Prosím o kontrolu logu pomalé PC předem moc děkuji.
Napsal: 21 led 2014 18:09
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-01-2014
Ran by Martin (administrator) on MARTIN-PC on 21-01-2014 18:06:38
Running from C:\Users\Martin\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Yuna Software) C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Inc.) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(acer) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPStart.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(CyberLink) C:\Acer\Empowering Technology\eAudio\eAudio.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Acer Inc.) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(APN LLC.) C:\Users\Martin\AppData\Local\VNT\vntldr.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor Corp.) C:\Users\Martin\AppData\Local\temp\RtkBtMnt.exe
(Acer Inc.) C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [PLFSet] - C:\Windows\PLFSet.dll [45056 2007-12-14] ( )
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [8534560 2008-03-11] (NVIDIA Corporation)
HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2008-01-24] (Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [518656 2008-02-25] (Egis Incorporated)
HKLM\...\Run: [eAudio] - C:\Acer\Empowering Technology\eAudio\eAudio.exe [1286144 2007-10-10] (CyberLink)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2008-01-24] (Realtek Semiconductor)
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\QtZgAcer.EXE [707080 2008-01-02] (Dritek System Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640 2014-01-13] (APN)
HKLM\...\Run: [VNT] - C:\Program Files\VNT\vntldr.exe [202192 2014-01-13] (APN LLC.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-10-25] (Google Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.dalesearch.com/?q={searchTer ... 0&tsp=5009
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.dalesearch.com/?q={searchTer ... 0&tsp=5009
BHO: Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll (APN LLC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default
FF NewTab: hxxp://www.dalesearch.com/?babsrc=NT_ss&mntrId ... 0&tsp=5009
FF DefaultSearchEngine: DaleSearch
FF SelectedSearchEngine: DaleSearch
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=0.9.9 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Martin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Martin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Ask Toolbar - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\Extensions\toolbar_PTV-RG@apn.ask.com.xpi [2013-08-29]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-04-09]
FF Extension: DownThemAll! - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-08-22]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-24]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaahnibljmklpljnbpgfobmfpfhplch [2013-10-01]
CHR Extension: (Skype Click to Call) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-13]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR HKLM\...\Chrome\Extension: [aaaahnibljmklpljnbpgfobmfpfhplch] - C:\ProgramData\AskPartnerNetwork\Toolbar\PTV-RG\CRX\ToolbarCR.crx [2014-01-13]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR StartMenuInternet: Google Chrome - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-01-13] (APN LLC.)
S3 DAUpdaterSvc; D:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [491008 2008-02-25] (Egis Incorporated)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-10-01] (Acer Inc.)
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [131072 2007-12-20] (Acer Inc.)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [57344 2007-09-10] (Acer Inc.)
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] ()
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-11-27] ()
R2 MsgPlusService; C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000 2013-05-07] (Yuna Software)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2007-09-28] (Acer Inc.)
S3 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2011-06-29] (Avanquest Software)
R2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-09-20] (acer)
==================== Drivers (Whitelisted) ====================
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-02-04] ()
