Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
bitcoin miner
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: bitcoin miner
Zkusil jsem bod obnovy ten nepomohl a jeste k tomu se v pc obnovil i ten bitcoin zase tak to vypada ze mi nakonec nezbyde nic jineho nez reinstal win asi co?
Re: bitcoin miner
Toto zvladneme bez reinstalu 
Odpojte klavesnici, retsartujte PC a po najeti systemu klavesnici pripojte do jineho USB slotu.
O jakou klavesnici presne jedna? Bylo k ni instalacni medium?
Odpojte klavesnici, retsartujte PC a po najeti systemu klavesnici pripojte do jineho USB slotu.
O jakou klavesnici presne jedna? Bylo k ni instalacni medium?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: bitcoin miner
nefunguje ani po odpojedni jedna se o logitech G15 CD bych mozna jeste nekde nasel
Re: bitcoin miner
tak cd jsem nasel nainstaloval jedna se vsak pouze o control panel pro nastaveni tlacitek klavesnice stale nefunguje
Re: bitcoin miner
Zkuste se po nem podivat... Prinejhorsim pohledame web
Za hodinu dorazim k PC, tak toho minera zfouknem
Za hodinu dorazim k PC, tak toho minera zfouknem
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: bitcoin miner
tak zkusil jsem jeste jednou klavesnici pripojit do puvodniho USB a klavesnice naskocila tak tohle asi bude vyreseno nyni posila patecni FIXLOG
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-11-2014
Ran by Honza at 2014-11-07 14:59:23 Run:1
Running from K:\
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] ()
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\MountPoints2: {8805148b-2041-11e3-a8cc-00248c5b18e3} - L:\iStudio.exe
C:\Windows\inf\SYSTEM-x32.exe
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacKb00k.&?k.lnk
ShortcutTarget: FacKb00k.&?k.lnk -> (No File)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
U1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 ehdrv; system32\DRIVERS\ehdrv.sys [X]
R4 epfw; system32\DRIVERS\epfw.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 npkcusb; \??\C:\Program Files (x86)\Lineage II\System\npkcusb.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
C:\ProgramData\Conduit
C:\Program Files (x86)\BS_Player_ControlBar
C:\Program Files (x86)\Conduit
C:\Program Files (x86)\Tbccint
C:\Program Files (x86)\BS_Player_ControlBar
C:\Users\Honza\AppData\Local\Conduit
C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar
C:\Users\Honza\AppData\LocalLow\Conduit
C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\System-boot => value deleted successfully.
"HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8805148b-2041-11e3-a8cc-00248c5b18e3}" => Key deleted successfully.
"HKCR\CLSID\{8805148b-2041-11e3-a8cc-00248c5b18e3}" => Key not found.
C:\Windows\inf\SYSTEM-x32.exe => Moved successfully.
"C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacKb00k.&?k.lnk" => Could not move.
ShortcutTarget: FacKb00k.&?k.lnk -> (No File) not found.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
EpfwLWF => Service deleted successfully.
cpuz136 => Service deleted successfully.
eamonm => Unable to stop service
eamonm => Service deleted successfully.
ehdrv => Unable to stop service
ehdrv => Service deleted successfully.
epfw => Unable to stop service
epfw => Service deleted successfully.
GPUZ => Service deleted successfully.
IpInIp => Service deleted successfully.
npkcusb => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
"C:\ProgramData\Conduit" => File/Directory not found.
"C:\Program Files (x86)\BS_Player_ControlBar" => File/Directory not found.
"C:\Program Files (x86)\Conduit" => File/Directory not found.
"C:\Program Files (x86)\Tbccint" => File/Directory not found.
"C:\Program Files (x86)\BS_Player_ControlBar" => File/Directory not found.
"C:\Users\Honza\AppData\Local\Conduit" => File/Directory not found.
"C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar" => File/Directory not found.
"C:\Users\Honza\AppData\LocalLow\Conduit" => File/Directory not found.
"C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar" => File/Directory not found.
