Pomalé PC, prosím o kontrolu logu
Napsal: 12 úno 2014 12:31
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014 01
Ran by Vítek (administrator) on VITEK on 12-02-2014 12:21:20
Running from C:\Users\Vítek\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Software 2000 Limited) C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(forum.viry.cz) C:\Users\Vítek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-10-31] (Realtek Semiconductor)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2615624 2007-10-23] (Acronis)
HKLM\...\Run: [AcronisTimounterMonitor] - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [906648 2007-10-23] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2007-10-23] (Acronis)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [3080264 2011-09-22] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-10-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\Run: [OEXPRESS] - [X]
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\RunOnce: [SeznamInstall-uninstall:d2ebb425674ee88734492a0eb4ff51d5] - C:\Users\VTEK~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2014-02-11] ()
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\MountPoints2: {44f9f64e-afea-11dc-951f-001a4d56511b} - I:\setupSNK.exe
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\MountPoints2: {74373a53-f86d-11df-aa3a-001a4d56511b} - D:\APPInst.exe
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\MountPoints2: {d7f9359c-e964-11e1-867f-c3f2ad3f5c9f} - D:\SETUP95.EXE
Lsa: [Authentication Packages] msv1_0 relog_ap
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=EIE9HP&PC=UP50
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKCU - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatche ... tbid=60040
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://www.icq.com/search/results.php?q ... &ch_id=osd
SearchScopes: HKCU - {7A6A937F-8E0B-4C15-9E84-46A6F933476C} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox.com/search/dispatc ... 093&lng=cs
SearchScopes: HKCU - {FC243A73-96A4-4616-99B3-4B39B98BE6C3} URL = http://websearch.ask.com/redirect?clien ... F80389D5CC
BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll (Tracker Softaware)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
Toolbar: HKLM - &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
Toolbar: HKLM - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll (Tracker Softaware)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.oriflame-e-kosmetika.cz/
FF Keyword.URL: hxxp://search.toolbars.alexa.com/?ver=alxf-2.19&src=ab&aid=zPL4e1Kgie00o%2B&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Vítek\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Vítek\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Vítek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\firmycz.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\web-search-powered-by-google.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\zbocz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-09-23]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\cs@dictionaries.addons.mozilla.org [2013-01-22]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-05]
FF Extension: Seznam lištička - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-03-29]
FF Extension: No Name - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\toolbar@alexa.com.xpi [2011-07-03]
FF Extension: No Name - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\{db0832f2-613f-4afb-8b6a-155fe76eb32e}.xpi [2011-06-08]
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2014-02-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ []
FF HKLM\...\Firefox\Extensions: [{000a9d1c-beef-4f90-9363-039d445309b8}] - C:\Program Files\Google\Google Gears\Firefox\
FF Extension: Google Gears - C:\Program Files\Google\Google Gears\Firefox\ []
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-03-13]
Chrome:
=======
CHR Extension: (YouTube) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google Search) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Google Wallet) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2013-09-25]
CHR Extension: (Gmail) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR StartMenuInternet: Google Chrome - C:\Users\Vítek\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
S4 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [427288 2007-10-23] (Acronis)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [974944 2011-09-22] (ESET)
S4 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2005-01-04] (The Firebird Project)
S4 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [1527893 2005-01-04] (The Firebird Project)
S4 KoopPdfService; C:\Program Files\Kooperativa\Services\KoopPDFServer.exe [2454016 2011-01-10] ()
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S4 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
S4 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-28] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
R2 TryAndDecideService; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [495832 2007-10-23] ()
==================== Drivers (Whitelisted) ====================
