {3961B420-6CC1-45A7-B0E7-0F6506D295DA} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8b84abba174e => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {43C923F3-181F-475E-AFB1-7F1D558BF17E} - System32\Tasks\{9DD98C8C-DB7E-45AC-A2EA-747230BE7BA7} => pcalua.exe -a C:\Windows\TEMP\avast_ash\IrfanView\iview436_setup.exe -d "C:\Program Files\Alwil Software\Avast5"
Task: {43DADBC6-5DB2-458E-9DFA-661F3B1398F1} - System32\Tasks\{908E8E1E-34BB-4E25-AD7D-659690B567CE} => pcalua.exe -a F:\fscommand\Axesstel_setup.exe -d F:\fscommand
Task: {4EE6A2BA-7990-4F86-8867-334628CADAB6} - System32\Tasks\{DD1C4CF9-D463-44F7-B6D2-86D3B38235DF} => pcalua.exe -a D:\Programy-1\ytd-1.25.exe -d D:\Programy-1
Task: {54376E78-6CA9-4998-A5D0-DBFA2CD65D9F} - System32\Tasks\{F3CE23B2-382B-4090-99F1-EB7797659BA4} => pcalua.exe -a "H:\HP ProBook 4710s\Programy\iview428_setup.exe" -d "C:\Program Files\Mozilla Firefox"
Task: {5FFB1B8A-F0CA-4720-92F6-062239102816} - System32\Tasks\{068453C5-3191-4ADA-B908-C38F8F14D343} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\irfanview_plugins_437_setup.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
Task: {62000A84-ACDA-4405-A2D6-A582ADF3DE4B} - System32\Tasks\{E5C04774-ADA0-4A6D-8E5F-391C25EFA465} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\ytd-1.37.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
Task: {645FBD8A-72E7-4021-A829-421277350432} - System32\Tasks\{3DCF8AC0-DA6C-4053-A69A-17CDB994687B} => pcalua.exe -a "D:\Technické informace\vtrafo_sk.exe" -d C:\Windows\system32
Task: {77C6E1D2-8A82-4730-BD7D-4F38028C1463} - System32\Tasks\{61B6B0A7-4511-4901-8DB8-333244336D38} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\irfanview_plugins_428_setup.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
Task: {78FBEE89-AD89-42C4-B0CA-DD991F82C297} - System32\Tasks\{78E18393-85E9-44A2-8555-42F0B555C029} => pcalua.exe -a "H:\HP ProBook 4710s\Programy\irfanviewcestina.exe" -d "C:\Program Files\Mozilla Firefox"
Task: {7AE9E902-50B9-4CA7-84BE-7A03382C5025} - System32\Tasks\{B3A2F1D8-3678-4AE8-A095-EB4347B4A183} => pcalua.exe -a D:\Programy-1\ScreenShots.exe -d D:\Programy-1
Task: {82EDEADF-7EFD-425A-B27A-B00936ED9D8A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)
Task: {8D45D09F-555B-4C3D-BFE7-B820990D8463} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6a811f49157b => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {8D49C830-D50C-4FF2-9CC3-444A2DC8C7FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {9052753E-B964-4F7D-9F1A-9F914FD7F9C6} - System32\Tasks\{1F3A9C16-7D5A-43D2-B156-63EEC906B679} => C:\Users\Otakar Vavrečka\Desktop\postak-ff-2.5.1.exe
Task: {92E539F0-0FCE-425C-99DA-3BCA1A10F3E5} - System32\Tasks\{8D825067-AE29-4B2E-8F29-A5E09FC271B7} => pcalua.exe -a "C:\Program Files\YTD\setup.exe" -d "C:\Program Files\YTD"
Task: {97D01D4B-51AA-45BC-A9C7-FCD3A29EDAAF} - System32\Tasks\Replay Media Catcher 5 837966d0-c273-42b8-9c4d-973ff1be780e => C:\Program Files\Applian Technologies\Replay Media Catcher 5\jrmcp.exe
