Kontrola logu
Napsal: 06 úno 2014 14:17
Zdravím, chcel by som Vás poprosiť o kontrolu logu:
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by gabris (administrator) on GABRIS-W7 on 06-02-2014 12:40:22
Running from C:\Users\gabris\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TorchMedia Inc.) C:\Users\gabris\AppData\Local\Torch\Update\TorchCrashHandler.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
() C:\Program Files (x86)\AddLyrics\YTLUpdater.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Yontoo LLC) C:\Users\gabris\AppData\Roaming\Yontoo\YontooDesktop.exe
() C:\Users\gabris\remaviklyxpe.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
() C:\Program Files (x86)\Browsers Protector\regmon32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\gabris\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2828072 2011-09-15] (Synaptics Incorporated)
HKLM\...\Run: [HP LaserJet Professional M1530 MFP Series Fax] - C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2010-08-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [NUSB3MON] - c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [323128 2011-07-06] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] - C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [161088 2011-01-12] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] - C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [215360 2011-01-12] (McAfee, Inc.)
HKLM-x32\...\Run: [Browsers Protector] - C:\Program Files (x86)\Browsers Protector\regmon32.exe [147784 2012-02-15] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SearchSettings] - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1383232 2013-12-27] (Spigot, Inc.)
HKLM-x32\...\Run: [Regedit32] - C:\Windows\SysWOW64\regedit.exe [398336 2009-07-14] (Microsoft Corporation)
HKLM-x32\...\Run: [ToolboxFX] - C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [48991] - c:\progra~3\mspdbwoi.exe No File
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [addlyrics@addlyrics.net] - C:\Program Files (x86)\AddLyrics\YTLUpdater.exe [101888 2012-12-05] ()
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [Yontoo Desktop] - C:\Users\gabris\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-02-02] (Yontoo LLC)
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [205976 2009-09-18] (Alcohol Soft Development Team)
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [iLivid] - C:\Users\gabris\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-08] (Bandoo Media Inc.)
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [remaviklyxpe] - C:\Users\gabris\remaviklyxpe.exe [48128 2014-01-29] ()
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Policies\Explorer: [HideSCAHealth] 0
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\ProgramData\Wincert\win64cert.dll [8704 2013-11-04] ()
AppInit_DLLs: c:\progra~2\movies~1\datamngr\x64\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll [24064 2013-12-23] ()
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-11-04] ()
AppInit_DLLs-x32: c:\progra~2\movies~1\datamngr\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll [20480 2013-12-23] ()
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\roevz.exe (loikutffufu)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\roevz.exe (loikutffufu)
Startup: C:\Users\Matúš Gabriš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\omme.exe (loikutffufu)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\datamngr\x64\apcrtldr.dll [658432 2013-12-23] () <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies toolbar\datamngr\apcrtldr.dll [485376 2013-12-23] () <===== ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE1D98B2CAC23CD01
URLSearchHook: HKLM-x32 - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickOB& ... 01/01/1970
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickOB& ... 01/01/1970
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?aff=10&src=sp&cf=6 ... earchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickOB& ... 01/01/1970
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?aff=10&src=sp&cf=6 ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120426121647.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
BHO-x32: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120426121648.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
DPF: HKLM-x32 {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Program%20Files%20(x86)/MDT6/AcDcToday.ocx
DPF: HKLM-x32 {AE563720-B4F5-11D4-A415-00108302FDFD} file:///C:/Program%20Files%20(x86)/MDT6/InstBanr.ocx
DPF: HKLM-x32 {C6637286-300D-11D4-AE0A-0010830243BD} file:///C:/Program%20Files%20(x86)/MDT6/InstFred.ocx
DPF: HKLM-x32 {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files%20(x86)/MDT6/AcPreview.ocx
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.110.117 192.168.110.118
FireFox:
========
FF ProfilePath: C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default
FF user.js: detected! => C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\user.js
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Web Search
FF Homepage: hxxp://google.sk/
FF Keyword.URL: hxxp://startsear.ch/?aff=10&src=sp&cf=6a9fb33b-95eb-11e1-9ef4-e4115b326a02&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Web Components - C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (StartSearch )
FF SearchPlugin: C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\searchplugins\MyStart.xml
FF SearchPlugin: C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: QuickShare Widget - C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\Extensions\{38fabded-e18f-43b5-bb1b-17fb9661f29d} [2013-05-14]
FF Extension: Address Bar Search - C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-28]
FF Extension: Easy YouTube Video Downloader - C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-05-07]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-11-23]
FF Extension: z - C:\Program Files (x86)\Mozilla Firefox\extensions\{9019a61e-1281-562e-21e7-fe4440ee4a62} [2014-01-07]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-01-28]
FF HKCU\...\Firefox\Extensions: [addlyrics@addlyrics.net] - C:\Program Files (x86)\AddLyrics\FF\
FF Extension: Add Lyrics - C:\Program Files (x86)\AddLyrics\FF\ []
Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?CUI=UN26968725509202281&ctid=CT3176921&SearchSource=48
CHR RestoreOnStartup: "hxxp://search.conduit.com/?CUI=UN26968725509202281&ctid=CT3176921&SearchSource=48"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\pdf.dll No File
CHR Plugin: (StartSearch Video plug-in) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\chvsharetvplg.dll (StartSearch )
CHR Plugin: (StartSearch Video plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll (StartSearch )
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (StartSearch Video plug-in) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj [2012-09-24]
CHR Extension: (StartSearch Video plug-in) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh [2013-02-28]
CHR Extension: (SweetIM for Facebook) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-11-30]
CHR Extension: (Add Lyrics) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdlfddggdloaadnphbhejknhaggjaeld [2013-02-21]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2012-11-30]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\gabris\AppData\Local\Smartbar/Application\1Extension.crx [2012-11-30]
CHR HKLM-x32\...\Chrome\Extension: [bildoibdboopgomcbiplincneeicgipj] - C:\Program Files (x86)\StartSearch plugin\startsplg.crx [2012-01-02]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-11-23]
CHR HKLM-x32\...\Chrome\Extension: [kdlfddggdloaadnphbhejknhaggjaeld] - C:\Program Files (x86)\AddLyrics\Chrome.crx [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-02-28]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2012-11-23]
==================== Services (Whitelisted) =================
R2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3447808 2013-12-23] (Bandoo Media Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [949760 2013-08-12] (Kerio Technologies Inc.)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [190256 2012-04-26] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760 2011-01-12] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [156248 2012-04-26] (McAfee, Inc.)