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21275 2007-12-21] (Meetinghouse Data Communications)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [81936 2011-06-06] (Advanced Micro Devices)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [163424 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [118104 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [147480 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2011-08-04] (ESET)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [368736 2008-02-07] (Acronis)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2008-02-07] (Acronis)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 igfx; system32\DRIVERS\igdkmd32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RT61; system32\DRIVERS\RT61.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-12 12:07 - 2014-02-12 12:21 - 00022484 _____ () C:\Users\Vítek\Desktop\FRST.txt
2014-02-12 12:01 - 2014-02-12 12:02 - 00000000 ____D () C:\FRST
2014-02-12 12:00 - 2014-02-12 12:00 - 00112640 _____ (forum.viry.cz) C:\Users\Vítek\Desktop\FRSTLauncher.exe
2014-02-12 11:59 - 2014-02-12 11:59 - 01139712 _____ (Farbar) C:\Users\Vítek\Desktop\FRST.exe
2014-02-11 23:38 - 2014-02-11 23:38 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{0CD96D3D-0685-446B-A68B-C601EE197B25}
2014-02-11 11:16 - 2014-02-11 11:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{EBA27D69-92C7-47A3-BFCF-A5978EDCBFF7}
2014-02-10 23:16 - 2014-02-10 23:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{8B035B02-30B3-4F2C-8E65-645F70FC0522}
2014-02-10 11:15 - 2014-02-10 11:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{292AC2BB-1410-4884-830F-0E5A3BE99D1A}
2014-02-09 23:15 - 2014-02-09 23:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{54C7C163-7B47-495D-B4E6-805168A3974F}
2014-02-09 11:15 - 2014-02-09 11:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{3722D9BE-E162-4DF8-8010-B918BADCAD99}
2014-02-08 23:14 - 2014-02-08 23:14 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{4E5F929A-A593-4825-9700-911E6ECCE1F5}
2014-02-08 11:14 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{8CFDD359-A26F-4C5F-8ECB-0EC7819472BA}
2014-02-07 23:13 - 2014-02-07 23:13 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{92D90FB4-6BD0-49D2-AE70-50330C2F0425}
2014-02-07 07:43 - 2014-02-07 07:43 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{6AD0019B-0AAC-4277-8F67-B49787DBDDD0}
2014-02-06 19:43 - 2014-02-06 19:43 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{1154A75E-3281-4DC0-8388-01EED1B8B7C9}
2014-02-06 19:04 - 2014-02-06 19:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-06 07:42 - 2014-02-06 07:42 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{5F5D9C0D-0F45-49C2-B980-DFCDA9A9DB77}
2014-02-05 14:35 - 2014-02-05 14:35 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{DE821688-7DA6-4029-A7E5-027632A17466}
2014-02-05 00:21 - 2014-02-05 00:21 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{7A8D3D64-6DAE-4030-ACC8-D5FDBEBE7621}
2014-02-04 16:15 - 2014-02-06 15:13 - 00000776 _____ () C:\Users\Vítek\Desktop\SendMails.lnk
2014-02-04 16:15 - 2014-02-06 15:13 - 00000687 _____ () C:\Users\Vítek\Desktop\SendMails manuál PDF.lnk
2014-02-04 16:15 - 2014-02-06 15:13 - 00000000 ____D () C:\Program Files\SendMails
2014-02-04 12:20 - 2014-02-04 12:20 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{62EDBF14-D81B-446F-8705-6F104DD4B30E}
2014-02-04 00:20 - 2014-02-04 00:20 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{873A23A0-0F7D-4516-8FCF-63BCFC31AC01}
2014-01-21 11:41 - 2014-01-21 11:41 - 00291868 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smprtf2
2014-01-21 11:41 - 2014-01-21 11:41 - 00035238 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpadr
2014-01-21 11:41 - 2014-01-21 11:41 - 00011030 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpadrn
2014-01-21 11:41 - 2014-01-21 11:41 - 00000956 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smplog
2014-01-21 11:41 - 2014-01-21 11:41 - 00000794 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smp
2014-01-21 11:41 - 2014-01-21 11:41 - 00000704 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpsubj
2014-01-21 11:41 - 2014-01-21 11:41 - 00000670 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smptxt2
2014-01-21 11:41 - 2014-01-21 11:41 - 00000640 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smphtml2
2014-01-21 11:41 - 2014-01-21 11:41 - 00000005 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpomem
2014-01-21 11:41 - 2014-01-21 11:41 - 00000000 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpatt
2014-01-21 11:15 - 2014-01-21 11:39 - 00291868 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smprtf2
2014-01-21 11:15 - 2014-01-21 11:39 - 00250458 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smplog
2014-01-21 11:15 - 2014-01-21 11:39 - 00034147 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpadr
2014-01-21 11:15 - 2014-01-21 11:39 - 00011030 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpadrn
2014-01-21 11:15 - 2014-01-21 11:39 - 00000794 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smp
2014-01-21 11:15 - 2014-01-21 11:39 - 00000704 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpsubj
2014-01-21 11:15 - 2014-01-21 11:39 - 00000670 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smptxt2
2014-01-21 11:15 - 2014-01-21 11:39 - 00000640 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smphtml2
2014-01-21 11:15 - 2014-01-21 11:39 - 00000005 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpomem
2014-01-21 11:15 - 2014-01-21 11:39 - 00000000 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpatt