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-08-20] (EnTech Taiwan)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [15392 2007-07-03] (Acer, Inc.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145664 2013-12-24] (ITE )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-02-04] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MpKslae1335d3; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C616B384-8E59-4F38-8CC7-11EA554A78F4}\MpKslae1335d3.sys [40392 2014-01-21] (Microsoft Corporation)
R3 MsgPlusDriver; C:\Windows\System32\DRIVERS\MsgPlusDriver.sys [118096 2013-05-07] (Yune Software)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-12-14] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-10-25] ()
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2008-01-24] (Winbond Electronics Corporation)
U3 ad1mxzov; C:\Windows\System32\Drivers\ad1mxzov.sys [0 ] (Microsoft Corporation)
R3 ALSysIO; \??\C:\Users\Martin\AppData\Local\Temp\ALSysIO.sys [x]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-21 18:06 - 2014-01-21 18:06 - 00019681 _____ C:\Users\Martin\Desktop\FRST.txt
2014-01-21 18:05 - 2014-01-21 18:05 - 00000000 ____D C:\FRST
2014-01-21 18:04 - 2014-01-21 18:04 - 01222144 _____ (Farbar) C:\Users\Martin\Desktop\FRST.exe
2014-01-21 18:04 - 2014-01-21 18:04 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2014-01-21 17:58 - 2014-01-21 17:59 - 04208656 _____ (Piriform Ltd) C:\Users\Martin\Downloads\dfsetup216.exe
2014-01-21 17:56 - 2014-01-21 17:56 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(2).exe
2014-01-21 17:55 - 2014-01-21 17:55 - 00001238 _____ C:\Users\Martin\Documents\cc_20140121_175552.reg
2014-01-21 17:42 - 2014-01-21 17:42 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(1).exe
2014-01-05 16:07 - 2014-01-05 17:30 - 732899328 _____ C:\Users\Martin\Downloads\Moderni-popelka-1_CzDab.avi
2014-01-05 12:19 - 2014-01-05 12:19 - 00001816 _____ C:\Users\Martin\Desktop\TotalMedia 3.5.lnk
2014-01-04 00:10 - 2014-01-04 00:34 - 744680960 _____ C:\Users\Martin\Downloads\Obušku-z-pytle-ven-1955.avi
2013-12-29 00:13 - 2013-12-29 00:13 - 00015974 _____ C:\Users\Martin\Documents\cc_20131229_001300.reg
2013-12-28 23:55 - 2013-12-28 23:56 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409.exe
2013-12-24 19:50 - 2013-12-24 19:50 - 00000000 ____D C:\Users\Martin\Documents\ArcSoft ToGo
2013-12-24 19:49 - 2013-12-24 19:49 - 00000000 ____D C:\Users\Martin\AppData\Local\ArcSoft
2013-12-24 19:48 - 2013-12-27 00:51 - 00000000 ____D C:\ProgramData\ArcSoft
2013-12-24 19:48 - 2013-12-24 20:00 - 00000000 ____D C:\Users\Martin\AppData\Roaming\ArcSoft
2013-12-24 19:47 - 2006-11-10 15:05 - 00018688 _____ (Arcsoft, Inc.) C:\Windows\system32\Drivers\afc.sys
2013-12-24 19:45 - 2013-12-24 19:47 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-24 19:45 - 2013-12-24 19:45 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-24 19:45 - 2005-04-27 16:36 - 00245408 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2013-12-24 19:34 - 2013-12-24 19:34 - 00145664 _____ (ITE ) C:\Windows\system32\Drivers\IT9135BDA.sys
2013-12-24 19:10 - 2007-06-16 05:30 - 00000238 ____R C:\Windows\system32\AF15IRTBL.bin
2013-12-24 18:43 - 2013-12-24 18:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-23 11:56 - 2013-12-28 00:04 - 00000000 ____D C:\Users\Martin\Downloads\Evolve
==================== One Month Modified Files and Folders =======
2014-01-21 18:06 - 2014-01-21 18:06 - 00019681 _____ C:\Users\Martin\Desktop\FRST.txt
2014-01-21 18:05 - 2014-01-21 18:05 - 00000000 ____D C:\FRST
2014-01-21 18:04 - 2014-01-21 18:04 - 01222144 _____ (Farbar) C:\Users\Martin\Desktop\FRST.exe
2014-01-21 18:04 - 2014-01-21 18:04 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2014-01-21 18:03 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 18:03 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 17:59 - 2014-01-21 17:58 - 04208656 _____ (Piriform Ltd) C:\Users\Martin\Downloads\dfsetup216.exe
2014-01-21 17:59 - 2011-06-18 19:31 - 00000000 ____D C:\Program Files\Defraggler
2014-01-21 17:59 - 2010-10-25 19:43 - 00000000 ___RD C:\Users\Martin\Desktop\Programy
2014-01-21 17:56 - 2014-01-21 17:56 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(2).exe
2014-01-21 17:55 - 2014-01-21 17:55 - 00001238 _____ C:\Users\Martin\Documents\cc_20140121_175552.reg