S3 OracleClientCache80; C:\orant\BIN\ONRSD80.EXE [101136 2001-05-17] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 TorchCrashHandler; C:\Users\gabris\AppData\Local\Torch\Update\TorchCrashHandler.exe [1213448 2013-11-04] (TorchMedia Inc.)
R2 uArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 Yontoo Desktop Updater; C:\Users\gabris\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-02-02] (Yontoo LLC)
==================== Drivers (Whitelisted) ====================
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [153952 2012-04-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [217696 2012-04-26] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [607152 2012-04-26] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [97960 2012-04-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [281544 2012-04-26] (McAfee, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-05-16] ()
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2614520 2011-04-03] (Sunplus Technology)
U3 ar275sf9; C:\Windows\System32\Drivers\ar275sf9.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 12:40 - 2014-02-06 12:40 - 00029696 _____ () C:\Users\gabris\AppData\Local\MSGBOX.EXE
2014-02-06 12:40 - 2014-02-06 12:40 - 00026949 _____ () C:\Users\gabris\Desktop\FRST.txt
2014-02-06 12:40 - 2014-02-06 12:40 - 00015327 _____ () C:\Users\gabris\Desktop\LM.bat
2014-02-06 12:36 - 2014-02-06 12:40 - 00000000 ____D () C:\FRST
2014-02-06 12:36 - 2014-02-06 11:27 - 02082304 _____ (Farbar) C:\Users\gabris\Desktop\FRST64.exe
2014-02-06 12:36 - 2014-02-06 11:27 - 00112640 _____ (forum.viry.cz) C:\Users\gabris\Desktop\FRSTLauncher.exe
2014-02-06 11:41 - 2014-02-06 11:42 - 00000000 ____D () C:\Users\gabris\Desktop\Expedičné listy
2014-02-05 12:30 - 2014-02-05 12:30 - 00062189 ____N () C:\Users\gabris\Desktop\Nákup dispečing 5.2.2014.xlsx
2014-02-05 07:12 - 2014-02-05 07:12 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\XulTest
2014-02-05 07:12 - 2014-02-05 07:12 - 00000000 ____D () C:\Users\gabris\AppData\Local\XulTest
2014-02-04 10:17 - 2014-02-05 10:28 - 00000000 ____D () C:\Users\gabris\AppData\Local\HP
2014-02-03 10:28 - 2014-02-03 10:28 - 00003480 _____ () C:\Windows\System32\Tasks\HPLJCustParticipation
2014-02-03 10:28 - 2014-02-03 10:28 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\HpUpdate
2014-02-03 10:27 - 2014-02-03 10:27 - 00000608 ___SH () C:\Windows\system32\winzvprt5.sys
2014-02-03 10:27 - 2014-02-03 10:27 - 00000242 _____ () C:\Windows\system32\hppfaxprinter5.ini
2014-02-03 10:27 - 2014-02-03 10:27 - 00000000 ____D () C:\Users\Public\Documents\HP_LaserJet_Fax_0_6
2014-02-03 10:27 - 2010-08-24 13:34 - 00027704 ____N (Hewlett-Packard Company) C:\Windows\system32\hppfaxprintermon5.dll
2014-02-03 10:27 - 2010-08-24 13:34 - 00022072 ____N (Hewlett-Packard Company) C:\Windows\system32\hppfaxprintermonui5.dll
2014-02-03 10:26 - 2014-02-03 10:26 - 00001196 _____ () C:\Users\Public\Desktop\HP LJ M1530 Scan.lnk
2014-02-03 10:26 - 2014-02-03 10:26 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Hewlett-Packard Company
2014-02-03 10:24 - 2014-02-03 10:24 - 00000182 _____ () C:\Windows\system32\AddPort.ini
2014-02-03 10:24 - 2014-02-03 10:24 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-02-03 10:22 - 2010-09-23 14:10 - 00176128 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn101.dll
2014-02-03 10:22 - 2010-09-23 14:05 - 00305664 _____ (Hewlett Packard Corporation) C:\Windows\SysWOW64\hpcc3101.dll
2014-02-03 10:22 - 2010-09-19 15:51 - 00193592 _____ (Hewlett-Packard) C:\Windows\system32\hppdcompio.dll
2014-02-03 10:22 - 2010-09-19 15:51 - 00167480 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hppccompio.dll
2014-02-03 10:22 - 2010-02-11 10:19 - 00491008 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-03 10:11 - 2014-02-03 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-30 07:20 - 2014-01-30 07:20 - 00000000 ____D () C:\Mozilla
2014-01-29 10:11 - 2014-01-29 10:10 - 00048128 _____ () C:\Users\gabris\remaviklyxpe.exe
2014-01-27 07:51 - 2014-02-06 12:21 - 02813440 _____ () C:\Users\gabris\Desktop\Kópia - Zoznam objednavok.xls
2014-01-24 07:19 - 2014-01-24 07:19 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2014-01-24 07:19 - 2014-01-24 07:19 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2014-01-24 07:08 - 2014-02-05 07:03 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Ucitva
2014-01-24 07:08 - 2014-02-03 11:29 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Xeicci
2014-01-22 14:17 - 2014-01-22 14:17 - 00000232 _____ () C:\Users\gabris\Desktop\Docházkový systém.URL
2014-01-15 09:38 - 2014-01-15 09:38 - 00000000 ____D () C:\Program Files (x86)\pdfforge Toolbar
2014-01-15 09:38 - 2014-01-15 09:38 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-01-15 07:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 07:37 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 07:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 14:33 - 2014-02-03 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-07 07:07 - 2014-02-06 12:30 - 00000000 ____D () C:\ProgramData\Datamngr