2014-01-16 09:17 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-16 09:17 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-16 09:17 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-16 09:17 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-16 09:16 - 2014-01-16 09:17 - 00005298 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-15 10:29 - 2014-01-15 10:29 - 00004608 _____ () C:\Users\Vítek\Downloads\tree.xls
2014-01-15 10:26 - 2014-01-15 10:26 - 00001448 _____ () C:\Users\Vítek\Downloads\report.xls
==================== One Month Modified Files and Folders =======
2014-02-12 12:21 - 2014-02-12 12:07 - 00022484 _____ () C:\Users\Vítek\Desktop\FRST.txt
2014-02-12 12:02 - 2014-02-12 12:01 - 00000000 ____D () C:\FRST
2014-02-12 12:00 - 2014-02-12 12:00 - 00112640 _____ (forum.viry.cz) C:\Users\Vítek\Desktop\FRSTLauncher.exe
2014-02-12 11:59 - 2014-02-12 11:59 - 01139712 _____ (Farbar) C:\Users\Vítek\Desktop\FRST.exe
2014-02-12 11:57 - 2009-07-01 07:27 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102432394-2755357371-3648797907-1002UA.job
2014-02-12 11:40 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-12 11:40 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-12 11:04 - 2010-01-29 10:30 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-12 09:04 - 2010-01-29 10:30 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-12 07:57 - 2009-07-01 07:27 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102432394-2755357371-3648797907-1002Core.job
2014-02-12 07:45 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-12 07:40 - 2007-12-21 19:18 - 02043179 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 23:38 - 2014-02-11 23:38 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{0CD96D3D-0685-446B-A68B-C601EE197B25}
2014-02-11 23:22 - 2006-11-02 11:33 - 01684402 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-11 22:30 - 2007-12-26 01:08 - 00000000 ____D () C:\Program Files\Google
2014-02-11 22:25 - 2014-01-06 23:38 - 00000000 ____D () C:\Users\Vítek\AppData\Roaming\Seznam.cz
2014-02-11 22:25 - 2009-04-30 11:14 - 00000000 ____D () C:\Program Files\Nokia
2014-02-11 22:09 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-11 22:08 - 2006-11-02 14:01 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-11 20:26 - 2012-09-28 22:22 - 00000000 ____D () C:\ProgramData\firebird
2014-02-11 20:26 - 2011-04-18 22:11 - 00000000 ____D () C:\Users\Vítek\Documents\MailStore Home
2014-02-11 11:16 - 2014-02-11 11:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{EBA27D69-92C7-47A3-BFCF-A5978EDCBFF7}
2014-02-10 23:16 - 2014-02-10 23:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{8B035B02-30B3-4F2C-8E65-645F70FC0522}
2014-02-10 11:16 - 2014-02-10 11:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{292AC2BB-1410-4884-830F-0E5A3BE99D1A}
2014-02-09 23:15 - 2014-02-09 23:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{54C7C163-7B47-495D-B4E6-805168A3974F}
2014-02-09 11:15 - 2014-02-09 11:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{3722D9BE-E162-4DF8-8010-B918BADCAD99}
2014-02-08 23:14 - 2014-02-08 23:14 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{4E5F929A-A593-4825-9700-911E6ECCE1F5}
2014-02-08 14:03 - 2012-04-24 22:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-08 11:14 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{8CFDD359-A26F-4C5F-8ECB-0EC7819472BA}
2014-02-08 00:55 - 2009-03-08 22:41 - 00000000 ____D () C:\FORM studio 2009
2014-02-07 23:13 - 2014-02-07 23:13 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{92D90FB4-6BD0-49D2-AE70-50330C2F0425}
2014-02-07 07:43 - 2014-02-07 07:43 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{6AD0019B-0AAC-4277-8F67-B49787DBDDD0}
2014-02-06 19:43 - 2014-02-06 19:43 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{1154A75E-3281-4DC0-8388-01EED1B8B7C9}
2014-02-06 19:05 - 2014-02-06 19:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-06 19:04 - 2011-03-23 13:09 - 00000000 ____D () C:\ProgramData\Microsoft NT Ident
2014-02-06 15:13 - 2014-02-04 16:15 - 00000776 _____ () C:\Users\Vítek\Desktop\SendMails.lnk
2014-02-06 15:13 - 2014-02-04 16:15 - 00000687 _____ () C:\Users\Vítek\Desktop\SendMails manuál PDF.lnk
2014-02-06 15:13 - 2014-02-04 16:15 - 00000000 ____D () C:\Program Files\SendMails
2014-02-06 07:42 - 2014-02-06 07:42 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{5F5D9C0D-0F45-49C2-B980-DFCDA9A9DB77}
2014-02-05 15:32 - 2012-04-11 06:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 15:32 - 2011-06-28 07:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 14:35 - 2014-02-05 14:35 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{DE821688-7DA6-4029-A7E5-027632A17466}
2014-02-05 00:21 - 2014-02-05 00:21 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{7A8D3D64-6DAE-4030-ACC8-D5FDBEBE7621}
2014-02-04 16:15 - 2011-03-23 13:09 - 00000000 ____D () C:\ProgramData\SendMails
2014-02-04 12:20 - 2014-02-04 12:20 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{62EDBF14-D81B-446F-8705-6F104DD4B30E}
2014-02-04 09:44 - 2008-12-08 20:44 - 00000000 ____D () C:\Users\Vítek\AppData\Roaming\SmarThru4
2014-02-04 00:30 - 2009-03-09 15:49 - 00002079 _____ () C:\Users\Vítek\Desktop\Google Chrome.lnk
2014-02-04 00:20 - 2014-02-04 00:20 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{873A23A0-0F7D-4516-8FCF-63BCFC31AC01}
2014-02-03 23:00 - 2007-12-19 23:09 - 00082432 _____ () C:\Users\Vítek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-03 14:29 - 2008-01-19 12:36 - 00000000 ____D () C:\Users\Vítek\Documents\_Pajuska