"C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 765.1 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-11-2014
Ran by Honza at 2014-11-07 14:59:23 Run:1
Running from K:\
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] ()
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\MountPoints2: {8805148b-2041-11e3-a8cc-00248c5b18e3} - L:\iStudio.exe
C:\Windows\inf\SYSTEM-x32.exe
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacKb00k.&?k.lnk
ShortcutTarget: FacKb00k.&?k.lnk -> (No File)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
U1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 ehdrv; system32\DRIVERS\ehdrv.sys [X]
R4 epfw; system32\DRIVERS\epfw.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 npkcusb; \??\C:\Program Files (x86)\Lineage II\System\npkcusb.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
C:\ProgramData\Conduit
C:\Program Files (x86)\BS_Player_ControlBar
C:\Program Files (x86)\Conduit
C:\Program Files (x86)\Tbccint
C:\Program Files (x86)\BS_Player_ControlBar
C:\Users\Honza\AppData\Local\Conduit
C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar
C:\Users\Honza\AppData\LocalLow\Conduit
C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\System-boot => value deleted successfully.
"HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8805148b-2041-11e3-a8cc-00248c5b18e3}" => Key deleted successfully.
"HKCR\CLSID\{8805148b-2041-11e3-a8cc-00248c5b18e3}" => Key not found.
C:\Windows\inf\SYSTEM-x32.exe => Moved successfully.
"C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacKb00k.&?k.lnk" => Could not move.
ShortcutTarget: FacKb00k.&?k.lnk -> (No File) not found.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
EpfwLWF => Service deleted successfully.
cpuz136 => Service deleted successfully.
eamonm => Unable to stop service
eamonm => Service deleted successfully.
ehdrv => Unable to stop service
ehdrv => Service deleted successfully.
epfw => Unable to stop service
epfw => Service deleted successfully.
GPUZ => Service deleted successfully.
IpInIp => Service deleted successfully.
npkcusb => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
"C:\ProgramData\Conduit" => File/Directory not found.
"C:\Program Files (x86)\BS_Player_ControlBar" => File/Directory not found.
"C:\Program Files (x86)\Conduit" => File/Directory not found.
"C:\Program Files (x86)\Tbccint" => File/Directory not found.
"C:\Program Files (x86)\BS_Player_ControlBar" => File/Directory not found.
"C:\Users\Honza\AppData\Local\Conduit" => File/Directory not found.
"C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar" => File/Directory not found.
"C:\Users\Honza\AppData\LocalLow\Conduit" => File/Directory not found.
"C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar" => File/Directory not found.
"C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 765.1 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: bitcoin miner
v pc je vlastne ale miner znovu kvuli restoru jak nesla ta klavesnice pockam tedy na Vas az dorazite
Re: bitcoin miner
Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=13&t=133100Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: bitcoin miner
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Honza (administrator) on HONZA-PC on 09-11-2014 21:25:31
Running from K:\
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(DeviceVM) C:\ASUS.SYS\config\DVMExportService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
(Allstar Group, s.r.o.) C:\Program Files\GamePark2\gpcl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7637536 2013-07-12] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2013-07-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2191632 2007-07-18] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [3036944 2007-07-18] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-09] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] ()
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\MountPoints2: {8805148b-2041-11e3-a8cc-00248c5b18e3} - L:\iStudio.exe
HKU\S-1-5-21-1823901968-3445124325-2316364854-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-18\...\Run: [Google Update] => "C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacKb00k.&○k.lnk
ShortcutTarget: FacKb00k.&○k.lnk -> (No File)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Officejet 6500 E710n-z.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Officejet 6500 E710n-z.lnk -> C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [62976] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\zio14vp1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> K:\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-07-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-07]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-12]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-12]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-12]
CHR Extension: (Avast Online Security) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-07]
CHR Extension: (Peněženka Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-07]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-07] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-07] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-07] (Avast Software)