2014-01-07 07:07 - 2014-01-07 07:07 - 00000000 ____D () C:\extensions
==================== One Month Modified Files and Folders =======
2014-02-06 12:40 - 2014-02-06 12:40 - 00029696 _____ () C:\Users\gabris\AppData\Local\MSGBOX.EXE
2014-02-06 12:40 - 2014-02-06 12:40 - 00026949 _____ () C:\Users\gabris\Desktop\FRST.txt
2014-02-06 12:40 - 2014-02-06 12:40 - 00015327 _____ () C:\Users\gabris\Desktop\LM.bat
2014-02-06 12:40 - 2014-02-06 12:36 - 00000000 ____D () C:\FRST
2014-02-06 12:36 - 2009-07-14 06:13 - 00730448 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 12:36 - 2009-07-14 05:45 - 00015184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 12:36 - 2009-07-14 05:45 - 00015184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 12:34 - 2013-04-29 06:39 - 00000000 ____D () C:\QUARANTINE
2014-02-06 12:34 - 2009-07-14 05:51 - 00058403 _____ () C:\Windows\setupact.log
2014-02-06 12:30 - 2014-01-07 07:07 - 00000000 ____D () C:\ProgramData\Datamngr
2014-02-06 12:29 - 2013-11-21 09:34 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-02-06 12:29 - 2012-09-24 09:03 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 12:29 - 2012-04-26 14:00 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Skype
2014-02-06 12:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 12:21 - 2014-01-27 07:51 - 02813440 _____ () C:\Users\gabris\Desktop\Kópia - Zoznam objednavok.xls
2014-02-06 12:21 - 2012-04-26 14:07 - 00000000 ____D () C:\ProgramData\firebird
2014-02-06 12:19 - 2012-05-03 10:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 11:45 - 2012-05-02 06:31 - 00000000 ____D () C:\Users\gabris\Desktop\pdf dokumenty
2014-02-06 11:44 - 2012-09-24 09:03 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 11:42 - 2014-02-06 11:41 - 00000000 ____D () C:\Users\gabris\Desktop\Expedičné listy
2014-02-06 11:40 - 2012-05-02 06:31 - 00000000 ____D () C:\Users\gabris\Desktop\jpg dokumenty
2014-02-06 11:27 - 2014-02-06 12:36 - 02082304 _____ (Farbar) C:\Users\gabris\Desktop\FRST64.exe
2014-02-06 11:27 - 2014-02-06 12:36 - 00112640 _____ (forum.viry.cz) C:\Users\gabris\Desktop\FRSTLauncher.exe
2014-02-06 11:23 - 2012-05-02 06:21 - 00001539 _____ () C:\Users\gabris\Desktop\Zástupce - listok.lnk
2014-02-06 10:40 - 2012-04-25 17:08 - 00000120 _____ () C:\Windows\system32\config\netlogon.ftl
2014-02-06 10:05 - 2013-02-28 10:38 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Yontoo
2014-02-06 07:08 - 2012-04-26 15:50 - 00000030 _____ () C:\Windows\system32\assist.err
2014-02-06 07:04 - 2012-04-25 15:49 - 00303476 _____ () C:\Windows\PFRO.log
2014-02-05 12:30 - 2014-02-05 12:30 - 00062189 ____N () C:\Users\gabris\Desktop\Nákup dispečing 5.2.2014.xlsx
2014-02-05 10:28 - 2014-02-04 10:17 - 00000000 ____D () C:\Users\gabris\AppData\Local\HP
2014-02-05 07:12 - 2014-02-05 07:12 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\XulTest
2014-02-05 07:12 - 2014-02-05 07:12 - 00000000 ____D () C:\Users\gabris\AppData\Local\XulTest
2014-02-05 07:05 - 2012-05-03 10:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 07:05 - 2012-05-03 10:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 07:05 - 2012-05-03 10:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 07:05 - 2012-05-02 07:18 - 00000000 ____D () C:\Users\gabris\AppData\Local\Adobe
2014-02-05 07:03 - 2014-01-24 07:08 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Ucitva
2014-02-04 14:58 - 2013-10-31 12:44 - 00000000 ____D () C:\Users\gabris\Desktop\Objednávky. objednané
2014-02-03 11:29 - 2014-01-24 07:08 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Xeicci
2014-02-03 10:28 - 2014-02-03 10:28 - 00003480 _____ () C:\Windows\System32\Tasks\HPLJCustParticipation
2014-02-03 10:28 - 2014-02-03 10:28 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\HpUpdate
2014-02-03 10:28 - 2013-01-28 13:58 - 00000000 ____D () C:\ProgramData\HP
2014-02-03 10:28 - 2012-05-31 07:26 - 00000000 ____D () C:\Program Files (x86)\HP
2014-02-03 10:28 - 2012-04-25 17:12 - 00000000 ___RD () C:\Users\gabris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-03 10:27 - 2014-02-03 10:27 - 00000608 ___SH () C:\Windows\system32\winzvprt5.sys
2014-02-03 10:27 - 2014-02-03 10:27 - 00000242 _____ () C:\Windows\system32\hppfaxprinter5.ini
2014-02-03 10:27 - 2014-02-03 10:27 - 00000000 ____D () C:\Users\Public\Documents\HP_LaserJet_Fax_0_6
2014-02-03 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-03 10:26 - 2014-02-03 10:26 - 00001196 _____ () C:\Users\Public\Desktop\HP LJ M1530 Scan.lnk
2014-02-03 10:26 - 2014-02-03 10:26 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Hewlett-Packard Company
2014-02-03 10:26 - 2013-01-28 13:59 - 00000121 _____ () C:\Windows\SysWOW64\msiexec.log
2014-02-03 10:26 - 2013-01-28 13:59 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-03 10:24 - 2014-02-03 10:24 - 00000182 _____ () C:\Windows\system32\AddPort.ini