Task: {99C95823-5400-4F5E-A907-4C716DED4F45} - System32\Tasks\{D1CF8CA1-868F-4B6C-921C-972E5CB37228} => pcalua.exe -a "D:\Programy-1\DISK1(Návrh jednofázových síťových transformátorů).exe" -d D:\Programy-1
Task: {9C28D74C-B290-4386-92E2-F6A140D0C6CD} - System32\Tasks\{0008BE56-C856-44F1-826D-C36F64BB1287} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\irfanviewcestina.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
Task: {A3A33684-C8AE-4437-8D62-145F4C74EC7C} - System32\Tasks\DriverCure Startup => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: {A949EBC3-90AC-4902-ABFD-74CBF6D6FFBB} - System32\Tasks\{7478DCFE-FF91-47C5-9F7A-ED2100B4BE61} => C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
Task: {AA808BA3-C14E-4657-8B96-24612DE1D39F} - System32\Tasks\Replay Media Catcher 5 6c9010b1-62d5-4d93-8351-7c593cf756ca => C:\Program Files\Applian Technologies\Replay Media Catcher 5\jrmcp.exe
Task: {AAD26270-F12A-450E-AD58-F3A853804F9D} - System32\Tasks\{2BB4CBEF-9D48-4749-958E-6EE6D4E39FB8} => pcalua.exe -a "H:\HP ProBook 4710s\Programy\iview420_setup.exe" -d "H:\HP ProBook 4710s\Programy"
Task: {AFB4098E-4242-43DC-A9CB-038922DEEEB8} - System32\Tasks\{3A84B831-9645-466B-AF28-4E8BC64EBB57} => C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
Task: {B09B1B9D-B3F8-4264-AA87-EBC5AF117C7D} - System32\Tasks\{A69F86CE-B4FE-4FF5-993F-0B71EB47E6DB} => pcalua.exe -a "D:\Programy-1\irfanview_lang_czech-Pro verzi 4.30.exe" -d D:\Programy-1
Task: {B18AD166-8E83-4F2C-AD31-009ECC0EF616} - System32\Tasks\{9D52FDE3-F20B-4686-8DD0-2EBF00DB6704} => C:\Program Files\LibreOffice 3\program\soffice.exe
Task: {BB8D6DC3-4848-4482-BC04-349C3860819C} - System32\Tasks\{98A70D07-498F-4BC2-AF84-3310688F2CFE} => C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe [2010-10-04] ()
Task: {BDC105AB-4519-47C0-9E9C-EA6A7E595921} - System32\Tasks\{DB39F503-5081-4645-94B0-FE40C9C0E720} => D:\Programy-1\MP3SkypeRecorderSetup.exe [2013-10-10] ()
Task: {C1A3A4FA-0F9B-4658-95C8-2D270770F2E0} - System32\Tasks\{61618E6E-6896-40BD-9067-11233F76E6BD} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {C794E32C-A489-4CBD-A342-4D6B010D9689} - System32\Tasks\{B826E4A4-24ED-4F5A-97A7-8F68847BCD73} => C:\Users\Otakar Vavrečka\Desktop\JDownloaderSetup.exe
Task: {DA372757-FD2E-4146-A764-A902379CD7CD} - System32\Tasks\{9B039347-33BD-49D9-80C0-367F2A397655} => C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe [2010-10-04] ()
Task: {E0B6E7FB-9683-4783-BDCC-2AA8DB07B406} - System32\Tasks\{541CA25C-9E68-47EB-92EB-5DA80B6CA7B0} => pcalua.exe -a D:\Programy-1\irfanview_lang_czech.exe -d C:\Windows\system32
Task: {E13D5956-1075-42EB-807A-4ECEE387EF5D} - System32\Tasks\{4377EADB-F2F3-4484-B7AB-4681C56FD068} => C:\Users\Otakar Vavrečka\Desktop\dotNetFx35setup.exe
Task: {F6D60C21-7223-4D85-8B87-5181AC472DFA} - System32\Tasks\{BD8B9751-91CF-4733-8234-8642163D0119} => C:\Program Files\Skype\\Phone\Skype.exe [2015-11-05] (Skype Technologies S.A.)
Task: {FF2CB3C2-4BEB-481B-A68C-E501384883FD} - System32\Tasks\{110C381A-5642-470B-A060-54393638CE8D} => C:\Users\Otakar Vavrečka\Desktop\dotNetFx35setup.exe