R2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [323584 2008-11-26] (DeviceVM) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 acsint; C:\Windows\System32\DRIVERS\acsint64.sys [49520 2013-12-12] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux64.sys [73584 2013-12-12] (Cisco Systems, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-07] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-07] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2014-11-07] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [331504 2014-11-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-11-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-07] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-11-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-07] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-27] (Disc Soft Ltd)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-11-07] (Avast Software)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 npkcusb; \??\C:\Program Files (x86)\Lineage II\System\npkcusb.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-09 20:23 - 2014-11-09 20:24 - 00000247 _____ () C:\Windows\system32\2014-11-09-19-23-29.023-aswFe.exe-6000.log
2014-11-09 19:41 - 2014-11-09 20:23 - 00000247 _____ () C:\Windows\system32\2014-11-09-18-41-00.058-aswFe.exe-4704.log
2014-11-09 19:40 - 2014-11-09 19:41 - 00000197 _____ () C:\Windows\system32\2014-11-09-18-40-57.041-AvastVBoxSVC.exe-3216.log
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LgLcdSSDriver_01_00_00.Wdf
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\Users\Honza\AppData\Local\Logitech
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\ProgramData\Logitech
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\Program Files\Logitech
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-11-09 19:14 - 2014-11-09 19:14 - 00000197 _____ () C:\Windows\system32\2014-11-09-18-14-27.014-AvastVBoxSVC.exe-2348.log
2014-11-09 19:14 - 2014-11-09 19:14 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-09 19:14 - 2014-11-09 19:14 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-09 17:05 - 2014-11-09 17:05 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\poclbm
2014-11-09 17:03 - 2014-11-07 14:27 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-09 16:49 - 2014-11-09 16:49 - 00000247 _____ () C:\Windows\system32\2014-11-09-15-49-44.068-aswFe.exe-4864.log
2014-11-09 16:49 - 2014-11-09 16:49 - 00000197 _____ () C:\Windows\system32\2014-11-09-15-49-41.011-AvastVBoxSVC.exe-4100.log
2014-11-07 14:30 - 2014-11-07 14:30 - 00331504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-11-07 14:30 - 2014-11-07 14:30 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-07 14:30 - 2014-11-07 14:30 - 00012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2014-11-07 14:28 - 2014-11-07 14:28 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\AVAST Software
2014-11-07 14:27 - 2014-11-09 19:21 - 00000657 _____ () C:\Windows\setupact.log
2014-11-07 14:27 - 2014-11-09 17:03 - 00003838 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-07 14:27 - 2014-11-09 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-07 14:27 - 2014-11-07 14:27 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 01049920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1415366836185
2014-11-07 14:27 - 2014-11-07 14:27 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00082768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.1415366836185
2014-11-07 14:27 - 2014-11-07 14:27 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-07 14:27 - 2014-11-07 14:27 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:26 - 2014-11-07 14:26 - 00004714 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-07 14:26 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-07 14:25 - 2014-11-07 14:25 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-07 14:25 - 2014-11-07 14:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-07 14:12 - 2014-11-09 19:12 - 00014578 _____ () C:\Windows\PFRO.log
2014-11-07 14:10 - 2014-11-07 14:11 - 00000000 ____D () C:\AdwCleaner
2014-11-07 13:51 - 2014-11-09 21:25 - 00000000 ____D () C:\FRST
2014-11-06 20:12 - 2014-11-06 20:12 - 00003416 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Honza-PC-Honza
2014-11-06 20:04 - 2014-11-06 20:04 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-11-06 20:03 - 2014-11-06 20:04 - 00000000 ____D () C:\Program Files\Adobe
2014-11-06 20:03 - 2014-11-06 20:03 - 00001042 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-11-06 20:03 - 2014-11-06 20:03 - 00000981 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001350 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001188 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-11-06 20:01 - 2014-11-06 20:04 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-06 20:01 - 2014-11-06 20:01 - 00361836 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI3426.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00350768 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI3437.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00011580 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI3437.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00011564 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI3426.txt
2014-11-06 18:49 - 2014-11-06 18:49 - 00350766 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI7CAF.txt
2014-11-06 18:49 - 2014-11-06 18:49 - 00011580 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI7CAF.txt
2014-11-06 18:48 - 2014-11-06 18:48 - 00361836 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI7C9C.txt