2014-02-03 10:24 - 2014-02-03 10:24 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-02-03 10:11 - 2014-02-03 10:11 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-03 10:11 - 2014-02-03 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-03 10:11 - 2014-01-07 14:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-03 10:10 - 2012-04-26 11:09 - 00000000 ____D () C:\totalcmd
2014-01-30 07:20 - 2014-01-30 07:20 - 00000000 ____D () C:\Mozilla
2014-01-29 10:11 - 2012-04-25 17:12 - 00000000 ____D () C:\Users\gabris
2014-01-29 10:10 - 2014-01-29 10:11 - 00048128 _____ () C:\Users\gabris\remaviklyxpe.exe
2014-01-24 12:35 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-24 07:19 - 2014-01-24 07:19 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2014-01-24 07:19 - 2014-01-24 07:19 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2014-01-24 07:19 - 2012-04-25 14:35 - 00000000 ___RD () C:\Users\Matúš Gabriš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 07:08 - 2012-04-25 14:28 - 01897883 _____ () C:\Windows\WindowsUpdate.log
2014-01-22 14:17 - 2014-01-22 14:17 - 00000232 _____ () C:\Users\gabris\Desktop\Docházkový systém.URL
2014-01-16 03:22 - 2009-07-14 05:45 - 00487064 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 03:02 - 2013-08-15 14:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 03:00 - 2012-05-15 07:18 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 09:38 - 2014-01-15 09:38 - 00000000 ____D () C:\Program Files (x86)\pdfforge Toolbar
2014-01-15 09:38 - 2014-01-15 09:38 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-01-07 07:08 - 2013-11-21 09:30 - 00000000 ____D () C:\ProgramData\Wincert
2014-01-07 07:07 - 2014-01-07 07:07 - 00000000 ____D () C:\extensions
Files to move or delete:
====================
c:\program files (x86)\movies toolbar\datamngr\x64\apcrtldr.dll
c:\program files (x86)\movies toolbar\datamngr\apcrtldr.dll
C:\Users\gabris\remaviklyxpe.exe
Some content of TEMP:
====================
C:\Users\gabris\AppData\Local\Temp\addlyrics1050.exe
C:\Users\gabris\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\gabris\AppData\Local\Temp\chutil.dll
C:\Users\gabris\AppData\Local\Temp\conduitinstaller.exe
C:\Users\gabris\AppData\Local\Temp\CT1750559_ie.exe
C:\Users\gabris\AppData\Local\Temp\Delta.exe
C:\Users\gabris\AppData\Local\Temp\DeltaTB.exe
C:\Users\gabris\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit-1.exe
C:\Users\gabris\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit.exe
C:\Users\gabris\AppData\Local\Temp\htmlayout.dll
C:\Users\gabris\AppData\Local\Temp\Installmanager.exe
C:\Users\gabris\AppData\Local\Temp\iupdate.exe
C:\Users\gabris\AppData\Local\Temp\KTOutlk.dll
C:\Users\gabris\AppData\Local\Temp\MybabylonTB.exe
C:\Users\gabris\AppData\Local\Temp\nhpmonitor.exe
C:\Users\gabris\AppData\Local\Temp\nxbzawli.dll
C:\Users\gabris\AppData\Local\Temp\propsys.dll
C:\Users\gabris\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\gabris\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\gabris\AppData\Local\Temp\SkypeSetup.exe
C:\Users\gabris\AppData\Local\Temp\sqlite3.dll
C:\Users\gabris\AppData\Local\Temp\tbBS_0.dll
C:\Users\gabris\AppData\Local\Temp\tbexpr.dll
C:\Users\gabris\AppData\Local\Temp\tmp0edc5fe6.exe
C:\Users\gabris\AppData\Local\Temp\toolbar13301893.exe
C:\Users\gabris\AppData\Local\Temp\toolbar13302049.exe
C:\Users\gabris\AppData\Local\Temp\uninst1.exe
C:\Users\gabris\AppData\Local\Temp\uninstall13580277.exe
C:\Users\gabris\AppData\Local\Temp\WSSetup.exe
C:\Users\gabris\AppData\Local\Temp\ytl.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 12:03
==================== End Of Log ============================
Vopred ďakujem
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by gabris (administrator) on GABRIS-W7 on 06-02-2014 12:40:22
Running from C:\Users\gabris\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TorchMedia Inc.) C:\Users\gabris\AppData\Local\Torch\Update\TorchCrashHandler.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
() C:\Program Files (x86)\AddLyrics\YTLUpdater.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Yontoo LLC) C:\Users\gabris\AppData\Roaming\Yontoo\YontooDesktop.exe
() C:\Users\gabris\remaviklyxpe.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
() C:\Program Files (x86)\Browsers Protector\regmon32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\gabris\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2828072 2011-09-15] (Synaptics Incorporated)
HKLM\...\Run: [HP LaserJet Professional M1530 MFP Series Fax] - C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2010-08-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [NUSB3MON] - c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [323128 2011-07-06] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] - C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [161088 2011-01-12] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] - C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [215360 2011-01-12] (McAfee, Inc.)
