Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by pavel (administrator) on PAVEL-PC on 21-01-2014 22:57:10
Running from C:\Users\pavel\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(forum.viry.cz) C:\Users\pavel\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1560872 2008-07-24] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [441856 2008-10-26] (IDT, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\pavel\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-27] (Google Inc.)
HKCU\...\Run: [ABBYY Screenshot Reader Bonus] - [x]
MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {42c3e172-1d19-11e3-b4dc-00247ea06d8f} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {9172e86b-5553-11e0-9a3e-00247ea06d8f} - G:\Bolt.exe
MountPoints2: {fe06b6a3-1df0-11e3-a2ee-00247ea06d8f} - G:\HTC_Sync_Manager_PC.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId= ... on&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {D6275609-6280-4335-AEDA-B09C03158BE1} URL =
http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
SearchScopes: HKLM - {D6275609-6280-4335-AEDA-B09C03158BE1} URL =
http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
SearchScopes: HKCU - {A7E07061-8C53-4F58-9D44-7337419A302F} URL =
http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [62976] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF ProfilePath: C:\Users\pavel\AppData\Roaming\Mozilla\Firefox\Profiles\5pcc7lpo.default
FF DefaultSearchEngine: Ask.com Search
FF NetworkProxy: "type", 0
FF SearchEngineOrder.1: Ask.com Search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll ()
FF Plugin-x32: @java.com/DTPlugin - C:\Program Files (x86)\Java\jre6\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\pavel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\pavel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\pavel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\pavel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\pavel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\pavel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\pavel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\pavel\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\pavel\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\pavel\AppData\Roaming\Mozilla\Firefox\Profiles\5pcc7lpo.default\searchplugins\searchplugins-backup
FF Extension: DownloadHelper - C:\Users\pavel\AppData\Roaming\Mozilla\Firefox\Profiles\5pcc7lpo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-12-17]
FF Extension: Greasemonkey - C:\Users\pavel\AppData\Roaming\Mozilla\Firefox\Profiles\5pcc7lpo.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011-12-17]
FF Extension: Office Black - C:\Users\pavel\AppData\Roaming\Mozilla\Firefox\Profiles\5pcc7lpo.default\Extensions\
Office2007Black@JBBS.xpi [2011-03-23]
FF Extension: BlackFox V1-Blue - C:\Users\pavel\AppData\Roaming\Mozilla\Firefox\Profiles\5pcc7lpo.default\Extensions\
zigboom.designs@gmail.com.xpi [2011-03-23]
FF Extension: ImTranslator - C:\Users\pavel\AppData\Roaming\Mozilla\Firefox\Profiles\5pcc7lpo.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-03-23]
FF Extension: Green Fox - C:\Users\pavel\AppData\Roaming\Mozilla\Firefox\Profiles\5pcc7lpo.default\Extensions\{d122ad80-ff45-11dd-87af-0800200c9a66}.xpi [2011-03-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-04-22]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-15]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: (Disk Google) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (YouTube) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: (Vyhled\u00E1v\u00E1n\u00ED Google) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm [2014-01-21]
CHR Extension: (Gmail) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [pcoohmdcpejoeggdnihdfhohjgdbllgm] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\ToolbarCR.crx [2013-12-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe [89088 2008-06-27] (Andrea Electronics Corporation)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896056 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
S4 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [65536 2012-11-09] ()
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S4 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-12-17] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\STacSV64.exe [279040 2008-10-26] (IDT, Inc.)