2014-02-01 16:35 - 2008-01-11 18:06 - 00000000 ___SD () C:\Users\Vítek\Documents\Weby
2014-01-21 11:41 - 2014-01-21 11:41 - 00291868 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smprtf2
2014-01-21 11:41 - 2014-01-21 11:41 - 00035238 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpadr
2014-01-21 11:41 - 2014-01-21 11:41 - 00011030 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpadrn
2014-01-21 11:41 - 2014-01-21 11:41 - 00000956 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smplog
2014-01-21 11:41 - 2014-01-21 11:41 - 00000794 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smp
2014-01-21 11:41 - 2014-01-21 11:41 - 00000704 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpsubj
2014-01-21 11:41 - 2014-01-21 11:41 - 00000670 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smptxt2
2014-01-21 11:41 - 2014-01-21 11:41 - 00000640 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smphtml2
2014-01-21 11:41 - 2014-01-21 11:41 - 00000005 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpomem
2014-01-21 11:41 - 2014-01-21 11:41 - 00000000 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpatt
2014-01-21 11:40 - 2012-02-25 17:28 - 00000000 ____D () C:\Users\Vítek\Documents\log
2014-01-21 11:39 - 2014-01-21 11:15 - 00291868 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smprtf2
2014-01-21 11:39 - 2014-01-21 11:15 - 00250458 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smplog
2014-01-21 11:39 - 2014-01-21 11:15 - 00034147 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpadr
2014-01-21 11:39 - 2014-01-21 11:15 - 00011030 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpadrn
2014-01-21 11:39 - 2014-01-21 11:15 - 00000794 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smp
2014-01-21 11:39 - 2014-01-21 11:15 - 00000704 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpsubj
2014-01-21 11:39 - 2014-01-21 11:15 - 00000670 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smptxt2
2014-01-21 11:39 - 2014-01-21 11:15 - 00000640 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smphtml2
2014-01-21 11:39 - 2014-01-21 11:15 - 00000005 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpomem
2014-01-21 11:39 - 2014-01-21 11:15 - 00000000 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpatt
2014-01-16 09:18 - 2013-09-14 20:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-16 09:18 - 2011-08-10 12:29 - 00000000 ____D () C:\Users\Vítek\AppData\Local\Adobe
2014-01-16 09:17 - 2014-01-16 09:16 - 00005298 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-16 09:17 - 2013-09-14 20:41 - 00000000 ____D () C:\Program Files\Java
2014-01-16 01:18 - 2007-11-16 11:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 01:15 - 2013-08-14 12:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 01:12 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-15 10:29 - 2014-01-15 10:29 - 00004608 _____ () C:\Users\Vítek\Downloads\tree.xls
2014-01-15 10:26 - 2014-01-15 10:26 - 00001448 _____ () C:\Users\Vítek\Downloads\report.xls
Files to move or delete:
====================
C:\ProgramData\ezsid.dat
Some content of TEMP:
====================
C:\Users\oem.oem-PC\AppData\Local\Temp\AutoRun.exe
C:\Users\oem.oem-PC\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\oem.oem-PC\AppData\Local\Temp\EAInstall.dll
C:\Users\oem.oem-PC\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\oem.oem-PC\AppData\Local\Temp\Harry Potter and the Order of the Phoenix_uninst.exe
C:\Users\Vítek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-12 10:17
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:207.45 GB) (Free:40.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Available physical RAM: 784.62 MB
Total physical RAM: 2045.77 MB
Percentage of memory in use: 61%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298 GB) (Disk ID: 6CF5A4D6)
Partition 1: (Active) - (Size=207 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=91 GB) - (Type=05)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102432394-2755357371-3648797907-1002Core.job => C:\Users\Vítek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102432394-2755357371-3648797907-1002UA.job => C:\Users\Vítek\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\V�tek\Desktop" je 8876 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3170 Scan2PC
"C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater
"C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\V�tek\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp
C:\Windows\system32\PrintDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr
C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG
C:\Program Files\Windows Media Player\WMPNSCFG.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk
C:\PROGRA~1\RALINK\Common\RaUI.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Smart Panel.lnk
C:\Windows\Samsung\PanelMgr\SSMMgr.exe /smartpanel %Samsung CLX-3170 Series% [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^V�tek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk
C:\PROGRA~1\KOOPER~1\KoopPxBN\KOOPPD~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^V�tek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PMB Media Check Tool.lnk
C:\PROGRA~1\Sony\SONYPI~1\PMBCore\SPUVOL~1.EXE /noballoononstart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^V�tek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~1\Clarus\SAMSUN~1\ISFGuage.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Vítek (administrator) on VITEK on 12-02-2014 12:21:20