HKLM-x32\...\Run: [Browsers Protector] - C:\Program Files (x86)\Browsers Protector\regmon32.exe [147784 2012-02-15] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SearchSettings] - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1383232 2013-12-27] (Spigot, Inc.)
HKLM-x32\...\Run: [Regedit32] - C:\Windows\SysWOW64\regedit.exe [398336 2009-07-14] (Microsoft Corporation)
HKLM-x32\...\Run: [ToolboxFX] - C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [48991] - c:\progra~3\mspdbwoi.exe No File
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [addlyrics@addlyrics.net] - C:\Program Files (x86)\AddLyrics\YTLUpdater.exe [101888 2012-12-05] ()
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [Yontoo Desktop] - C:\Users\gabris\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-02-02] (Yontoo LLC)
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [205976 2009-09-18] (Alcohol Soft Development Team)
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [iLivid] - C:\Users\gabris\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-08] (Bandoo Media Inc.)
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Run: [remaviklyxpe] - C:\Users\gabris\remaviklyxpe.exe [48128 2014-01-29] ()
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1715567821-1965331169-725345543-2315\...\Policies\Explorer: [HideSCAHealth] 0
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\ProgramData\Wincert\win64cert.dll [8704 2013-11-04] ()
AppInit_DLLs: c:\progra~2\movies~1\datamngr\x64\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll [24064 2013-12-23] ()
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-11-04] ()
AppInit_DLLs-x32: c:\progra~2\movies~1\datamngr\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll [20480 2013-12-23] ()
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\roevz.exe (loikutffufu)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\roevz.exe (loikutffufu)
Startup: C:\Users\Matúš Gabriš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\omme.exe (loikutffufu)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\datamngr\x64\apcrtldr.dll [658432 2013-12-23] () <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies toolbar\datamngr\apcrtldr.dll [485376 2013-12-23] () <===== ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE1D98B2CAC23CD01
URLSearchHook: HKLM-x32 - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickOB& ... 01/01/1970
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickOB& ... 01/01/1970
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?aff=10&src=sp&cf=6 ... earchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickOB& ... 01/01/1970
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?aff=10&src=sp&cf=6 ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120426121647.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
BHO-x32: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120426121648.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
DPF: HKLM-x32 {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Program%20Files%20(x86)/MDT6/AcDcToday.ocx
DPF: HKLM-x32 {AE563720-B4F5-11D4-A415-00108302FDFD} file:///C:/Program%20Files%20(x86)/MDT6/InstBanr.ocx
DPF: HKLM-x32 {C6637286-300D-11D4-AE0A-0010830243BD} file:///C:/Program%20Files%20(x86)/MDT6/InstFred.ocx
DPF: HKLM-x32 {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files%20(x86)/MDT6/AcPreview.ocx
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.110.117 192.168.110.118
FireFox:
========
FF ProfilePath: C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default
FF user.js: detected! => C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\user.js
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Web Search
FF Homepage: hxxp://google.sk/
FF Keyword.URL: hxxp://startsear.ch/?aff=10&src=sp&cf=6a9fb33b-95eb-11e1-9ef4-e4115b326a02&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Web Components - C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (StartSearch )
FF SearchPlugin: C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\searchplugins\MyStart.xml
FF SearchPlugin: C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: QuickShare Widget - C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\Extensions\{38fabded-e18f-43b5-bb1b-17fb9661f29d} [2013-05-14]
FF Extension: Address Bar Search - C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-28]
FF Extension: Easy YouTube Video Downloader - C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-05-07]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\gabris\AppData\Roaming\Mozilla\Firefox\Profiles\wx0za78f.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-11-23]
FF Extension: z - C:\Program Files (x86)\Mozilla Firefox\extensions\{9019a61e-1281-562e-21e7-fe4440ee4a62} [2014-01-07]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-01-28]
FF HKCU\...\Firefox\Extensions: [addlyrics@addlyrics.net] - C:\Program Files (x86)\AddLyrics\FF\
FF Extension: Add Lyrics - C:\Program Files (x86)\AddLyrics\FF\ []
Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?CUI=UN26968725509202281&ctid=CT3176921&SearchSource=48
CHR RestoreOnStartup: "hxxp://search.conduit.com/?CUI=UN26968725509202281&ctid=CT3176921&SearchSource=48"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\pdf.dll No File
CHR Plugin: (StartSearch Video plug-in) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\chvsharetvplg.dll (StartSearch )
CHR Plugin: (StartSearch Video plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll (StartSearch )
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (StartSearch Video plug-in) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj [2012-09-24]
CHR Extension: (StartSearch Video plug-in) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh [2013-02-28]
CHR Extension: (SweetIM for Facebook) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-11-30]
CHR Extension: (Add Lyrics) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdlfddggdloaadnphbhejknhaggjaeld [2013-02-21]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2012-11-30]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\gabris\AppData\Local\Smartbar/Application\1Extension.crx [2012-11-30]
CHR HKLM-x32\...\Chrome\Extension: [bildoibdboopgomcbiplincneeicgipj] - C:\Program Files (x86)\StartSearch plugin\startsplg.crx [2012-01-02]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-11-23]
CHR HKLM-x32\...\Chrome\Extension: [kdlfddggdloaadnphbhejknhaggjaeld] - C:\Program Files (x86)\AddLyrics\Chrome.crx [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-02-28]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\gabris\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2012-11-23]
==================== Services (Whitelisted) =================
R2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3447808 2013-12-23] (Bandoo Media Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [949760 2013-08-12] (Kerio Technologies Inc.)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [190256 2012-04-26] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760 2011-01-12] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [156248 2012-04-26] (McAfee, Inc.)