2014-11-06 18:48 - 2014-11-06 18:48 - 00011564 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI7C9C.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00360736 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI568F.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00348980 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI5696.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00011532 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI568F.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00011516 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI5696.txt
2014-11-06 00:54 - 2014-11-06 20:12 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-06 00:51 - 2014-11-06 00:51 - 00439472 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI440A.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00435460 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI4424.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00011788 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI440A.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00011772 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI4424.txt
2014-10-24 21:24 - 2014-10-24 21:24 - 00000944 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Canneverbe Limited
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-17 08:59 - 2014-09-28 00:41 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 08:59 - 2014-09-17 07:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 08:59 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 08:57 - 2014-06-15 23:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 08:57 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 08:57 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 08:57 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 08:57 - 2014-06-13 18:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 08:57 - 2014-06-13 18:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-17 08:56 - 2014-09-05 00:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-16 19:24 - 2014-10-16 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 19:24 - 2014-10-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 13:21 - 2014-09-20 01:09 - 17867776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 13:21 - 2014-09-20 00:55 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 13:21 - 2014-09-20 00:54 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 13:21 - 2014-09-20 00:50 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 13:21 - 2014-09-20 00:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 13:21 - 2014-09-20 00:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 13:21 - 2014-09-20 00:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-16 13:21 - 2014-09-20 00:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 13:21 - 2014-09-20 00:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 13:21 - 2014-09-20 00:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-16 13:21 - 2014-09-20 00:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 13:21 - 2014-09-20 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-16 13:21 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 13:21 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 13:21 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 13:21 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 13:21 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 13:21 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 13:21 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-16 13:21 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 13:21 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 13:21 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-16 13:21 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-16 13:21 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-09 21:24 - 2006-11-02 16:22 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 21:24 - 2006-11-02 16:22 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 20:53 - 2013-07-12 00:01 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 20:27 - 2014-02-09 10:23 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2014-11-09 19:33 - 2014-06-08 20:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-09 19:32 - 2013-07-12 14:39 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\TS3Client
2014-11-09 19:31 - 2008-01-21 10:32 - 01621384 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 19:31 - 2008-01-21 10:31 - 00673934 _____ () C:\Windows\system32\perfh005.dat
2014-11-09 19:31 - 2008-01-21 10:31 - 00153016 _____ () C:\Windows\system32\perfc005.dat
2014-11-09 19:28 - 2008-01-21 02:53 - 01934220 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 19:25 - 2013-07-12 00:01 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 19:24 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 19:22 - 2006-11-02 16:42 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-09 19:21 - 2013-07-11 16:55 - 00000000 ____D () C:\Users\Honza
2014-11-09 18:10 - 2013-08-27 16:57 - 00000000 ____D () C:\Users\Honza\AppData\Local\Adobe
2014-11-09 17:01 - 2006-11-02 14:34 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-11-09 17:01 - 2006-11-02 13:33 - 68943872 _____ () C:\Windows\system32\config\software_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 56623104 _____ () C:\Windows\system32\config\components_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 109051904 _____ () C:\Windows\system32\config\system_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\default_previous
2014-11-09 17:00 - 2014-06-08 20:25 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-09 17:00 - 2014-05-04 17:20 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\fp
2014-11-09 17:00 - 2014-04-04 14:12 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-11-09 17:00 - 2014-03-13 22:52 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\MusE
