prosím o kontrolu logu - pomalé načítaní stránek
Napsal: 02 bře 2014 13:20
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 01
Ran by Ajik (administrator) on AJIK-PC on 02-03-2014 13:09:25
Running from C:\Users\Ajik\Desktop
Windows 7 Home Premium (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(forum.viry.cz) C:\Users\Ajik\Desktop\FRSTLauncher.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [UfSeAgnt.exe] - C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1022904 2010-02-23] (Trend Micro Inc.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] - C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-08-26] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2552856 2014-02-05] ()
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\Run: [Pokki] - C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\RunOnce: [Application Restart #1] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464 2014-02-20] (Google Inc.)
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\MountPoints2: {f368681a-58cc-11e1-b495-1c4bd6192788} - F:\Autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: 1ClickMovieDownloader V6 - {11111111-1111-1111-1111-110411591167} - No File
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Ajik\AppData\Roaming\Mozilla\Firefox\Profiles\hbhoiud5.default
FF user.js: detected! => C:\Users\Ajik\AppData\Roaming\Mozilla\Firefox\Profiles\hbhoiud5.default\user.js
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://mysearch.avg.com?cid={895FA8B4-1108-4A9F-A9FF-FEBE235B862C}&mid=2f084e85820e47d2b4c7cd0290fdce7b-cb97dc307db1e3d3e5a938ecf793a8c929ab1fb7&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=&v=17.3.1.91&pid=safeguard&sg=&sap=hp
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91
FF Extension: No Name - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91 [2014-02-02]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR Extension: (Dokumenty Google) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-01]
CHR Extension: (Disk Google) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-01]
CHR Extension: (YouTube) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-01]
CHR Extension: (avast! Online Security) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-01]
CHR Extension: (Skype Click to Call) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-01]
CHR Extension: (Peněženka Google) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-01]
CHR Extension: (Gmail) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
==================== Services (Whitelisted) =================
S2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [859712 2010-10-09] (Trend Micro Inc.)
S3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [570632 2010-02-23] (Trend Micro Inc.)
S3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [917768 2010-02-23] (Trend Micro Inc.)
S2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1772056 2014-02-02] (AVG Secure Search)
S2 HitmanPro37CrusaderBoot; "F:\vir\HitmanPro_x64.exe" /crusader:boot [X]
==================== Drivers (Whitelisted) ====================
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2014-02-02] (AVG Technologies)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
S2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [107536 2010-02-23] (Trend Micro Inc.)
S2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
S2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-02-26] (StdLib)
U3 tmlwf;
U3 tmwfp;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-02 13:09 - 2014-03-02 13:10 - 00015299 _____ () C:\Users\Ajik\Desktop\FRST.txt
2014-03-02 13:08 - 2014-03-02 13:09 - 00000000 ____D () C:\FRST
2014-03-02 13:07 - 2014-03-02 13:07 - 00112640 _____ (forum.viry.cz) C:\Users\Ajik\Desktop\FRSTLauncher.exe
2014-03-02 13:06 - 2014-03-02 13:07 - 02156544 _____ (Farbar) C:\Users\Ajik\Desktop\FRST64.exe
2014-03-02 08:31 - 2014-03-02 12:52 - 00000000 ____D () C:\Users\Ajik\AppData\Local\CrashDumps
2014-03-02 08:24 - 2014-03-02 08:24 - 00040342 _____ () C:\ComboFix.txt
2014-03-02 08:12 - 2014-03-02 12:44 - 00000000 ____D () C:\Windows\erdnt
2014-03-02 08:12 - 2014-03-02 08:24 - 00000000 ____D () C:\Qoobox
2014-03-01 10:20 - 2014-03-01 10:20 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\AVAST Software
2014-03-01 10:19 - 2014-03-01 10:19 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-01 10:18 - 2014-03-01 10:18 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-01 10:01 - 2014-03-01 10:01 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Google
2014-02-28 18:53 - 2014-03-02 12:56 - 00020901 _____ () C:\Windows\WindowsUpdate.log
2014-02-28 18:45 - 2014-02-28 18:45 - 00518928 _____ () C:\Windows\system32\.crusader
2014-02-28 18:45 - 2014-02-28 18:45 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-28 18:43 - 2014-02-28 18:45 - 00438568 _____ () C:\Windows\system32\bootdelete.lst