S3 OracleClientCache80; C:\orant\BIN\ONRSD80.EXE [101136 2001-05-17] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 TorchCrashHandler; C:\Users\gabris\AppData\Local\Torch\Update\TorchCrashHandler.exe [1213448 2013-11-04] (TorchMedia Inc.)
R2 uArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 Yontoo Desktop Updater; C:\Users\gabris\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-02-02] (Yontoo LLC)
==================== Drivers (Whitelisted) ====================
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [153952 2012-04-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [217696 2012-04-26] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [607152 2012-04-26] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [97960 2012-04-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [281544 2012-04-26] (McAfee, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-05-16] ()
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2614520 2011-04-03] (Sunplus Technology)
U3 ar275sf9; C:\Windows\System32\Drivers\ar275sf9.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 12:40 - 2014-02-06 12:40 - 00029696 _____ () C:\Users\gabris\AppData\Local\MSGBOX.EXE
2014-02-06 12:40 - 2014-02-06 12:40 - 00026949 _____ () C:\Users\gabris\Desktop\FRST.txt
2014-02-06 12:40 - 2014-02-06 12:40 - 00015327 _____ () C:\Users\gabris\Desktop\LM.bat
2014-02-06 12:36 - 2014-02-06 12:40 - 00000000 ____D () C:\FRST
2014-02-06 12:36 - 2014-02-06 11:27 - 02082304 _____ (Farbar) C:\Users\gabris\Desktop\FRST64.exe
2014-02-06 12:36 - 2014-02-06 11:27 - 00112640 _____ (forum.viry.cz) C:\Users\gabris\Desktop\FRSTLauncher.exe
2014-02-06 11:41 - 2014-02-06 11:42 - 00000000 ____D () C:\Users\gabris\Desktop\Expedičné listy
2014-02-05 12:30 - 2014-02-05 12:30 - 00062189 ____N () C:\Users\gabris\Desktop\Nákup dispečing 5.2.2014.xlsx
2014-02-05 07:12 - 2014-02-05 07:12 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\XulTest
2014-02-05 07:12 - 2014-02-05 07:12 - 00000000 ____D () C:\Users\gabris\AppData\Local\XulTest
2014-02-04 10:17 - 2014-02-05 10:28 - 00000000 ____D () C:\Users\gabris\AppData\Local\HP
2014-02-03 10:28 - 2014-02-03 10:28 - 00003480 _____ () C:\Windows\System32\Tasks\HPLJCustParticipation
2014-02-03 10:28 - 2014-02-03 10:28 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\HpUpdate
2014-02-03 10:27 - 2014-02-03 10:27 - 00000608 ___SH () C:\Windows\system32\winzvprt5.sys
2014-02-03 10:27 - 2014-02-03 10:27 - 00000242 _____ () C:\Windows\system32\hppfaxprinter5.ini
2014-02-03 10:27 - 2014-02-03 10:27 - 00000000 ____D () C:\Users\Public\Documents\HP_LaserJet_Fax_0_6
2014-02-03 10:27 - 2010-08-24 13:34 - 00027704 ____N (Hewlett-Packard Company) C:\Windows\system32\hppfaxprintermon5.dll
2014-02-03 10:27 - 2010-08-24 13:34 - 00022072 ____N (Hewlett-Packard Company) C:\Windows\system32\hppfaxprintermonui5.dll
2014-02-03 10:26 - 2014-02-03 10:26 - 00001196 _____ () C:\Users\Public\Desktop\HP LJ M1530 Scan.lnk
2014-02-03 10:26 - 2014-02-03 10:26 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Hewlett-Packard Company
2014-02-03 10:24 - 2014-02-03 10:24 - 00000182 _____ () C:\Windows\system32\AddPort.ini
2014-02-03 10:24 - 2014-02-03 10:24 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-02-03 10:22 - 2010-09-23 14:10 - 00176128 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn101.dll
2014-02-03 10:22 - 2010-09-23 14:05 - 00305664 _____ (Hewlett Packard Corporation) C:\Windows\SysWOW64\hpcc3101.dll
2014-02-03 10:22 - 2010-09-19 15:51 - 00193592 _____ (Hewlett-Packard) C:\Windows\system32\hppdcompio.dll
2014-02-03 10:22 - 2010-09-19 15:51 - 00167480 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hppccompio.dll
2014-02-03 10:22 - 2010-02-11 10:19 - 00491008 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-03 10:11 - 2014-02-03 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-30 07:20 - 2014-01-30 07:20 - 00000000 ____D () C:\Mozilla
2014-01-29 10:11 - 2014-01-29 10:10 - 00048128 _____ () C:\Users\gabris\remaviklyxpe.exe
2014-01-27 07:51 - 2014-02-06 12:21 - 02813440 _____ () C:\Users\gabris\Desktop\Kópia - Zoznam objednavok.xls
2014-01-24 07:19 - 2014-01-24 07:19 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2014-01-24 07:19 - 2014-01-24 07:19 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2014-01-24 07:08 - 2014-02-05 07:03 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Ucitva
2014-01-24 07:08 - 2014-02-03 11:29 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Xeicci
2014-01-22 14:17 - 2014-01-22 14:17 - 00000232 _____ () C:\Users\gabris\Desktop\Docházkový systém.URL