Running from C:\Users\Vítek\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Software 2000 Limited) C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(forum.viry.cz) C:\Users\Vítek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-10-31] (Realtek Semiconductor)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2615624 2007-10-23] (Acronis)
HKLM\...\Run: [AcronisTimounterMonitor] - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [906648 2007-10-23] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2007-10-23] (Acronis)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [3080264 2011-09-22] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-10-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\Run: [OEXPRESS] - [X]
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\RunOnce: [SeznamInstall-uninstall:d2ebb425674ee88734492a0eb4ff51d5] - C:\Users\VTEK~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2014-02-11] ()
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\MountPoints2: {44f9f64e-afea-11dc-951f-001a4d56511b} - I:\setupSNK.exe
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\MountPoints2: {74373a53-f86d-11df-aa3a-001a4d56511b} - D:\APPInst.exe
HKU\S-1-5-21-1102432394-2755357371-3648797907-1002\...\MountPoints2: {d7f9359c-e964-11e1-867f-c3f2ad3f5c9f} - D:\SETUP95.EXE
Lsa: [Authentication Packages] msv1_0 relog_ap
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=EIE9HP&PC=UP50
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKCU - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatche ... tbid=60040
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://www.icq.com/search/results.php?q ... &ch_id=osd
SearchScopes: HKCU - {7A6A937F-8E0B-4C15-9E84-46A6F933476C} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox.com/search/dispatc ... 093&lng=cs
SearchScopes: HKCU - {FC243A73-96A4-4616-99B3-4B39B98BE6C3} URL = http://websearch.ask.com/redirect?clien ... F80389D5CC
BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll (Tracker Softaware)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
Toolbar: HKLM - &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
Toolbar: HKLM - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll (Tracker Softaware)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.oriflame-e-kosmetika.cz/
FF Keyword.URL: hxxp://search.toolbars.alexa.com/?ver=alxf-2.19&src=ab&aid=zPL4e1Kgie00o%2B&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Vítek\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Vítek\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Vítek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\firmycz.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\web-search-powered-by-google.xml
FF SearchPlugin: C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\searchplugins\zbocz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-09-23]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\cs@dictionaries.addons.mozilla.org [2013-01-22]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-05]
FF Extension: Seznam lištička - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-03-29]
FF Extension: No Name - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\toolbar@alexa.com.xpi [2011-07-03]
FF Extension: No Name - C:\Users\Vítek\AppData\Roaming\Mozilla\Firefox\Profiles\j1kh7c0r.default\Extensions\{db0832f2-613f-4afb-8b6a-155fe76eb32e}.xpi [2011-06-08]
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2014-02-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ []
FF HKLM\...\Firefox\Extensions: [{000a9d1c-beef-4f90-9363-039d445309b8}] - C:\Program Files\Google\Google Gears\Firefox\
FF Extension: Google Gears - C:\Program Files\Google\Google Gears\Firefox\ []
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-03-13]
Chrome:
=======
CHR Extension: (YouTube) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google Search) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Google Wallet) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2013-09-25]
CHR Extension: (Gmail) - C:\Users\Vítek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR StartMenuInternet: Google Chrome - C:\Users\Vítek\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
S4 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [427288 2007-10-23] (Acronis)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [974944 2011-09-22] (ESET)
S4 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2005-01-04] (The Firebird Project)
S4 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [1527893 2005-01-04] (The Firebird Project)
S4 KoopPdfService; C:\Program Files\Kooperativa\Services\KoopPDFServer.exe [2454016 2011-01-10] ()
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S4 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
S4 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-28] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
R2 TryAndDecideService; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [495832 2007-10-23] ()
==================== Drivers (Whitelisted) ====================