S4 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-11-26] ()
S4 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-11-26] ()
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]
S2 Norton Internet Security; "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1
==================== Drivers (Whitelisted) ====================
S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306688 2008-07-04] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [35440 2013-09-30] (Connectify)
R3 cnnctfy2MP; C:\Windows\System32\DRIVERS\cnnctfy2.sys [35440 2013-09-30] (Connectify)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 avfwim; system32\DRIVERS\avfwim.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 JMCR; system32\DRIVERS\jmcr.sys [x]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS [x]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [x]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-21 22:57 - 2014-01-21 22:57 - 00018122 _____ C:\Users\pavel\Desktop\FRST.txt
2014-01-21 22:56 - 2014-01-21 22:56 - 00000000 ____D C:\FRST
2014-01-21 22:54 - 2014-01-21 22:54 - 00112640 _____ (forum.viry.cz) C:\Users\pavel\Downloads\FRSTLauncher (1).exe
2014-01-21 22:54 - 2014-01-21 22:54 - 00112640 _____ (forum.viry.cz) C:\Users\pavel\Desktop\FRSTLauncher.exe
2014-01-21 22:53 - 2014-01-21 22:53 - 00112640 _____ (forum.viry.cz) C:\Users\pavel\Downloads\Nepotvrzeno 989826.crdownload
2014-01-21 22:33 - 2014-01-21 22:32 - 02077184 _____ (Farbar) C:\Users\pavel\Desktop\FRST64.exe
2014-01-21 21:36 - 2014-01-21 21:36 - 00000640 _____ C:\Users\pavel\Desktop\JRT.txt
2014-01-21 21:18 - 2014-01-21 21:18 - 00001156 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-01-21 20:52 - 2014-01-21 21:20 - 00000000 ____D C:\Program Files (x86)\LastPass
2014-01-21 20:52 - 2014-01-21 21:18 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-01-21 20:22 - 2014-01-21 20:25 - 00000000 ____D C:\AdwCleaner
2014-01-21 17:16 - 2014-01-21 17:16 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:45 - 2014-01-21 16:45 - 00002025 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-21 16:42 - 2014-01-21 16:52 - 49940480 _____ C:\Program Files (x86)\GUT6430.tmp
2014-01-21 16:42 - 2014-01-21 16:42 - 00000000 ____D C:\Program Files (x86)\GUM6410.tmp
2014-01-21 16:41 - 2014-01-21 16:41 - 00000000 ____D C:\Users\pavel\AppData\Local\AskPartnerNetwork
2014-01-21 16:37 - 2014-01-21 21:53 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Google Chrome Backup
2014-01-21 16:36 - 2014-01-21 16:36 - 00000000 ____D C:\Program Files (x86)\Google Chrome Backup
2014-01-21 15:40 - 2014-01-21 15:45 - 00004245 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-21 14:58 - 2014-01-21 14:58 - 00003034 _____ C:\Windows\System32\Tasks\{C7AA77F6-B8D8-4978-9036-96056C70D212}
2014-01-21 14:57 - 2014-01-21 14:57 - 00000000 ____D C:\Intel
2014-01-21 12:42 - 2014-01-21 13:47 - 523547951 _____ C:\Users\pavel\Downloads\DALLAS-BUYERS-CLUB-KLUB-POSLEDNÍ-NADĚJE-CZ-TITULKY-DVDScr-2013-MIGON14.mkv
2014-01-01 21:10 - 2014-01-01 21:12 - 00000000 ____D C:\Users\pavel\AppData\Local\cache
2014-01-01 21:10 - 2014-01-01 21:10 - 00000000 ____D C:\Users\pavel\.android
2014-01-01 21:10 - 2014-01-01 21:10 - 00000000 _____ C:\Users\pavel\daemonprocess.txt
2013-12-29 11:18 - 2013-12-29 11:18 - 00000000 ____D C:\Users\pavel\AppData\Local\VNT
2013-12-29 11:17 - 2013-12-29 11:17 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Avira
2013-12-29 11:17 - 2013-12-29 11:17 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-12-29 11:17 - 2013-12-29 11:17 - 00000000 ____D C:\Program Files (x86)\VNT
2013-12-29 11:17 - 2013-12-29 11:17 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-12-29 11:15 - 2013-12-29 11:15 - 00001901 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-29 11:15 - 2013-12-29 11:15 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-29 11:15 - 2013-12-09 11:43 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-29 11:15 - 2013-12-09 11:43 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-29 11:15 - 2013-12-09 11:43 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-29 10:45 - 2013-12-29 10:57 - 140347096 _____ C:\Users\pavel\Downloads\avira_internet_security_suite_en.exe
2013-12-28 13:20 - 2013-12-28 13:20 - 00000512 _____ C:\Users\pavel\Downloads\Avira_14_9_2015.key
2013-12-26 15:03 - 2013-12-26 15:58 - 912747418 _____ C:\Users\pavel\Downloads\Cesta-(-2009-).avi
==================== One Month Modified Files and Folders =======