Task: {FFB9CD4F-66D9-4484-B675-195000060F05} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2011-07-10 16:36 - 2001-10-28 16:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-02-28 22:44 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
1999-04-23 03:21 - 1999-04-23 03:21 - 00142848 _____ () C:\Windows\system32\ShellExt\Cryptext.dll
2011-04-21 21:21 - 1999-06-07 11:27 - 00023552 _____ () C:\SCANJET\PrecisionScanLT\hppwrsav.exe
2014-08-08 04:23 - 2014-08-08 04:23 - 01544704 _____ () C:\Users\Otakar Vavrečka\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
2015-01-24 21:54 - 2012-01-10 15:16 - 00491040 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\postak.exe
2015-01-24 21:54 - 2012-01-10 13:51 - 00822816 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\email.4.dll
2015-01-24 21:54 - 2012-01-10 13:51 - 01151520 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Seznam.cz\bin\core.4.dll
2014-10-23 20:19 - 2014-10-23 20:19 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-11-09 13:26 - 2015-11-09 13:26 - 51657424 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe
2015-11-09 13:19 - 2015-11-09 13:19 - 00089088 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\qfacebook.dll
2015-09-29 04:37 - 2015-09-29 04:37 - 00010240 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\libEGL.dll
2015-09-29 04:37 - 2015-09-29 04:37 - 01601536 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\libGLESv2.dll
2015-11-09 13:19 - 2015-11-09 13:19 - 00389632 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\imageformats\qsvg.dll
2015-09-29 04:58 - 2015-09-29 04:58 - 00012288 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\QtQuick.2\qtquick2plugin.dll
2015-09-29 17:25 - 2015-09-29 17:25 - 00690176 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-09-29 17:26 - 2015-09-29 17:26 - 00057856 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-09-29 04:58 - 2015-09-29 04:58 - 00012288 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\QtQuick\Window.2\windowplugin.dll
2015-09-29 05:04 - 2015-09-29 05:04 - 00184320 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\QtMultimedia\declarative_multimedia.dll
2015-09-29 04:58 - 2015-09-29 04:58 - 00044032 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\QtQml\StateMachine\qtqmlstatemachine.dll
2015-09-29 04:58 - 2015-09-29 04:58 - 00012288 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\QtQml\Models.2\modelsplugin.dll
2015-09-29 17:34 - 2015-09-29 17:34 - 00425984 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\QtLocation\declarative_location.dll
2015-09-29 05:03 - 2015-09-29 05:03 - 00065024 _____ () C:\Users\Otakar Vavrečka\AppData\Local\Viber\QtPositioning\declarative_positioning.dll
2012-08-30 12:46 - 2013-01-29 18:56 - 00069120 _____ () C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
2012-08-30 12:39 - 2013-01-29 18:45 - 00112128 _____ () C:\Program Files\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-505298747-3480647553-2469496864-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{19FB2FB0-57B0-4BA3-8DBB-DC472C7B4DB3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{C12D7CA6-15BB-47EC-8CA7-23933E88D22D}C:\program files\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files\counterpath\x-lite\x-lite.exe