2014-11-09 17:00 - 2014-01-12 18:59 - 00000000 ____D () C:\Users\Honza\Desktopstahovani chrome
2014-11-09 17:00 - 2014-01-12 18:58 - 00000000 ____D () C:\Users\Honza\Documents\eL2Walker
2014-11-09 17:00 - 2014-01-03 23:30 - 00000000 ____D () C:\Users\Honza\Documents\BFBC2
2014-11-09 17:00 - 2013-12-30 22:22 - 00000000 ____D () C:\Users\Honza\Documents\FIFA 11
2014-11-09 17:00 - 2013-12-27 02:15 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Tunngle
2014-11-09 17:00 - 2013-12-26 20:46 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Skype
2014-11-09 17:00 - 2013-10-21 21:02 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-09 17:00 - 2013-10-21 12:20 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\uTorrent
2014-11-09 17:00 - 2013-07-11 16:55 - 00000000 ___RD () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-09 17:00 - 2013-07-11 16:55 - 00000000 ___RD () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-09 17:00 - 2006-11-02 14:34 - 00000000 ____D () C:\Windows\system32\spool
2014-11-09 17:00 - 2006-11-02 14:33 - 00000000 ____D () C:\Windows\registration
2014-11-07 14:28 - 2014-03-12 22:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-07 14:26 - 2014-03-12 23:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-07 12:28 - 2014-01-21 11:16 - 00000000 ____D () C:\Windows\Minidump
2014-11-07 12:07 - 2013-08-27 16:58 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-07 12:03 - 2013-10-14 16:38 - 00000000 ____D () C:\Users\Honza\AppData\Local\Paint.NET
2014-11-07 11:56 - 2013-11-05 17:25 - 00000000 ____D () C:\Program Files (x86)\HP
2014-11-07 10:28 - 2014-02-09 10:23 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2014-11-06 20:55 - 2006-11-02 16:21 - 04893520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-06 20:12 - 2013-12-27 18:58 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\NVIDIA
2014-11-06 20:12 - 2013-07-12 15:43 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Adobe
2014-11-06 20:12 - 2013-07-11 16:55 - 00059864 _____ () C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-06 20:03 - 2013-08-27 16:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-06 18:58 - 2013-11-13 21:33 - 00000000 ____D () C:\ProgramData\Nero
2014-11-06 18:49 - 2013-10-21 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCsoft
2014-11-06 18:49 - 2013-07-11 23:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-28 06:34 - 2013-07-12 20:38 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-22 20:49 - 2013-07-12 00:01 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-22 20:49 - 2013-07-12 00:01 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 08:58 - 2013-09-28 11:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 19:24 - 2013-12-26 20:45 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 13:22 - 2013-12-22 19:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 13:19 - 2006-11-02 13:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Some content of TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Honza\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-09 19:30
==================== End Of Log ============================
Ran by Honza (administrator) on HONZA-PC on 09-11-2014 21:25:31
Running from K:\
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(DeviceVM) C:\ASUS.SYS\config\DVMExportService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
(Allstar Group, s.r.o.) C:\Program Files\GamePark2\gpcl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7637536 2013-07-12] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2013-07-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2191632 2007-07-18] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [3036944 2007-07-18] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-09] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] ()
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\MountPoints2: {8805148b-2041-11e3-a8cc-00248c5b18e3} - L:\iStudio.exe
HKU\S-1-5-21-1823901968-3445124325-2316364854-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-18\...\Run: [Google Update] => "C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacKb00k.&○k.lnk
ShortcutTarget: FacKb00k.&○k.lnk -> (No File)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Officejet 6500 E710n-z.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Officejet 6500 E710n-z.lnk -> C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [62976] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\zio14vp1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> K:\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-07-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-07]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-12]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-12]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-12]
CHR Extension: (Avast Online Security) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-07]
CHR Extension: (Peněženka Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-07]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-07] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-07] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-07] (Avast Software)