2014-02-28 18:34 - 2014-02-28 18:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-28 18:28 - 2014-02-28 18:28 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Malwarebytes
2014-02-28 18:26 - 2014-03-02 12:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-28 18:26 - 2014-03-02 12:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-28 18:26 - 2014-02-28 18:26 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-28 18:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-28 18:19 - 2014-02-13 10:20 - 00000426 _____ () C:\AVScanner.ini
2014-02-26 17:52 - 2014-02-26 17:52 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-02-26 10:43 - 2014-02-26 10:43 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-26 10:43 - 2014-02-26 10:43 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-26 10:43 - 2014-02-26 10:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-26 10:42 - 2014-02-26 10:42 - 11140364 _____ () C:\Users\Ajik\Downloads\cc-setup(1).exe
2014-02-26 10:40 - 2014-02-26 10:41 - 11140364 _____ () C:\Users\Ajik\Downloads\cc-setup.exe
2014-02-26 05:45 - 2014-02-26 05:47 - 00000000 ____D () C:\Users\Ajik\Desktop\2014-02-26 ff
2014-02-07 13:28 - 2014-02-07 13:28 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-07 13:28 - 2014-02-07 13:28 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-06 20:38 - 2014-02-06 20:39 - 00000000 ____D () C:\ProgramData\tmp
2014-02-06 20:38 - 2014-02-06 20:38 - 00001304 _____ () C:\Users\Public\Desktop\CEWE prezentace fotografií.lnk
2014-02-06 20:38 - 2014-02-06 20:38 - 00001239 _____ () C:\Users\Public\Desktop\Fotosvet TETA.lnk
2014-02-06 20:38 - 2014-02-06 20:38 - 00000000 ____D () C:\ProgramData\hps
2014-02-06 20:30 - 2014-02-06 20:30 - 00000000 ____D () C:\Program Files (x86)\Drogerie TETA
2014-02-05 23:03 - 2014-02-05 23:05 - 178266112 _____ () C:\Users\Ajik\Downloads\How-I-Met-Your-Mother-S09E17-cz-titulky.avi
2014-02-05 09:35 - 2014-02-05 09:35 - 01636424 _____ () C:\Users\Ajik\Downloads\setup_Fotosvet_TETA.exe
2014-02-02 19:40 - 2014-02-02 19:40 - 00003544 ____N () C:\bootsqm.dat
2014-02-02 13:46 - 2014-02-02 13:46 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\AVG
2014-02-02 13:45 - 2014-03-02 12:44 - 00000000 ____D () C:\ProgramData\AVG
2014-02-02 13:44 - 2014-02-02 15:08 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-02-02 13:43 - 2014-02-02 13:44 - 78353832 _____ (AVG) C:\Users\Ajik\Downloads\avg_tuh_stf_all_2014_295_24c4.exe
2014-02-02 11:31 - 2014-02-02 11:31 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-02-02 11:31 - 2014-02-02 11:31 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\TuneUp Software
2014-02-02 11:31 - 2014-02-02 11:30 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-02-02 11:30 - 2014-03-02 12:45 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-02-02 11:30 - 2014-03-02 12:44 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-02-02 11:22 - 2014-02-28 18:47 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Avg2014
2014-02-02 11:22 - 2014-02-28 18:47 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-02 11:22 - 2014-02-02 11:22 - 10806456 _____ () C:\Users\Ajik\Downloads\avg_free.exe
2014-02-02 11:22 - 2014-02-02 11:22 - 00000000 ____D () C:\Users\Ajik\AppData\Local\MFAData
2014-02-01 21:29 - 2014-02-01 21:29 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Cool_Mirage
2014-02-01 21:26 - 1998-11-13 12:58 - 00307200 _____ (InstallShield Software Corporation) C:\Windows\IsUn0405.exe
2014-02-01 16:34 - 2014-02-01 16:44 - 733913088 _____ () C:\Users\Ajik\Downloads\Mladeži nepřístupno - 2013 komedie cz dab. n@ch.avi
2014-02-01 16:33 - 2014-02-01 16:34 - 126817772 _____ () C:\Users\Ajik\Downloads\How I Met Your Mother S09E16 How Your Mother Met Me CZ titulky.avi
==================== One Month Modified Files and Folders =======
2014-03-02 13:10 - 2014-03-02 13:09 - 00015299 _____ () C:\Users\Ajik\Desktop\FRST.txt
2014-03-02 13:09 - 2014-03-02 13:08 - 00000000 ____D () C:\FRST
2014-03-02 13:07 - 2014-03-02 13:07 - 00112640 _____ (forum.viry.cz) C:\Users\Ajik\Desktop\FRSTLauncher.exe
2014-03-02 13:07 - 2014-03-02 13:06 - 02156544 _____ (Farbar) C:\Users\Ajik\Desktop\FRST64.exe
2014-03-02 12:56 - 2014-02-28 18:53 - 00020901 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 12:56 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 12:56 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 12:52 - 2014-03-02 08:31 - 00000000 ____D () C:\Users\Ajik\AppData\Local\CrashDumps
2014-03-02 12:51 - 2009-08-03 21:00 - 00631526 _____ () C:\Windows\system32\perfh005.dat
2014-03-02 12:51 - 2009-08-03 21:00 - 00122148 _____ () C:\Windows\system32\perfc005.dat
2014-03-02 12:51 - 2009-07-14 06:13 - 01470298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-02 12:47 - 2010-08-26 21:04 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 12:46 - 2010-12-27 18:25 - 00000000 ____D () C:\Users\Ajik