FirewallRules: [UDP Query User{6A436787-7B16-469F-9F44-FC3FC0469E7D}C:\program files\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files\counterpath\x-lite\x-lite.exe
FirewallRules: [TCP Query User{9A70AE46-C4D9-4B10-BDBD-5402881E6D1A}C:\program files\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files\counterpath\x-lite\x-lite.exe
FirewallRules: [UDP Query User{7DFFE528-3065-4AC4-A3C2-5C44CE3ABCB1}C:\program files\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files\counterpath\x-lite\x-lite.exe
FirewallRules: [TCP Query User{E90E4A23-CF53-4C85-902D-E86CF4DCC1D7}C:\program files\icq7.5\icq.exe] => (Allow) C:\program files\icq7.5\icq.exe
FirewallRules: [UDP Query User{049F281A-D2AB-4D1F-853D-B84EFAC7C86F}C:\program files\icq7.5\icq.exe] => (Allow) C:\program files\icq7.5\icq.exe
FirewallRules: [{2BE19BC0-E07A-4BB1-9016-9B4D3AB215C3}] => (Allow) C:\Program Files\ICQ7.6\ICQ.exe
FirewallRules: [{CE36758B-9BEA-431C-A4E5-F8B4FB3AC211}] => (Allow) C:\Program Files\ICQ7.6\ICQ.exe
FirewallRules: [{7DAB9A18-A07A-4B18-A816-B6102C5D0385}] => (Allow) C:\Program Files\ICQ7.6\ICQ.exe
FirewallRules: [{2EACFA2A-F0D5-4F8C-8294-2568E5EA5FB7}] => (Allow) C:\Program Files\ICQ7.6\ICQ.exe
FirewallRules: [TCP Query User{4A8AEC46-0EEB-420A-96A8-741B6FD10681}C:\program files\icq7.5\icq.exe] => (Allow) C:\program files\icq7.5\icq.exe
FirewallRules: [UDP Query User{969C7F17-F2E3-4FDA-868C-120A541EC12C}C:\program files\icq7.5\icq.exe] => (Allow) C:\program files\icq7.5\icq.exe
FirewallRules: [{F8036CE2-7026-4673-A991-D73F805113F0}] => (Allow) LPort=2869
FirewallRules: [{54C06B4D-5386-430F-B9E1-0A8D212B0D60}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{0B8C7F57-9146-400A-A0CF-5FF70A101C27}C:\program files\icq7.6\icq.exe] => (Allow) C:\program files\icq7.6\icq.exe
FirewallRules: [UDP Query User{FCB83ECD-3216-4505-B939-EE65EED7E084}C:\program files\icq7.6\icq.exe] => (Allow) C:\program files\icq7.6\icq.exe
FirewallRules: [{2F5ED779-D282-4211-857F-FDBFAD58A1D5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{0E16DEA9-25A3-48A8-A05B-4D7D9D3C99C4}] => (Allow) C:\Users\Otakar Vavrečka\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{58157869-02A9-4224-AD87-A2372AACCE46}] => (Allow) C:\Users\Otakar Vavrečka\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{F8F4AA5B-7A50-4451-9A8D-8806FE234460}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{E971F3A4-CA71-463B-8F96-11F3AC755476}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FBAD154A-E5E7-4E2A-B135-078B5530CBFA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C1AAEF9C-2F2C-40FB-91AE-CFA31C9E4288}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E0D5F073-CCD7-406D-B5A9-51A535DE6705}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/16/2015 05:51:10 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-505298747-3480647553-2469496864-1000}/>.