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21275 2007-12-21] (Meetinghouse Data Communications)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [81936 2011-06-06] (Advanced Micro Devices)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [163424 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [118104 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [147480 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2011-08-04] (ESET)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [368736 2008-02-07] (Acronis)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2008-02-07] (Acronis)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 igfx; system32\DRIVERS\igdkmd32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RT61; system32\DRIVERS\RT61.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-12 12:07 - 2014-02-12 12:21 - 00022484 _____ () C:\Users\Vítek\Desktop\FRST.txt
2014-02-12 12:01 - 2014-02-12 12:02 - 00000000 ____D () C:\FRST
2014-02-12 12:00 - 2014-02-12 12:00 - 00112640 _____ (forum.viry.cz) C:\Users\Vítek\Desktop\FRSTLauncher.exe
2014-02-12 11:59 - 2014-02-12 11:59 - 01139712 _____ (Farbar) C:\Users\Vítek\Desktop\FRST.exe
2014-02-11 23:38 - 2014-02-11 23:38 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{0CD96D3D-0685-446B-A68B-C601EE197B25}
2014-02-11 11:16 - 2014-02-11 11:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{EBA27D69-92C7-47A3-BFCF-A5978EDCBFF7}
2014-02-10 23:16 - 2014-02-10 23:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{8B035B02-30B3-4F2C-8E65-645F70FC0522}
2014-02-10 11:15 - 2014-02-10 11:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{292AC2BB-1410-4884-830F-0E5A3BE99D1A}
2014-02-09 23:15 - 2014-02-09 23:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{54C7C163-7B47-495D-B4E6-805168A3974F}
2014-02-09 11:15 - 2014-02-09 11:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{3722D9BE-E162-4DF8-8010-B918BADCAD99}
2014-02-08 23:14 - 2014-02-08 23:14 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{4E5F929A-A593-4825-9700-911E6ECCE1F5}
2014-02-08 11:14 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{8CFDD359-A26F-4C5F-8ECB-0EC7819472BA}
2014-02-07 23:13 - 2014-02-07 23:13 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{92D90FB4-6BD0-49D2-AE70-50330C2F0425}
2014-02-07 07:43 - 2014-02-07 07:43 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{6AD0019B-0AAC-4277-8F67-B49787DBDDD0}
2014-02-06 19:43 - 2014-02-06 19:43 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{1154A75E-3281-4DC0-8388-01EED1B8B7C9}
2014-02-06 19:04 - 2014-02-06 19:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-06 07:42 - 2014-02-06 07:42 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{5F5D9C0D-0F45-49C2-B980-DFCDA9A9DB77}
2014-02-05 14:35 - 2014-02-05 14:35 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{DE821688-7DA6-4029-A7E5-027632A17466}
2014-02-05 00:21 - 2014-02-05 00:21 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{7A8D3D64-6DAE-4030-ACC8-D5FDBEBE7621}
2014-02-04 16:15 - 2014-02-06 15:13 - 00000776 _____ () C:\Users\Vítek\Desktop\SendMails.lnk
2014-02-04 16:15 - 2014-02-06 15:13 - 00000687 _____ () C:\Users\Vítek\Desktop\SendMails manuál PDF.lnk
2014-02-04 16:15 - 2014-02-06 15:13 - 00000000 ____D () C:\Program Files\SendMails
2014-02-04 12:20 - 2014-02-04 12:20 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{62EDBF14-D81B-446F-8705-6F104DD4B30E}
2014-02-04 00:20 - 2014-02-04 00:20 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{873A23A0-0F7D-4516-8FCF-63BCFC31AC01}
2014-01-21 11:41 - 2014-01-21 11:41 - 00291868 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smprtf2
2014-01-21 11:41 - 2014-01-21 11:41 - 00035238 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpadr
2014-01-21 11:41 - 2014-01-21 11:41 - 00011030 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpadrn
2014-01-21 11:41 - 2014-01-21 11:41 - 00000956 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smplog
2014-01-21 11:41 - 2014-01-21 11:41 - 00000794 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smp
2014-01-21 11:41 - 2014-01-21 11:41 - 00000704 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpsubj
2014-01-21 11:41 - 2014-01-21 11:41 - 00000670 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smptxt2
2014-01-21 11:41 - 2014-01-21 11:41 - 00000640 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smphtml2
2014-01-21 11:41 - 2014-01-21 11:41 - 00000005 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpomem
2014-01-21 11:41 - 2014-01-21 11:41 - 00000000 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpatt
2014-01-21 11:15 - 2014-01-21 11:39 - 00291868 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smprtf2
2014-01-21 11:15 - 2014-01-21 11:39 - 00250458 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smplog
2014-01-21 11:15 - 2014-01-21 11:39 - 00034147 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpadr
2014-01-21 11:15 - 2014-01-21 11:39 - 00011030 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpadrn
2014-01-21 11:15 - 2014-01-21 11:39 - 00000794 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smp
2014-01-21 11:15 - 2014-01-21 11:39 - 00000704 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpsubj
2014-01-21 11:15 - 2014-01-21 11:39 - 00000670 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smptxt2
2014-01-21 11:15 - 2014-01-21 11:39 - 00000640 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smphtml2
2014-01-21 11:15 - 2014-01-21 11:39 - 00000005 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpomem
2014-01-21 11:15 - 2014-01-21 11:39 - 00000000 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpatt
2014-01-16 09:17 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-16 09:17 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-16 09:17 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-16 09:17 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-16 09:16 - 2014-01-16 09:17 - 00005298 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-15 10:29 - 2014-01-15 10:29 - 00004608 _____ () C:\Users\Vítek\Downloads\tree.xls
2014-01-15 10:26 - 2014-01-15 10:26 - 00001448 _____ () C:\Users\Vítek\Downloads\report.xls
==================== One Month Modified Files and Folders =======
2014-02-12 12:21 - 2014-02-12 12:07 - 00022484 _____ () C:\Users\Vítek\Desktop\FRST.txt
2014-02-12 12:02 - 2014-02-12 12:01 - 00000000 ____D () C:\FRST
2014-02-12 12:00 - 2014-02-12 12:00 - 00112640 _____ (forum.viry.cz) C:\Users\Vítek\Desktop\FRSTLauncher.exe
2014-02-12 11:59 - 2014-02-12 11:59 - 01139712 _____ (Farbar) C:\Users\Vítek\Desktop\FRST.exe
2014-02-12 11:57 - 2009-07-01 07:27 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102432394-2755357371-3648797907-1002UA.job
2014-02-12 11:40 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-12 11:40 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-12 11:04 - 2010-01-29 10:30 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-12 09:04 - 2010-01-29 10:30 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-12 07:57 - 2009-07-01 07:27 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102432394-2755357371-3648797907-1002Core.job
2014-02-12 07:45 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-12 07:40 - 2007-12-21 19:18 - 02043179 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 23:38 - 2014-02-11 23:38 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{0CD96D3D-0685-446B-A68B-C601EE197B25}
2014-02-11 23:22 - 2006-11-02 11:33 - 01684402 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-11 22:30 - 2007-12-26 01:08 - 00000000 ____D () C:\Program Files\Google
2014-02-11 22:25 - 2014-01-06 23:38 - 00000000 ____D () C:\Users\Vítek\AppData\Roaming\Seznam.cz
2014-02-11 22:25 - 2009-04-30 11:14 - 00000000 ____D () C:\Program Files\Nokia
2014-02-11 22:09 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-11 22:08 - 2006-11-02 14:01 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-11 20:26 - 2012-09-28 22:22 - 00000000 ____D () C:\ProgramData\firebird
2014-02-11 20:26 - 2011-04-18 22:11 - 00000000 ____D () C:\Users\Vítek\Documents\MailStore Home
2014-02-11 11:16 - 2014-02-11 11:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{EBA27D69-92C7-47A3-BFCF-A5978EDCBFF7}
2014-02-10 23:16 - 2014-02-10 23:16 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{8B035B02-30B3-4F2C-8E65-645F70FC0522}
2014-02-10 11:16 - 2014-02-10 11:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{292AC2BB-1410-4884-830F-0E5A3BE99D1A}
2014-02-09 23:15 - 2014-02-09 23:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{54C7C163-7B47-495D-B4E6-805168A3974F}
2014-02-09 11:15 - 2014-02-09 11:15 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{3722D9BE-E162-4DF8-8010-B918BADCAD99}
2014-02-08 23:14 - 2014-02-08 23:14 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{4E5F929A-A593-4825-9700-911E6ECCE1F5}
2014-02-08 14:03 - 2012-04-24 22:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-08 11:14 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{8CFDD359-A26F-4C5F-8ECB-0EC7819472BA}
2014-02-08 00:55 - 2009-03-08 22:41 - 00000000 ____D () C:\FORM studio 2009
2014-02-07 23:13 - 2014-02-07 23:13 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{92D90FB4-6BD0-49D2-AE70-50330C2F0425}
2014-02-07 07:43 - 2014-02-07 07:43 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{6AD0019B-0AAC-4277-8F67-B49787DBDDD0}
2014-02-06 19:43 - 2014-02-06 19:43 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{1154A75E-3281-4DC0-8388-01EED1B8B7C9}
2014-02-06 19:05 - 2014-02-06 19:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-06 19:04 - 2011-03-23 13:09 - 00000000 ____D () C:\ProgramData\Microsoft NT Ident
2014-02-06 15:13 - 2014-02-04 16:15 - 00000776 _____ () C:\Users\Vítek\Desktop\SendMails.lnk
2014-02-06 15:13 - 2014-02-04 16:15 - 00000687 _____ () C:\Users\Vítek\Desktop\SendMails manuál PDF.lnk
2014-02-06 15:13 - 2014-02-04 16:15 - 00000000 ____D () C:\Program Files\SendMails
2014-02-06 07:42 - 2014-02-06 07:42 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{5F5D9C0D-0F45-49C2-B980-DFCDA9A9DB77}
2014-02-05 15:32 - 2012-04-11 06:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 15:32 - 2011-06-28 07:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 14:35 - 2014-02-05 14:35 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{DE821688-7DA6-4029-A7E5-027632A17466}
2014-02-05 00:21 - 2014-02-05 00:21 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{7A8D3D64-6DAE-4030-ACC8-D5FDBEBE7621}
2014-02-04 16:15 - 2011-03-23 13:09 - 00000000 ____D () C:\ProgramData\SendMails
2014-02-04 12:20 - 2014-02-04 12:20 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{62EDBF14-D81B-446F-8705-6F104DD4B30E}
2014-02-04 09:44 - 2008-12-08 20:44 - 00000000 ____D () C:\Users\Vítek\AppData\Roaming\SmarThru4
2014-02-04 00:30 - 2009-03-09 15:49 - 00002079 _____ () C:\Users\Vítek\Desktop\Google Chrome.lnk
2014-02-04 00:20 - 2014-02-04 00:20 - 00000000 ____D () C:\Users\Vítek\AppData\Local\{873A23A0-0F7D-4516-8FCF-63BCFC31AC01}
2014-02-03 23:00 - 2007-12-19 23:09 - 00082432 _____ () C:\Users\Vítek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-03 14:29 - 2008-01-19 12:36 - 00000000 ____D () C:\Users\Vítek\Documents\_Pajuska