R2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [323584 2008-11-26] (DeviceVM) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 acsint; C:\Windows\System32\DRIVERS\acsint64.sys [49520 2013-12-12] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux64.sys [73584 2013-12-12] (Cisco Systems, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-07] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-07] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2014-11-07] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [331504 2014-11-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-11-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-07] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-11-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-07] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-27] (Disc Soft Ltd)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-11-07] (Avast Software)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 npkcusb; \??\C:\Program Files (x86)\Lineage II\System\npkcusb.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-09 20:23 - 2014-11-09 20:24 - 00000247 _____ () C:\Windows\system32\2014-11-09-19-23-29.023-aswFe.exe-6000.log
2014-11-09 19:41 - 2014-11-09 20:23 - 00000247 _____ () C:\Windows\system32\2014-11-09-18-41-00.058-aswFe.exe-4704.log
2014-11-09 19:40 - 2014-11-09 19:41 - 00000197 _____ () C:\Windows\system32\2014-11-09-18-40-57.041-AvastVBoxSVC.exe-3216.log
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LgLcdSSDriver_01_00_00.Wdf
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\Users\Honza\AppData\Local\Logitech
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\ProgramData\Logitech
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\Program Files\Logitech
2014-11-09 19:21 - 2014-11-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-11-09 19:14 - 2014-11-09 19:14 - 00000197 _____ () C:\Windows\system32\2014-11-09-18-14-27.014-AvastVBoxSVC.exe-2348.log
2014-11-09 19:14 - 2014-11-09 19:14 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-09 19:14 - 2014-11-09 19:14 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-09 17:05 - 2014-11-09 17:05 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\poclbm
2014-11-09 17:03 - 2014-11-07 14:27 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-09 16:49 - 2014-11-09 16:49 - 00000247 _____ () C:\Windows\system32\2014-11-09-15-49-44.068-aswFe.exe-4864.log
2014-11-09 16:49 - 2014-11-09 16:49 - 00000197 _____ () C:\Windows\system32\2014-11-09-15-49-41.011-AvastVBoxSVC.exe-4100.log
2014-11-07 14:30 - 2014-11-07 14:30 - 00331504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-11-07 14:30 - 2014-11-07 14:30 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-07 14:30 - 2014-11-07 14:30 - 00012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2014-11-07 14:28 - 2014-11-07 14:28 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\AVAST Software
2014-11-07 14:27 - 2014-11-09 19:21 - 00000657 _____ () C:\Windows\setupact.log
2014-11-07 14:27 - 2014-11-09 17:03 - 00003838 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-07 14:27 - 2014-11-09 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-07 14:27 - 2014-11-07 14:27 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 01049920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1415366836185
2014-11-07 14:27 - 2014-11-07 14:27 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00082768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.1415366836185
2014-11-07 14:27 - 2014-11-07 14:27 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-07 14:27 - 2014-11-07 14:27 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:26 - 2014-11-07 14:26 - 00004714 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-07 14:26 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-07 14:25 - 2014-11-07 14:25 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-07 14:25 - 2014-11-07 14:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-07 14:12 - 2014-11-09 19:12 - 00014578 _____ () C:\Windows\PFRO.log
2014-11-07 14:10 - 2014-11-07 14:11 - 00000000 ____D () C:\AdwCleaner
2014-11-07 13:51 - 2014-11-09 21:25 - 00000000 ____D () C:\FRST
2014-11-06 20:12 - 2014-11-06 20:12 - 00003416 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Honza-PC-Honza
2014-11-06 20:04 - 2014-11-06 20:04 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-11-06 20:03 - 2014-11-06 20:04 - 00000000 ____D () C:\Program Files\Adobe
2014-11-06 20:03 - 2014-11-06 20:03 - 00001042 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-11-06 20:03 - 2014-11-06 20:03 - 00000981 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001350 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001188 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-11-06 20:01 - 2014-11-06 20:04 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-06 20:01 - 2014-11-06 20:01 - 00361836 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI3426.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00350768 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI3437.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00011580 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI3437.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00011564 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI3426.txt
2014-11-06 18:49 - 2014-11-06 18:49 - 00350766 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI7CAF.txt
2014-11-06 18:49 - 2014-11-06 18:49 - 00011580 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI7CAF.txt
2014-11-06 18:48 - 2014-11-06 18:48 - 00361836 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI7C9C.txt