2014-01-21 22:57 - 2014-01-21 22:57 - 00018122 _____ C:\Users\pavel\Desktop\FRST.txt
2014-01-21 22:57 - 2011-09-05 14:53 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 22:56 - 2014-01-21 22:56 - 00000000 ____D C:\FRST
2014-01-21 22:54 - 2014-01-21 22:54 - 00112640 _____ (forum.viry.cz) C:\Users\pavel\Downloads\FRSTLauncher (1).exe
2014-01-21 22:54 - 2014-01-21 22:54 - 00112640 _____ (forum.viry.cz) C:\Users\pavel\Desktop\FRSTLauncher.exe
2014-01-21 22:54 - 2011-03-22 23:07 - 01234898 _____ C:\Windows\WindowsUpdate.log
2014-01-21 22:53 - 2014-01-21 22:53 - 00112640 _____ (forum.viry.cz) C:\Users\pavel\Downloads\Nepotvrzeno 989826.crdownload
2014-01-21 22:49 - 2011-09-05 14:53 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 22:49 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 22:49 - 2006-11-02 16:22 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 22:49 - 2006-11-02 16:22 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 22:47 - 2011-03-22 23:06 - 00006323 _____ C:\Windows\bthservsdp.dat
2014-01-21 22:47 - 2006-11-02 16:42 - 00032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-21 22:32 - 2014-01-21 22:33 - 02077184 _____ (Farbar) C:\Users\pavel\Desktop\FRST64.exe
2014-01-21 22:29 - 2011-03-23 06:32 - 00000000 ____D C:\Users\pavel
2014-01-21 22:20 - 2012-02-27 23:39 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4165329744-351483473-3812913338-1000UA.job
2014-01-21 22:18 - 2013-02-24 19:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-21 22:02 - 2013-10-10 17:21 - 00000000 ____D C:\Program Files\CCleaner
2014-01-21 22:02 - 2012-09-12 11:34 - 00000000 ____D C:\Users\pavel\AppData\Local\CrashDumps
2014-01-21 22:02 - 2012-08-08 16:00 - 00000000 ____D C:\Windows\Minidump
2014-01-21 21:53 - 2014-01-21 16:37 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Google Chrome Backup
2014-01-21 21:36 - 2014-01-21 21:36 - 00000640 _____ C:\Users\pavel\Desktop\JRT.txt
2014-01-21 21:20 - 2014-01-21 20:52 - 00000000 ____D C:\Program Files (x86)\LastPass
2014-01-21 21:18 - 2014-01-21 21:18 - 00001156 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-01-21 21:18 - 2014-01-21 20:52 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-01-21 20:40 - 2011-10-18 16:30 - 00000982 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4165329744-351483473-3812913338-1000UA.job
2014-01-21 20:26 - 2011-03-23 18:58 - 00000000 ____D C:\ProgramData\ICQ
2014-01-21 20:25 - 2014-01-21 20:22 - 00000000 ____D C:\AdwCleaner
2014-01-21 17:40 - 2006-11-02 16:21 - 00405264 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-21 17:16 - 2014-01-21 17:16 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:52 - 2014-01-21 16:42 - 49940480 _____ C:\Program Files (x86)\GUT6430.tmp
2014-01-21 16:45 - 2014-01-21 16:45 - 00002025 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-21 16:44 - 2011-09-05 14:52 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-21 16:43 - 2011-03-23 18:50 - 00111616 _____ C:\Users\pavel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-21 16:42 - 2014-01-21 16:42 - 00000000 ____D C:\Program Files (x86)\GUM6410.tmp
2014-01-21 16:41 - 2014-01-21 16:41 - 00000000 ____D C:\Users\pavel\AppData\Local\AskPartnerNetwork
2014-01-21 16:36 - 2014-01-21 16:36 - 00000000 ____D C:\Program Files (x86)\Google Chrome Backup
2014-01-21 15:45 - 2014-01-21 15:40 - 00004245 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-21 15:43 - 2009-02-23 08:53 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-21 14:58 - 2014-01-21 14:58 - 00003034 _____ C:\Windows\System32\Tasks\{C7AA77F6-B8D8-4978-9036-96056C70D212}
2014-01-21 14:57 - 2014-01-21 14:57 - 00000000 ____D C:\Intel
2014-01-21 14:57 - 2013-09-23 15:03 - 00000000 ____D C:\swsetup
2014-01-21 14:44 - 2012-01-20 12:52 - 00000000 ____D C:\Windows\pss
2014-01-21 14:36 - 2013-09-07 14:55 - 00000000 ___RD C:\Users\pavel\Dropbox
2014-01-21 14:36 - 2013-09-07 12:11 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Dropbox
2014-01-21 13:52 - 2011-09-11 10:15 - 00000000 ____D C:\Users\pavel\Documents\ŠKOLA
2014-01-21 13:51 - 2011-10-04 21:30 - 00000000 ____D C:\Users\pavel\Documents\TISK
2014-01-21 13:48 - 2011-11-23 13:19 - 00000000 ____D C:\Users\pavel\Desktop\DOWNLOAD
2014-01-21 13:47 - 2014-01-21 12:42 - 523547951 _____ C:\Users\pavel\Downloads\DALLAS-BUYERS-CLUB-KLUB-POSLEDNÍ-NADĚJE-CZ-TITULKY-DVDScr-2013-MIGON14.mkv
2014-01-21 13:46 - 2013-12-12 19:26 - 00000000 ____D C:\Users\pavel\Downloads\Peťko jede bomby!