2014-01-21 17:54 - 2010-10-25 13:54 - 01853600 ____N C:\Windows\WindowsUpdate.log
2014-01-21 17:49 - 2013-10-11 23:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 17:48 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 17:45 - 2010-10-25 14:50 - 00000012 _____ C:\Windows\bthservsdp.dat
2014-01-21 17:45 - 2006-11-02 14:01 - 00032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-21 17:42 - 2014-01-21 17:42 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(1).exe
2014-01-21 17:41 - 2013-09-11 16:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-21 17:25 - 2013-10-09 08:14 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000UA.job
2014-01-21 03:33 - 2013-10-11 23:21 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-20 17:48 - 2008-01-21 07:47 - 01540550 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-20 13:25 - 2013-10-09 08:14 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000Core.job
2014-01-19 08:32 - 2010-10-25 16:11 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-19 00:56 - 2010-10-25 14:36 - 00175104 _____ C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-18 12:01 - 2008-04-22 02:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-18 11:58 - 2013-08-17 18:46 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 11:55 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-16 01:15 - 2013-11-09 21:28 - 00000000 ____D C:\Users\Martin\AppData\Local\VNT
2014-01-16 01:14 - 2013-11-09 21:28 - 00000000 ____D C:\Program Files\VNT
2014-01-13 00:17 - 2010-10-26 19:56 - 00000000 ____D C:\Users\Martin\AppData\Local\PokerStars
2014-01-07 23:46 - 2013-11-18 22:11 - 00000000 ____D C:\Users\Martin\Desktop\nevim
2014-01-05 17:30 - 2014-01-05 16:07 - 732899328 _____ C:\Users\Martin\Downloads\Moderni-popelka-1_CzDab.avi
2014-01-05 12:43 - 2006-11-02 13:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2014-01-05 12:19 - 2014-01-05 12:19 - 00001816 _____ C:\Users\Martin\Desktop\TotalMedia 3.5.lnk
2014-01-04 00:34 - 2014-01-04 00:10 - 744680960 _____ C:\Users\Martin\Downloads\Obušku-z-pytle-ven-1955.avi
2013-12-29 00:13 - 2013-12-29 00:13 - 00015974 _____ C:\Users\Martin\Documents\cc_20131229_001300.reg
2013-12-29 00:04 - 2012-05-05 23:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-28 23:56 - 2013-12-28 23:55 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409.exe
2013-12-28 23:48 - 2011-10-13 16:30 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-28 23:48 - 2008-04-22 02:17 - 00000000 ____D C:\ProgramData\Adobe
2013-12-28 23:47 - 2010-10-25 16:32 - 00000000 ____D C:\Program Files\Adobe
2013-12-28 23:43 - 2011-01-27 18:58 - 00000000 ____D C:\Users\Martin\Downloads\Programy
2013-12-28 00:04 - 2013-12-23 11:56 - 00000000 ____D C:\Users\Martin\Downloads\Evolve
2013-12-27 20:08 - 2012-12-23 13:41 - 00000000 ____D C:\Users\Martin\AppData\Roaming\dvdcss
2013-12-27 00:51 - 2013-12-24 19:48 - 00000000 ____D C:\ProgramData\ArcSoft
2013-12-27 00:51 - 2008-04-22 01:42 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-24 20:00 - 2013-12-24 19:48 - 00000000 ____D C:\Users\Martin\AppData\Roaming\ArcSoft
2013-12-24 19:50 - 2013-12-24 19:50 - 00000000 ____D C:\Users\Martin\Documents\ArcSoft ToGo
2013-12-24 19:49 - 2013-12-24 19:49 - 00000000 ____D C:\Users\Martin\AppData\Local\ArcSoft
2013-12-24 19:47 - 2013-12-24 19:45 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-24 19:45 - 2013-12-24 19:45 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-24 19:34 - 2013-12-24 19:34 - 00145664 _____ (ITE ) C:\Windows\system32\Drivers\IT9135BDA.sys
2013-12-24 19:34 - 2010-10-25 14:16 - 00000000 ____D C:\Users\Martin
2013-12-24 18:44 - 2013-12-24 18:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
Files to move or delete:
====================
C:\Users\Martin\AppData\Roaming\desktop.ini
Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\RtkBtMnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000Core.job => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000UA.job => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Microsoft Security Essentials (Disabled - Up to date) {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
AS: Microsoft Security Essentials (Disabled - Up to date) {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Martin\Desktop" je 16034 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Martin (administrator) on MARTIN-PC on 21-01-2014 18:06:38