Error: (11/16/2015 05:49:35 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-505298747-3480647553-2469496864-1000}/>.

Error: (11/16/2015 05:47:19 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-505298747-3480647553-2469496864-1000}/>.

Error: (11/15/2015 04:12:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 42.0.0.5780, časové razítko: 0x5632d0a4
Název chybujícího modulu: mozglue.dll, verze: 42.0.0.5780, časové razítko: 0x5632ba58
Kód výjimky: 0x80000003
Posun chyby: 0x0000ed50
ID chybujícího procesu: 0x1230
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3

Error: (11/02/2015 05:52:33 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy H:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (10/29/2015 11:02:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vlc.exe, verze: 2.2.1.0, časové razítko: 0x00000004
Název chybujícího modulu: libqt4_plugin.dll, verze: 2.2.1.0, časové razítko: 0x00020002
Kód výjimky: 0x40000015
Posun chyby: 0x007ca10a
ID chybujícího procesu: 0x470
Čas spuštění chybující aplikace: 0xvlc.exe0
Cesta k chybující aplikaci: vlc.exe1
Cesta k chybujícímu modulu: vlc.exe2
ID zprávy: vlc.exe3

Error: (10/07/2015 08:02:57 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-505298747-3480647553-2469496864-1000}/>.

Error: (10/07/2015 08:00:19 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-505298747-3480647553-2469496864-1000}/>.

Error: (10/01/2015 06:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy H:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (09/27/2015 09:25:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSTMON_N.EXE, verze: 1.6.1112.0, časové razítko: 0x405922b0
Název chybujícího modulu: MSTMON_N.EXE, verze: 1.6.1112.0, časové razítko: 0x405922b0
Kód výjimky: 0xc0000005
Posun chyby: 0x0000d2a4
ID chybujícího procesu: 0xd40
Čas spuštění chybující aplikace: 0xMSTMON_N.EXE0
Cesta k chybující aplikaci: MSTMON_N.EXE1
Cesta k chybujícímu modulu: MSTMON_N.EXE2
ID zprávy: MSTMON_N.EXE3


System errors:
=============
Error: (11/20/2015 09:58:13 AM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: Služba MLPTDR_N závisí na skupině Parallel arbitrator a žádný člen této skupiny nebyl spuštěn.

Error: (11/20/2015 09:58:10 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (11/20/2015 09:58:10 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (11/20/2015 09:57:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll

Error: (11/20/2015 09:57:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll

Error: (11/20/2015 09:57:24 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll

Error: (11/20/2015 09:57:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/20/2015 09:57:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/20/2015 09:57:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/20/2015 09:57:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz
Percentage of memory in use: 41%
Total physical RAM: 3066.27 MB
Available physical RAM: 1780.66 MB
Total Virtual: 6130.84 MB
Available Virtual: 4532.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:154.29 GB) (Free:38.52 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Nový zväzok) (Fixed) (Total:126.51 GB) (Free:5.27 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.92 GB) FAT32
Drive g: (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:8 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DCB86D34)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=300 MB) - (Type=42)
Partition 3: (Not Active) - (Size=154.3 GB) - (Type=42)
Partition 4: (Not Active) - (Size=143.5 GB) - (Type=42)

==================== End of Addition.txt ============================
Blbý můžeš být,ale musíš si umět poradit...

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu PC

#11 Příspěvek od altrok »

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
    CloseProcesses:
    HKU\S-1-5-21-505298747-3480647553-2469496864-1000\...\Policies\Explorer: [NoSecurityTab] 0
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-505298747-3480647553-2469496864-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    CHR Extension: (Skype Click to Call) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-15]
    2015-11-20 09:55 - 2015-11-20 10:04 - 00000000 ____D C:\AdwCleaner
    2015-11-20 09:52 - 2015-11-20 09:52 - 01732096 _____ C:\Users\Otakar Vavrečka\Desktop\adwcleaner_5.021.exe
    2015-11-19 23:39 - 2015-11-19 23:41 - 48128128 _____ (Skype Technologies S.A.) C:\Users\Otakar Vavrečka\Desktop\SkypeSetupFull.exe
    2015-11-19 11:06 - 2015-09-14 18:40 - 00000000 ____D C:\rsit
    2015-11-19 11:05 - 2015-09-14 18:40 - 00000000 ____D C:\Program Files\trend micro
    C:\Users\Otakar Vavrečka\AppData\Local\temp
    Task: {0A7BBC7F-EA44-49DA-9F98-DFDF996615CC} - System32\Tasks\{8837DE81-A262-4804-A9DA-948CC5CFBF46} => C:\Users\Otakar Vavrečka\Desktop\dotnetfx35.exe
    Task: {19BEF07A-955C-49B9-86E7-3D1E4776595E} - System32\Tasks\{F10D7645-90FB-4D11-A4AA-2B5B2F604664} => C:\Program Files\YTD\ytd.exe
    Task: {3281551C-7D20-4899-932E-F0018120255E} - System32\Tasks\{045415CC-4E58-4BEC-806E-1516B880BF6A} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\dotnetfx35.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
    Task: {43C923F3-181F-475E-AFB1-7F1D558BF17E} - System32\Tasks\{9DD98C8C-DB7E-45AC-A2EA-747230BE7BA7} => pcalua.exe -a C:\Windows\TEMP\avast_ash\IrfanView\iview436_setup.exe -d "C:\Program Files\Alwil Software\Avast5"
    Task: {4EE6A2BA-7990-4F86-8867-334628CADAB6} - System32\Tasks\{DD1C4CF9-D463-44F7-B6D2-86D3B38235DF} => pcalua.exe -a D:\Programy-1\ytd-1.25.exe -d D:\Programy-1
    Task: {62000A84-ACDA-4405-A2D6-A582ADF3DE4B} - System32\Tasks\{E5C04774-ADA0-4A6D-8E5F-391C25EFA465} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\ytd-1.37.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
    Task: {92E539F0-0FCE-425C-99DA-3BCA1A10F3E5} - System32\Tasks\{8D825067-AE29-4B2E-8F29-A5E09FC271B7} => pcalua.exe -a "C:\Program Files\YTD\setup.exe" -d "C:\Program Files\YTD"
    EmptyTemp:
    End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#12 Příspěvek od rakato11 »