2014-02-01 16:35 - 2008-01-11 18:06 - 00000000 ___SD () C:\Users\Vítek\Documents\Weby
2014-01-21 11:41 - 2014-01-21 11:41 - 00291868 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smprtf2
2014-01-21 11:41 - 2014-01-21 11:41 - 00035238 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpadr
2014-01-21 11:41 - 2014-01-21 11:41 - 00011030 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpadrn
2014-01-21 11:41 - 2014-01-21 11:41 - 00000956 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smplog
2014-01-21 11:41 - 2014-01-21 11:41 - 00000794 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smp
2014-01-21 11:41 - 2014-01-21 11:41 - 00000704 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpsubj
2014-01-21 11:41 - 2014-01-21 11:41 - 00000670 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smptxt2
2014-01-21 11:41 - 2014-01-21 11:41 - 00000640 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smphtml2
2014-01-21 11:41 - 2014-01-21 11:41 - 00000005 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpomem
2014-01-21 11:41 - 2014-01-21 11:41 - 00000000 _____ () C:\Users\Vítek\Documents\Nový katalog Oriflame 2-2014.smpatt
2014-01-21 11:40 - 2012-02-25 17:28 - 00000000 ____D () C:\Users\Vítek\Documents\log
2014-01-21 11:39 - 2014-01-21 11:15 - 00291868 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smprtf2
2014-01-21 11:39 - 2014-01-21 11:15 - 00250458 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smplog
2014-01-21 11:39 - 2014-01-21 11:15 - 00034147 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpadr
2014-01-21 11:39 - 2014-01-21 11:15 - 00011030 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpadrn
2014-01-21 11:39 - 2014-01-21 11:15 - 00000794 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smp
2014-01-21 11:39 - 2014-01-21 11:15 - 00000704 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpsubj
2014-01-21 11:39 - 2014-01-21 11:15 - 00000670 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smptxt2
2014-01-21 11:39 - 2014-01-21 11:15 - 00000640 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smphtml2
2014-01-21 11:39 - 2014-01-21 11:15 - 00000005 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpomem
2014-01-21 11:39 - 2014-01-21 11:15 - 00000000 _____ () C:\Users\Vítek\Documents\Katalog Oriflame 2-2014.smpatt
2014-01-16 09:18 - 2013-09-14 20:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-16 09:18 - 2011-08-10 12:29 - 00000000 ____D () C:\Users\Vítek\AppData\Local\Adobe
2014-01-16 09:17 - 2014-01-16 09:16 - 00005298 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-16 09:17 - 2013-09-14 20:41 - 00000000 ____D () C:\Program Files\Java
2014-01-16 01:18 - 2007-11-16 11:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 01:15 - 2013-08-14 12:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 01:12 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-15 10:29 - 2014-01-15 10:29 - 00004608 _____ () C:\Users\Vítek\Downloads\tree.xls
2014-01-15 10:26 - 2014-01-15 10:26 - 00001448 _____ () C:\Users\Vítek\Downloads\report.xls
Files to move or delete:
====================
C:\ProgramData\ezsid.dat
Some content of TEMP:
====================
C:\Users\oem.oem-PC\AppData\Local\Temp\AutoRun.exe
C:\Users\oem.oem-PC\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\oem.oem-PC\AppData\Local\Temp\EAInstall.dll
C:\Users\oem.oem-PC\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\oem.oem-PC\AppData\Local\Temp\Harry Potter and the Order of the Phoenix_uninst.exe
C:\Users\Vítek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-12 10:17
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:207.45 GB) (Free:40.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Available physical RAM: 784.62 MB
Total physical RAM: 2045.77 MB
Percentage of memory in use: 61%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298 GB) (Disk ID: 6CF5A4D6)
Partition 1: (Active) - (Size=207 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=91 GB) - (Type=05)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102432394-2755357371-3648797907-1002Core.job => C:\Users\Vítek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102432394-2755357371-3648797907-1002UA.job => C:\Users\Vítek\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\V�tek\Desktop" je 8876 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3170 Scan2PC
"C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater
"C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\V�tek\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp
C:\Windows\system32\PrintDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr
C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG
C:\Program Files\Windows Media Player\WMPNSCFG.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk
C:\PROGRA~1\RALINK\Common\RaUI.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Smart Panel.lnk
C:\Windows\Samsung\PanelMgr\SSMMgr.exe /smartpanel %Samsung CLX-3170 Series% [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^V�tek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk
C:\PROGRA~1\KOOPER~1\KoopPxBN\KOOPPD~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^V�tek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PMB Media Check Tool.lnk
C:\PROGRA~1\Sony\SONYPI~1\PMBCore\SPUVOL~1.EXE /noballoononstart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^V�tek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~1\Clarus\SAMSUN~1\ISFGuage.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================