Running from C:\Users\Martin\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Yuna Software) C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Inc.) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(acer) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPStart.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(CyberLink) C:\Acer\Empowering Technology\eAudio\eAudio.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Acer Inc.) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(APN LLC.) C:\Users\Martin\AppData\Local\VNT\vntldr.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor Corp.) C:\Users\Martin\AppData\Local\temp\RtkBtMnt.exe
(Acer Inc.) C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [PLFSet] - C:\Windows\PLFSet.dll [45056 2007-12-14] ( )
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [8534560 2008-03-11] (NVIDIA Corporation)
HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2008-01-24] (Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [518656 2008-02-25] (Egis Incorporated)
HKLM\...\Run: [eAudio] - C:\Acer\Empowering Technology\eAudio\eAudio.exe [1286144 2007-10-10] (CyberLink)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2008-01-24] (Realtek Semiconductor)
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\QtZgAcer.EXE [707080 2008-01-02] (Dritek System Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640 2014-01-13] (APN)
HKLM\...\Run: [VNT] - C:\Program Files\VNT\vntldr.exe [202192 2014-01-13] (APN LLC.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-10-25] (Google Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.dalesearch.com/?q={searchTer ... 0&tsp=5009
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.dalesearch.com/?q={searchTer ... 0&tsp=5009
BHO: Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll (APN LLC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default
FF NewTab: hxxp://www.dalesearch.com/?babsrc=NT_ss&mntrId ... 0&tsp=5009
FF DefaultSearchEngine: DaleSearch
FF SelectedSearchEngine: DaleSearch
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=0.9.9 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Martin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Martin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Ask Toolbar - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\Extensions\toolbar_PTV-RG@apn.ask.com.xpi [2013-08-29]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-04-09]
FF Extension: DownThemAll! - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cgkyifto.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-08-22]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-24]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaahnibljmklpljnbpgfobmfpfhplch [2013-10-01]
CHR Extension: (Skype Click to Call) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-13]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR HKLM\...\Chrome\Extension: [aaaahnibljmklpljnbpgfobmfpfhplch] - C:\ProgramData\AskPartnerNetwork\Toolbar\PTV-RG\CRX\ToolbarCR.crx [2014-01-13]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR StartMenuInternet: Google Chrome - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-01-13] (APN LLC.)
S3 DAUpdaterSvc; D:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [491008 2008-02-25] (Egis Incorporated)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-10-01] (Acer Inc.)
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [131072 2007-12-20] (Acer Inc.)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [57344 2007-09-10] (Acer Inc.)
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] ()
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-11-27] ()
R2 MsgPlusService; C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000 2013-05-07] (Yuna Software)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2007-09-28] (Acer Inc.)
S3 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2011-06-29] (Avanquest Software)
R2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-09-20] (acer)
==================== Drivers (Whitelisted) ====================
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-02-04] ()