2014-11-06 18:48 - 2014-11-06 18:48 - 00011564 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI7C9C.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00360736 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI568F.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00348980 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI5696.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00011532 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI568F.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00011516 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI5696.txt
2014-11-06 00:54 - 2014-11-06 20:12 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-06 00:51 - 2014-11-06 00:51 - 00439472 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI440A.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00435460 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI4424.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00011788 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI440A.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00011772 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI4424.txt
2014-10-24 21:24 - 2014-10-24 21:24 - 00000944 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Canneverbe Limited
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-17 08:59 - 2014-09-28 00:41 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 08:59 - 2014-09-17 07:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 08:59 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 08:57 - 2014-06-15 23:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 08:57 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 08:57 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 08:57 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 08:57 - 2014-06-13 18:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 08:57 - 2014-06-13 18:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-17 08:56 - 2014-09-05 00:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-16 19:24 - 2014-10-16 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 19:24 - 2014-10-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 13:21 - 2014-09-20 01:09 - 17867776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 13:21 - 2014-09-20 00:55 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 13:21 - 2014-09-20 00:54 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 13:21 - 2014-09-20 00:50 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 13:21 - 2014-09-20 00:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 13:21 - 2014-09-20 00:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 13:21 - 2014-09-20 00:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-16 13:21 - 2014-09-20 00:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 13:21 - 2014-09-20 00:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 13:21 - 2014-09-20 00:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-16 13:21 - 2014-09-20 00:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 13:21 - 2014-09-20 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-16 13:21 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 13:21 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 13:21 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 13:21 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 13:21 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 13:21 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 13:21 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-16 13:21 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 13:21 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 13:21 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-16 13:21 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-16 13:21 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-09 21:24 - 2006-11-02 16:22 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 21:24 - 2006-11-02 16:22 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 20:53 - 2013-07-12 00:01 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 20:27 - 2014-02-09 10:23 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2014-11-09 19:33 - 2014-06-08 20:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-09 19:32 - 2013-07-12 14:39 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\TS3Client
2014-11-09 19:31 - 2008-01-21 10:32 - 01621384 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 19:31 - 2008-01-21 10:31 - 00673934 _____ () C:\Windows\system32\perfh005.dat
2014-11-09 19:31 - 2008-01-21 10:31 - 00153016 _____ () C:\Windows\system32\perfc005.dat
2014-11-09 19:28 - 2008-01-21 02:53 - 01934220 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 19:25 - 2013-07-12 00:01 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 19:24 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 19:22 - 2006-11-02 16:42 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-09 19:21 - 2013-07-11 16:55 - 00000000 ____D () C:\Users\Honza
2014-11-09 18:10 - 2013-08-27 16:57 - 00000000 ____D () C:\Users\Honza\AppData\Local\Adobe
2014-11-09 17:01 - 2006-11-02 14:34 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-11-09 17:01 - 2006-11-02 13:33 - 68943872 _____ () C:\Windows\system32\config\software_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 56623104 _____ () C:\Windows\system32\config\components_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 109051904 _____ () C:\Windows\system32\config\system_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-11-09 17:01 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\default_previous
2014-11-09 17:00 - 2014-06-08 20:25 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-09 17:00 - 2014-05-04 17:20 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\fp