Fix result of Farbar Recovery Scan Tool (x86) Version:20-11-2015
Ran by Otakar Vavrečka (2015-11-21 00:46:56) Run:1
Running from C:\Users\Otakar Vavrečka\Desktop
Loaded Profiles: Otakar Vavrečka (Available Profiles: Otakar Vavrečka & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\...\Policies\Explorer: [NoSecurityTab] 0
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR Extension: (Skype Click to Call) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-15]
2015-11-20 09:55 - 2015-11-20 10:04 - 00000000 ____D C:\AdwCleaner
2015-11-20 09:52 - 2015-11-20 09:52 - 01732096 _____ C:\Users\Otakar Vavrečka\Desktop\adwcleaner_5.021.exe
2015-11-19 23:39 - 2015-11-19 23:41 - 48128128 _____ (Skype Technologies S.A.) C:\Users\Otakar Vavrečka\Desktop\SkypeSetupFull.exe
2015-11-19 11:06 - 2015-09-14 18:40 - 00000000 ____D C:\rsit
2015-11-19 11:05 - 2015-09-14 18:40 - 00000000 ____D C:\Program Files\trend micro
C:\Users\Otakar Vavrečka\AppData\Local\temp
Task: {0A7BBC7F-EA44-49DA-9F98-DFDF996615CC} - System32\Tasks\{8837DE81-A262-4804-A9DA-948CC5CFBF46} => C:\Users\Otakar Vavrečka\Desktop\dotnetfx35.exe
Task: {19BEF07A-955C-49B9-86E7-3D1E4776595E} - System32\Tasks\{F10D7645-90FB-4D11-A4AA-2B5B2F604664} => C:\Program Files\YTD\ytd.exe
Task: {3281551C-7D20-4899-932E-F0018120255E} - System32\Tasks\{045415CC-4E58-4BEC-806E-1516B880BF6A} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\dotnetfx35.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
Task: {43C923F3-181F-475E-AFB1-7F1D558BF17E} - System32\Tasks\{9DD98C8C-DB7E-45AC-A2EA-747230BE7BA7} => pcalua.exe -a C:\Windows\TEMP\avast_ash\IrfanView\iview436_setup.exe -d "C:\Program Files\Alwil Software\Avast5"
Task: {4EE6A2BA-7990-4F86-8867-334628CADAB6} - System32\Tasks\{DD1C4CF9-D463-44F7-B6D2-86D3B38235DF} => pcalua.exe -a D:\Programy-1\ytd-1.25.exe -d D:\Programy-1
Task: {62000A84-ACDA-4405-A2D6-A582ADF3DE4B} - System32\Tasks\{E5C04774-ADA0-4A6D-8E5F-391C25EFA465} => pcalua.exe -a "C:\Users\Otakar Vavrečka\Desktop\ytd-1.37.exe" -d "C:\Users\Otakar Vavrečka\Desktop"
Task: {92E539F0-0FCE-425C-99DA-3BCA1A10F3E5} - System32\Tasks\{8D825067-AE29-4B2E-8F29-A5E09FC271B7} => pcalua.exe -a "C:\Program Files\YTD\setup.exe" -d "C:\Program Files\YTD"
EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-505298747-3480647553-2469496864-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSecurityTab => value removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-505298747-3480647553-2469496864-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\Otakar Vavrečka\Desktop\adwcleaner_5.021.exe => moved successfully
"C:\Users\Otakar Vavrečka\Desktop\SkypeSetupFull.exe" => not found.
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully

"C:\Users\Otakar Vavrečka\AppData\Local\temp" folder move:

Could not move "C:\Users\Otakar Vavrečka\AppData\Local\temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A7BBC7F-EA44-49DA-9F98-DFDF996615CC}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A7BBC7F-EA44-49DA-9F98-DFDF996615CC}" => key removed successfully.
C:\Windows\System32\Tasks\{8837DE81-A262-4804-A9DA-948CC5CFBF46} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8837DE81-A262-4804-A9DA-948CC5CFBF46}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19BEF07A-955C-49B9-86E7-3D1E4776595E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19BEF07A-955C-49B9-86E7-3D1E4776595E}" => key removed successfully.
C:\Windows\System32\Tasks\{F10D7645-90FB-4D11-A4AA-2B5B2F604664} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F10D7645-90FB-4D11-A4AA-2B5B2F604664}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3281551C-7D20-4899-932E-F0018120255E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3281551C-7D20-4899-932E-F0018120255E}" => key removed successfully.
C:\Windows\System32\Tasks\{045415CC-4E58-4BEC-806E-1516B880BF6A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{045415CC-4E58-4BEC-806E-1516B880BF6A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43C923F3-181F-475E-AFB1-7F1D558BF17E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43C923F3-181F-475E-AFB1-7F1D558BF17E}" => key removed successfully.
C:\Windows\System32\Tasks\{9DD98C8C-DB7E-45AC-A2EA-747230BE7BA7} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9DD98C8C-DB7E-45AC-A2EA-747230BE7BA7}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EE6A2BA-7990-4F86-8867-334628CADAB6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EE6A2BA-7990-4F86-8867-334628CADAB6}" => key removed successfully.
C:\Windows\System32\Tasks\{DD1C4CF9-D463-44F7-B6D2-86D3B38235DF} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DD1C4CF9-D463-44F7-B6D2-86D3B38235DF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62000A84-ACDA-4405-A2D6-A582ADF3DE4B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62000A84-ACDA-4405-A2D6-A582ADF3DE4B}" => key removed successfully.
C:\Windows\System32\Tasks\{E5C04774-ADA0-4A6D-8E5F-391C25EFA465} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5C04774-ADA0-4A6D-8E5F-391C25EFA465}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92E539F0-0FCE-425C-99DA-3BCA1A10F3E5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92E539F0-0FCE-425C-99DA-3BCA1A10F3E5}" => key removed successfully.
C:\Windows\System32\Tasks\{8D825067-AE29-4B2E-8F29-A5E09FC271B7} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8D825067-AE29-4B2E-8F29-A5E09FC271B7}" => key removed successfully.
EmptyTemp: => 1.2 GB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-21 00:49:04)

C:\Users\Otakar Vavrečka\AppData\Local\temp => moved successfully

==== End of Fixlog 00:49:04 ====
Blbý můžeš být,ale musíš si umět poradit...

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu PC

#13 Příspěvek od altrok »

Takze jeste uklidime.
A pokud nejsou dotazy ci jine problemy, je to ode mne vse.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#14 Příspěvek od rakato11 »

Srdečně děkuji za Vaší ochotu mi pomoci a přeji hodně dalších úspěchů.
Blbý můžeš být,ale musíš si umět poradit...

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu PC

#15 Příspěvek od altrok »

Velice dekuji za prani. Nemate zac, rad jsem pomohl :worship:


Mejte se krasne a treba zase nekdy :bye:
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Zamčeno