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-08-20] (EnTech Taiwan)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [15392 2007-07-03] (Acer, Inc.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145664 2013-12-24] (ITE )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-02-04] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MpKslae1335d3; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C616B384-8E59-4F38-8CC7-11EA554A78F4}\MpKslae1335d3.sys [40392 2014-01-21] (Microsoft Corporation)
R3 MsgPlusDriver; C:\Windows\System32\DRIVERS\MsgPlusDriver.sys [118096 2013-05-07] (Yune Software)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-12-14] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-10-25] ()
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2008-01-24] (Winbond Electronics Corporation)
U3 ad1mxzov; C:\Windows\System32\Drivers\ad1mxzov.sys [0 ] (Microsoft Corporation)
R3 ALSysIO; \??\C:\Users\Martin\AppData\Local\Temp\ALSysIO.sys [x]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-21 18:06 - 2014-01-21 18:06 - 00019681 _____ C:\Users\Martin\Desktop\FRST.txt
2014-01-21 18:05 - 2014-01-21 18:05 - 00000000 ____D C:\FRST
2014-01-21 18:04 - 2014-01-21 18:04 - 01222144 _____ (Farbar) C:\Users\Martin\Desktop\FRST.exe
2014-01-21 18:04 - 2014-01-21 18:04 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2014-01-21 17:58 - 2014-01-21 17:59 - 04208656 _____ (Piriform Ltd) C:\Users\Martin\Downloads\dfsetup216.exe
2014-01-21 17:56 - 2014-01-21 17:56 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(2).exe
2014-01-21 17:55 - 2014-01-21 17:55 - 00001238 _____ C:\Users\Martin\Documents\cc_20140121_175552.reg
2014-01-21 17:42 - 2014-01-21 17:42 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(1).exe
2014-01-05 16:07 - 2014-01-05 17:30 - 732899328 _____ C:\Users\Martin\Downloads\Moderni-popelka-1_CzDab.avi
2014-01-05 12:19 - 2014-01-05 12:19 - 00001816 _____ C:\Users\Martin\Desktop\TotalMedia 3.5.lnk
2014-01-04 00:10 - 2014-01-04 00:34 - 744680960 _____ C:\Users\Martin\Downloads\Obušku-z-pytle-ven-1955.avi
2013-12-29 00:13 - 2013-12-29 00:13 - 00015974 _____ C:\Users\Martin\Documents\cc_20131229_001300.reg
2013-12-28 23:55 - 2013-12-28 23:56 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409.exe
2013-12-24 19:50 - 2013-12-24 19:50 - 00000000 ____D C:\Users\Martin\Documents\ArcSoft ToGo
2013-12-24 19:49 - 2013-12-24 19:49 - 00000000 ____D C:\Users\Martin\AppData\Local\ArcSoft
2013-12-24 19:48 - 2013-12-27 00:51 - 00000000 ____D C:\ProgramData\ArcSoft
2013-12-24 19:48 - 2013-12-24 20:00 - 00000000 ____D C:\Users\Martin\AppData\Roaming\ArcSoft
2013-12-24 19:47 - 2006-11-10 15:05 - 00018688 _____ (Arcsoft, Inc.) C:\Windows\system32\Drivers\afc.sys
2013-12-24 19:45 - 2013-12-24 19:47 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-24 19:45 - 2013-12-24 19:45 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-24 19:45 - 2005-04-27 16:36 - 00245408 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2013-12-24 19:34 - 2013-12-24 19:34 - 00145664 _____ (ITE ) C:\Windows\system32\Drivers\IT9135BDA.sys
2013-12-24 19:10 - 2007-06-16 05:30 - 00000238 ____R C:\Windows\system32\AF15IRTBL.bin
2013-12-24 18:43 - 2013-12-24 18:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-23 11:56 - 2013-12-28 00:04 - 00000000 ____D C:\Users\Martin\Downloads\Evolve
==================== One Month Modified Files and Folders =======
2014-01-21 18:06 - 2014-01-21 18:06 - 00019681 _____ C:\Users\Martin\Desktop\FRST.txt
2014-01-21 18:05 - 2014-01-21 18:05 - 00000000 ____D C:\FRST
2014-01-21 18:04 - 2014-01-21 18:04 - 01222144 _____ (Farbar) C:\Users\Martin\Desktop\FRST.exe
2014-01-21 18:04 - 2014-01-21 18:04 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2014-01-21 18:03 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 18:03 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 17:59 - 2014-01-21 17:58 - 04208656 _____ (Piriform Ltd) C:\Users\Martin\Downloads\dfsetup216.exe
2014-01-21 17:59 - 2011-06-18 19:31 - 00000000 ____D C:\Program Files\Defraggler
2014-01-21 17:59 - 2010-10-25 19:43 - 00000000 ___RD C:\Users\Martin\Desktop\Programy
2014-01-21 17:56 - 2014-01-21 17:56 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(2).exe
2014-01-21 17:55 - 2014-01-21 17:55 - 00001238 _____ C:\Users\Martin\Documents\cc_20140121_175552.reg
2014-01-21 17:54 - 2010-10-25 13:54 - 01853600 ____N C:\Windows\WindowsUpdate.log