2014-01-20 12:44 - 2009-02-23 15:22 - 02624550 _____ C:\Windows\system32\perfh005.dat
2014-01-20 12:44 - 2009-02-23 15:22 - 00848584 _____ C:\Windows\system32\perfc005.dat
2014-01-20 12:44 - 2006-11-02 13:46 - 00006622 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-20 11:40 - 2011-10-18 16:30 - 00000960 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4165329744-351483473-3812913338-1000Core.job
2014-01-18 20:32 - 2013-09-07 14:55 - 00000919 _____ C:\Users\pavel\Desktop\Dropbox.lnk
2014-01-18 20:32 - 2013-09-07 13:57 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-17 10:22 - 2011-03-23 18:55 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Mozilla
2014-01-16 13:28 - 2012-02-27 23:39 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4165329744-351483473-3812913338-1000Core.job
2014-01-16 00:48 - 2011-03-23 19:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 00:47 - 2013-07-30 13:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 00:44 - 2006-11-02 13:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-15 20:21 - 2011-03-23 19:53 - 00000000 ____D C:\Users\pavel\AppData\Roaming\vlc
2014-01-12 23:55 - 2011-03-23 18:57 - 00000000 ____D C:\Users\pavel\AppData\Roaming\ICQ
2014-01-07 11:34 - 2011-03-23 20:36 - 00000000 ____D C:\Users\pavel\Graphisoft
2014-01-01 21:12 - 2014-01-01 21:10 - 00000000 ____D C:\Users\pavel\AppData\Local\cache
2014-01-01 21:11 - 2012-12-30 21:01 - 00000874 _____ C:\Users\pavel\Desktop\KMPlayer.lnk
2014-01-01 21:10 - 2014-01-01 21:10 - 00000000 ____D C:\Users\pavel\.android
2014-01-01 21:10 - 2014-01-01 21:10 - 00000000 _____ C:\Users\pavel\daemonprocess.txt
2013-12-29 11:18 - 2013-12-29 11:18 - 00000000 ____D C:\Users\pavel\AppData\Local\VNT
2013-12-29 11:17 - 2013-12-29 11:17 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Avira
2013-12-29 11:17 - 2013-12-29 11:17 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-12-29 11:17 - 2013-12-29 11:17 - 00000000 ____D C:\Program Files (x86)\VNT
2013-12-29 11:17 - 2013-12-29 11:17 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-12-29 11:15 - 2013-12-29 11:15 - 00001901 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-29 11:15 - 2013-12-29 11:15 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-29 11:15 - 2012-11-20 10:20 - 00000000 ____D C:\ProgramData\Avira
2013-12-29 10:57 - 2013-12-29 10:45 - 140347096 _____ C:\Users\pavel\Downloads\avira_internet_security_suite_en.exe
2013-12-28 13:20 - 2013-12-28 13:20 - 00000512 _____ C:\Users\pavel\Downloads\Avira_14_9_2015.key
2013-12-26 15:58 - 2013-12-26 15:03 - 912747418 _____ C:\Users\pavel\Downloads\Cesta-(-2009-).avi
2013-12-23 21:06 - 2011-03-23 19:53 - 00000000 ____D C:\Users\pavel\AppData\Roaming\dvdcss
Files to move or delete:
====================
C:\Users\pavel\AppData\Roaming\skype.ini
Some content of TEMP:
====================
C:\Users\pavel\AppData\Local\Temp\avgnt.exe
C:\Users\pavel\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\pavel\Desktop" je 19364 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABBYY Screenshot Reader Bonus
"C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader
"C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool
"C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart
"C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify
C:\Program Files (x86)\Connectify\Connectify.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
"C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent
C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent
"C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileOpenBroker
C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\linkdoumi
C:\Program Files (x86)\linkdoumi\linkdoumi.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\linkdoumiagent
C:\Program Files (x86)\linkdoumi\linkdoumiagent.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr
"C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive
C:\Windows\SysWOW64\rundll32.exe "C:\Users\pavel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent
"C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_roc_ssl_v12
"C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu
%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer
C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent
"C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent
"C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu
"C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut
"C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut
"C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vectir
C:\Program Files (x86)\Vectir\Vectir.exe /Startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT
C:\Program Files (x86)\VNT\vntldr.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Stahnete Junkware Removal Tool 