2014-01-15 09:38 - 2014-01-15 09:38 - 00000000 ____D () C:\Program Files (x86)\pdfforge Toolbar
2014-01-15 09:38 - 2014-01-15 09:38 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-01-15 07:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 07:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 07:37 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 07:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 14:33 - 2014-02-03 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-07 07:07 - 2014-02-06 12:30 - 00000000 ____D () C:\ProgramData\Datamngr
2014-01-07 07:07 - 2014-01-07 07:07 - 00000000 ____D () C:\extensions
==================== One Month Modified Files and Folders =======
2014-02-06 12:40 - 2014-02-06 12:40 - 00029696 _____ () C:\Users\gabris\AppData\Local\MSGBOX.EXE
2014-02-06 12:40 - 2014-02-06 12:40 - 00026949 _____ () C:\Users\gabris\Desktop\FRST.txt
2014-02-06 12:40 - 2014-02-06 12:40 - 00015327 _____ () C:\Users\gabris\Desktop\LM.bat
2014-02-06 12:40 - 2014-02-06 12:36 - 00000000 ____D () C:\FRST
2014-02-06 12:36 - 2009-07-14 06:13 - 00730448 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 12:36 - 2009-07-14 05:45 - 00015184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 12:36 - 2009-07-14 05:45 - 00015184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 12:34 - 2013-04-29 06:39 - 00000000 ____D () C:\QUARANTINE
2014-02-06 12:34 - 2009-07-14 05:51 - 00058403 _____ () C:\Windows\setupact.log
2014-02-06 12:30 - 2014-01-07 07:07 - 00000000 ____D () C:\ProgramData\Datamngr
2014-02-06 12:29 - 2013-11-21 09:34 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-02-06 12:29 - 2012-09-24 09:03 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 12:29 - 2012-04-26 14:00 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Skype
2014-02-06 12:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 12:21 - 2014-01-27 07:51 - 02813440 _____ () C:\Users\gabris\Desktop\Kópia - Zoznam objednavok.xls
2014-02-06 12:21 - 2012-04-26 14:07 - 00000000 ____D () C:\ProgramData\firebird
2014-02-06 12:19 - 2012-05-03 10:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 11:45 - 2012-05-02 06:31 - 00000000 ____D () C:\Users\gabris\Desktop\pdf dokumenty
2014-02-06 11:44 - 2012-09-24 09:03 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 11:42 - 2014-02-06 11:41 - 00000000 ____D () C:\Users\gabris\Desktop\Expedičné listy
2014-02-06 11:40 - 2012-05-02 06:31 - 00000000 ____D () C:\Users\gabris\Desktop\jpg dokumenty
2014-02-06 11:27 - 2014-02-06 12:36 - 02082304 _____ (Farbar) C:\Users\gabris\Desktop\FRST64.exe
2014-02-06 11:27 - 2014-02-06 12:36 - 00112640 _____ (forum.viry.cz) C:\Users\gabris\Desktop\FRSTLauncher.exe
2014-02-06 11:23 - 2012-05-02 06:21 - 00001539 _____ () C:\Users\gabris\Desktop\Zástupce - listok.lnk
2014-02-06 10:40 - 2012-04-25 17:08 - 00000120 _____ () C:\Windows\system32\config\netlogon.ftl
2014-02-06 10:05 - 2013-02-28 10:38 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Yontoo
2014-02-06 07:08 - 2012-04-26 15:50 - 00000030 _____ () C:\Windows\system32\assist.err
2014-02-06 07:04 - 2012-04-25 15:49 - 00303476 _____ () C:\Windows\PFRO.log
2014-02-05 12:30 - 2014-02-05 12:30 - 00062189 ____N () C:\Users\gabris\Desktop\Nákup dispečing 5.2.2014.xlsx
2014-02-05 10:28 - 2014-02-04 10:17 - 00000000 ____D () C:\Users\gabris\AppData\Local\HP
2014-02-05 07:12 - 2014-02-05 07:12 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\XulTest
2014-02-05 07:12 - 2014-02-05 07:12 - 00000000 ____D () C:\Users\gabris\AppData\Local\XulTest
2014-02-05 07:05 - 2012-05-03 10:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 07:05 - 2012-05-03 10:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 07:05 - 2012-05-03 10:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 07:05 - 2012-05-02 07:18 - 00000000 ____D () C:\Users\gabris\AppData\Local\Adobe
2014-02-05 07:03 - 2014-01-24 07:08 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Ucitva
2014-02-04 14:58 - 2013-10-31 12:44 - 00000000 ____D () C:\Users\gabris\Desktop\Objednávky. objednané
2014-02-03 11:29 - 2014-01-24 07:08 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Xeicci
2014-02-03 10:28 - 2014-02-03 10:28 - 00003480 _____ () C:\Windows\System32\Tasks\HPLJCustParticipation
2014-02-03 10:28 - 2014-02-03 10:28 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\HpUpdate
2014-02-03 10:28 - 2013-01-28 13:58 - 00000000 ____D () C:\ProgramData\HP
2014-02-03 10:28 - 2012-05-31 07:26 - 00000000 ____D () C:\Program Files (x86)\HP