2014-01-21 17:49 - 2013-10-11 23:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 17:48 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 17:45 - 2010-10-25 14:50 - 00000012 _____ C:\Windows\bthservsdp.dat
2014-01-21 17:45 - 2006-11-02 14:01 - 00032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-21 17:42 - 2014-01-21 17:42 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409(1).exe
2014-01-21 17:41 - 2013-09-11 16:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-21 17:25 - 2013-10-09 08:14 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000UA.job
2014-01-21 03:33 - 2013-10-11 23:21 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-20 17:48 - 2008-01-21 07:47 - 01540550 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-20 13:25 - 2013-10-09 08:14 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000Core.job
2014-01-19 08:32 - 2010-10-25 16:11 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-19 00:56 - 2010-10-25 14:36 - 00175104 _____ C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-18 12:01 - 2008-04-22 02:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-18 11:58 - 2013-08-17 18:46 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 11:55 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-16 01:15 - 2013-11-09 21:28 - 00000000 ____D C:\Users\Martin\AppData\Local\VNT
2014-01-16 01:14 - 2013-11-09 21:28 - 00000000 ____D C:\Program Files\VNT
2014-01-13 00:17 - 2010-10-26 19:56 - 00000000 ____D C:\Users\Martin\AppData\Local\PokerStars
2014-01-07 23:46 - 2013-11-18 22:11 - 00000000 ____D C:\Users\Martin\Desktop\nevim
2014-01-05 17:30 - 2014-01-05 16:07 - 732899328 _____ C:\Users\Martin\Downloads\Moderni-popelka-1_CzDab.avi
2014-01-05 12:43 - 2006-11-02 13:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2014-01-05 12:19 - 2014-01-05 12:19 - 00001816 _____ C:\Users\Martin\Desktop\TotalMedia 3.5.lnk
2014-01-04 00:34 - 2014-01-04 00:10 - 744680960 _____ C:\Users\Martin\Downloads\Obušku-z-pytle-ven-1955.avi
2013-12-29 00:13 - 2013-12-29 00:13 - 00015974 _____ C:\Users\Martin\Documents\cc_20131229_001300.reg
2013-12-29 00:04 - 2012-05-05 23:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-28 23:56 - 2013-12-28 23:55 - 04645232 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup409.exe
2013-12-28 23:48 - 2011-10-13 16:30 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-28 23:48 - 2008-04-22 02:17 - 00000000 ____D C:\ProgramData\Adobe
2013-12-28 23:47 - 2010-10-25 16:32 - 00000000 ____D C:\Program Files\Adobe
2013-12-28 23:43 - 2011-01-27 18:58 - 00000000 ____D C:\Users\Martin\Downloads\Programy
2013-12-28 00:04 - 2013-12-23 11:56 - 00000000 ____D C:\Users\Martin\Downloads\Evolve
2013-12-27 20:08 - 2012-12-23 13:41 - 00000000 ____D C:\Users\Martin\AppData\Roaming\dvdcss
2013-12-27 00:51 - 2013-12-24 19:48 - 00000000 ____D C:\ProgramData\ArcSoft
2013-12-27 00:51 - 2008-04-22 01:42 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-24 20:00 - 2013-12-24 19:48 - 00000000 ____D C:\Users\Martin\AppData\Roaming\ArcSoft
2013-12-24 19:50 - 2013-12-24 19:50 - 00000000 ____D C:\Users\Martin\Documents\ArcSoft ToGo
2013-12-24 19:49 - 2013-12-24 19:49 - 00000000 ____D C:\Users\Martin\AppData\Local\ArcSoft
2013-12-24 19:47 - 2013-12-24 19:45 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-24 19:45 - 2013-12-24 19:45 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-24 19:34 - 2013-12-24 19:34 - 00145664 _____ (ITE ) C:\Windows\system32\Drivers\IT9135BDA.sys
2013-12-24 19:34 - 2010-10-25 14:16 - 00000000 ____D C:\Users\Martin
2013-12-24 18:44 - 2013-12-24 18:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
Files to move or delete:
====================
C:\Users\Martin\AppData\Roaming\desktop.ini
Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\RtkBtMnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000Core.job => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670110533-408426820-3519810110-1000UA.job => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Microsoft Security Essentials (Disabled - Up to date) {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
AS: Microsoft Security Essentials (Disabled - Up to date) {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Martin\Desktop" je 16034 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================