2014-11-09 17:00 - 2014-04-04 14:12 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-11-09 17:00 - 2014-03-13 22:52 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\MusE
2014-11-09 17:00 - 2014-01-12 18:59 - 00000000 ____D () C:\Users\Honza\Desktopstahovani chrome
2014-11-09 17:00 - 2014-01-12 18:58 - 00000000 ____D () C:\Users\Honza\Documents\eL2Walker
2014-11-09 17:00 - 2014-01-03 23:30 - 00000000 ____D () C:\Users\Honza\Documents\BFBC2
2014-11-09 17:00 - 2013-12-30 22:22 - 00000000 ____D () C:\Users\Honza\Documents\FIFA 11
2014-11-09 17:00 - 2013-12-27 02:15 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Tunngle
2014-11-09 17:00 - 2013-12-26 20:46 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Skype
2014-11-09 17:00 - 2013-10-21 21:02 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-09 17:00 - 2013-10-21 12:20 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\uTorrent
2014-11-09 17:00 - 2013-07-11 16:55 - 00000000 ___RD () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-09 17:00 - 2013-07-11 16:55 - 00000000 ___RD () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-09 17:00 - 2006-11-02 14:34 - 00000000 ____D () C:\Windows\system32\spool
2014-11-09 17:00 - 2006-11-02 14:33 - 00000000 ____D () C:\Windows\registration
2014-11-07 14:28 - 2014-03-12 22:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-07 14:26 - 2014-03-12 23:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-07 12:28 - 2014-01-21 11:16 - 00000000 ____D () C:\Windows\Minidump
2014-11-07 12:07 - 2013-08-27 16:58 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-07 12:03 - 2013-10-14 16:38 - 00000000 ____D () C:\Users\Honza\AppData\Local\Paint.NET
2014-11-07 11:56 - 2013-11-05 17:25 - 00000000 ____D () C:\Program Files (x86)\HP
2014-11-07 10:28 - 2014-02-09 10:23 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2014-11-06 20:55 - 2006-11-02 16:21 - 04893520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-06 20:12 - 2013-12-27 18:58 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\NVIDIA
2014-11-06 20:12 - 2013-07-12 15:43 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Adobe
2014-11-06 20:12 - 2013-07-11 16:55 - 00059864 _____ () C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-06 20:03 - 2013-08-27 16:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-06 18:58 - 2013-11-13 21:33 - 00000000 ____D () C:\ProgramData\Nero
2014-11-06 18:49 - 2013-10-21 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCsoft
2014-11-06 18:49 - 2013-07-11 23:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-28 06:34 - 2013-07-12 20:38 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-22 20:49 - 2013-07-12 00:01 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-22 20:49 - 2013-07-12 00:01 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 08:58 - 2013-09-28 11:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 19:24 - 2013-12-26 20:45 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 13:22 - 2013-12-22 19:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 13:19 - 2006-11-02 13:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Some content of TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Honza\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-09 19:30
==================== End Of Log ============================
- Přílohy
-
- Addition3.rar
- (8.18 KiB) Staženo 45 x
Re: bitcoin miner
Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7 klavesnice ted funguje? Omezime ted fixlist jen na absolutni havet... uprimne je mi zahadou, proc klavesnice prestala pracovat... projizdel jsem fixlog nekolikrat a projizdel jsem kazdou polozku velice detailne, ale neshledal jsem nic, co by melo souvislost s klavesnici 
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] () C:\Windows\inf\SYSTEM-x32.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: bitcoin miner
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by Honza at 2014-11-09 21:47:20 Run:2
Running from K:\
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] ()
C:\Windows\inf\SYSTEM-x32.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\System-boot => value deleted successfully.
C:\Windows\inf\SYSTEM-x32.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 303.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Ran by Honza at 2014-11-09 21:47:20 Run:2
Running from K:\
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] ()
C:\Windows\inf\SYSTEM-x32.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\Software\Microsoft\Windows\CurrentVersion\Run\\System-boot => value deleted successfully.
C:\Windows\inf\SYSTEM-x32.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 303.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: bitcoin miner
Ted se mazala vylucne havet (vcetne minera) - jak se pocitac a v tomto pripade hlavne klavesnice - chova ted?Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: bitcoin miner
ikona minera zmizela, klavesnice funguje, vyuziti cpu kolem 5%, pamet 2,51 GB u te nevim jestli je to normalni vytizeni vklidu
Re: bitcoin miner
Ano, toto vyuziti odpovida normalu.Jeste jedno doporuceni na zaver. Zakazal bych rucne vetsinu sluzeb, ktere se Vam spousti pri startu PC.
Start -> spustit -> msconfig -> zalozka po spusteni a zakazal bych nasledujici sluzby
- AdobeAAMUpdater-1.0
- Adobe ARM
- HP Software Update
- SwitchBoard
- AdobeCS6ServiceManager
- SunJavaUpdateSched
- DAEMON Tools Lite
- Google Update
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: bitcoin miner
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?