2014-02-03 10:28 - 2012-04-25 17:12 - 00000000 ___RD () C:\Users\gabris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-03 10:27 - 2014-02-03 10:27 - 00000608 ___SH () C:\Windows\system32\winzvprt5.sys
2014-02-03 10:27 - 2014-02-03 10:27 - 00000242 _____ () C:\Windows\system32\hppfaxprinter5.ini
2014-02-03 10:27 - 2014-02-03 10:27 - 00000000 ____D () C:\Users\Public\Documents\HP_LaserJet_Fax_0_6
2014-02-03 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-03 10:26 - 2014-02-03 10:26 - 00001196 _____ () C:\Users\Public\Desktop\HP LJ M1530 Scan.lnk
2014-02-03 10:26 - 2014-02-03 10:26 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Hewlett-Packard Company
2014-02-03 10:26 - 2013-01-28 13:59 - 00000121 _____ () C:\Windows\SysWOW64\msiexec.log
2014-02-03 10:26 - 2013-01-28 13:59 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-03 10:24 - 2014-02-03 10:24 - 00000182 _____ () C:\Windows\system32\AddPort.ini
2014-02-03 10:24 - 2014-02-03 10:24 - 00000000 ____D () C:\Users\gabris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-02-03 10:11 - 2014-02-03 10:11 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-03 10:11 - 2014-02-03 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-03 10:11 - 2014-01-07 14:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-03 10:10 - 2012-04-26 11:09 - 00000000 ____D () C:\totalcmd
2014-01-30 07:20 - 2014-01-30 07:20 - 00000000 ____D () C:\Mozilla
2014-01-29 10:11 - 2012-04-25 17:12 - 00000000 ____D () C:\Users\gabris
2014-01-29 10:10 - 2014-01-29 10:11 - 00048128 _____ () C:\Users\gabris\remaviklyxpe.exe
2014-01-24 12:35 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-24 07:19 - 2014-01-24 07:19 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2014-01-24 07:19 - 2014-01-24 07:19 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2014-01-24 07:19 - 2012-04-25 14:35 - 00000000 ___RD () C:\Users\Matúš Gabriš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 07:08 - 2012-04-25 14:28 - 01897883 _____ () C:\Windows\WindowsUpdate.log
2014-01-22 14:17 - 2014-01-22 14:17 - 00000232 _____ () C:\Users\gabris\Desktop\Docházkový systém.URL
2014-01-16 03:22 - 2009-07-14 05:45 - 00487064 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 03:02 - 2013-08-15 14:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 03:00 - 2012-05-15 07:18 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 09:38 - 2014-01-15 09:38 - 00000000 ____D () C:\Program Files (x86)\pdfforge Toolbar
2014-01-15 09:38 - 2014-01-15 09:38 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-01-07 07:08 - 2013-11-21 09:30 - 00000000 ____D () C:\ProgramData\Wincert
2014-01-07 07:07 - 2014-01-07 07:07 - 00000000 ____D () C:\extensions
Files to move or delete:
====================
c:\program files (x86)\movies toolbar\datamngr\x64\apcrtldr.dll
c:\program files (x86)\movies toolbar\datamngr\apcrtldr.dll
C:\Users\gabris\remaviklyxpe.exe
Some content of TEMP:
====================
C:\Users\gabris\AppData\Local\Temp\addlyrics1050.exe
C:\Users\gabris\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\gabris\AppData\Local\Temp\chutil.dll
C:\Users\gabris\AppData\Local\Temp\conduitinstaller.exe
C:\Users\gabris\AppData\Local\Temp\CT1750559_ie.exe
C:\Users\gabris\AppData\Local\Temp\Delta.exe
C:\Users\gabris\AppData\Local\Temp\DeltaTB.exe
C:\Users\gabris\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit-1.exe
C:\Users\gabris\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit.exe
C:\Users\gabris\AppData\Local\Temp\htmlayout.dll
C:\Users\gabris\AppData\Local\Temp\Installmanager.exe
C:\Users\gabris\AppData\Local\Temp\iupdate.exe
C:\Users\gabris\AppData\Local\Temp\KTOutlk.dll
C:\Users\gabris\AppData\Local\Temp\MybabylonTB.exe
C:\Users\gabris\AppData\Local\Temp\nhpmonitor.exe
C:\Users\gabris\AppData\Local\Temp\nxbzawli.dll
C:\Users\gabris\AppData\Local\Temp\propsys.dll
C:\Users\gabris\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\gabris\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\gabris\AppData\Local\Temp\SkypeSetup.exe
C:\Users\gabris\AppData\Local\Temp\sqlite3.dll
C:\Users\gabris\AppData\Local\Temp\tbBS_0.dll
C:\Users\gabris\AppData\Local\Temp\tbexpr.dll
C:\Users\gabris\AppData\Local\Temp\tmp0edc5fe6.exe
C:\Users\gabris\AppData\Local\Temp\toolbar13301893.exe
C:\Users\gabris\AppData\Local\Temp\toolbar13302049.exe
C:\Users\gabris\AppData\Local\Temp\uninst1.exe
C:\Users\gabris\AppData\Local\Temp\uninstall13580277.exe
C:\Users\gabris\AppData\Local\Temp\WSSetup.exe
C:\Users\gabris\AppData\Local\Temp\ytl.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 12:03
==================== End Of Log ============================
Vopred ďakujem
Stahnete Junkware Removal Tool