2014-03-02 12:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 12:45 - 2014-02-02 11:30 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-02 12:45 - 2013-12-17 20:33 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
2014-03-02 12:45 - 2013-12-17 20:33 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Pokki
2014-03-02 12:45 - 2010-08-26 21:27 - 00000000 ____D () C:\ProgramData\P4G
2014-03-02 12:45 - 2010-08-26 21:08 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-03-02 12:44 - 2014-03-02 08:12 - 00000000 ____D () C:\Windows\erdnt
2014-03-02 12:44 - 2014-02-28 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 12:44 - 2014-02-28 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-02 12:44 - 2014-02-02 13:45 - 00000000 ____D () C:\ProgramData\AVG
2014-03-02 12:44 - 2014-02-02 11:30 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-03-02 12:44 - 2013-12-11 10:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 12:44 - 2010-08-26 21:08 - 00000000 ____D () C:\Program Files\Trend Micro
2014-03-02 12:44 - 2010-08-26 21:04 - 00000000 ____D () C:\Program Files\Google
2014-03-02 12:44 - 2010-08-26 21:04 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-02 12:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-02 12:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-02 12:43 - 2010-08-26 20:51 - 00000000 ____D () C:\eSupport
2014-03-02 08:24 - 2014-03-02 08:24 - 00040342 _____ () C:\ComboFix.txt
2014-03-02 08:24 - 2014-03-02 08:12 - 00000000 ____D () C:\Qoobox
2014-03-01 10:20 - 2014-03-01 10:20 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\AVAST Software
2014-03-01 10:19 - 2014-03-01 10:19 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-01 10:18 - 2014-03-01 10:18 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-01 10:01 - 2014-03-01 10:01 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Google
2014-02-28 18:47 - 2014-02-28 18:34 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-28 18:47 - 2014-02-02 11:22 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Avg2014
2014-02-28 18:47 - 2014-02-02 11:22 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-28 18:45 - 2014-02-28 18:45 - 00518928 _____ () C:\Windows\system32\.crusader
2014-02-28 18:45 - 2014-02-28 18:45 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-28 18:45 - 2014-02-28 18:43 - 00438568 _____ () C:\Windows\system32\bootdelete.lst
2014-02-28 18:34 - 2013-12-17 20:35 - 00000000 ____D () C:\Users\Ajik\AppData\Local\genienext
2014-02-28 18:28 - 2014-02-28 18:28 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Malwarebytes
2014-02-28 18:26 - 2014-02-28 18:26 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-28 14:36 - 2013-12-17 20:35 - 00055586 _____ () C:\Users\Ajik\daemonprocess.txt
2014-02-28 14:34 - 2011-10-28 15:41 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Skype
2014-02-28 14:26 - 2010-08-26 21:04 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-28 14:24 - 2012-05-19 17:35 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 17:52 - 2014-02-26 17:52 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-02-26 14:11 - 2012-05-05 22:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-26 10:45 - 2013-08-14 06:18 - 00000000 ____D () C:\Windows\Minidump
2014-02-26 10:45 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-02-26 10:43 - 2014-02-26 10:43 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-26 10:43 - 2014-02-26 10:43 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-26 10:43 - 2014-02-26 10:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-26 10:42 - 2014-02-26 10:42 - 11140364 _____ () C:\Users\Ajik\Downloads\cc-setup(1).exe
2014-02-26 10:41 - 2014-02-26 10:40 - 11140364 _____ () C:\Users\Ajik\Downloads\cc-setup.exe
2014-02-26 05:47 - 2014-02-26 05:45 - 00000000 ____D () C:\Users\Ajik\Desktop\2014-02-26 ff
2014-02-25 11:36 - 2012-05-19 17:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-25 11:36 - 2012-05-19 17:35 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-25 11:36 - 2012-02-29 18:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-14 10:21 - 2010-08-26 21:04 - 00003962 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 10:21 - 2010-08-26 21:04 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 10:20 - 2014-02-28 18:19 - 00000426 _____ () C:\AVScanner.ini
2014-02-07 13:28 - 2014-02-07 13:28 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-07 13:28 - 2014-02-07 13:28 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-06 20:39 - 2014-02-06 20:38 - 00000000 ____D () C:\ProgramData\tmp
2014-02-06 20:38 - 2014-02-06 20:38 - 00001304 _____ () C:\Users\Public\Desktop\CEWE prezentace fotografií.lnk
2014-02-06 20:38 - 2014-02-06 20:38 - 00001239 _____ () C:\Users\Public\Desktop\Fotosvet TETA.lnk
2014-02-06 20:38 - 2014-02-06 20:38 - 00000000 ____D () C:\ProgramData\hps
2014-02-06 20:30 - 2014-02-06 20:30 - 00000000 ____D () C:\Program Files (x86)\Drogerie TETA
2014-02-05 23:05 - 2014-02-05 23:03 - 178266112 _____ () C:\Users\Ajik\Downloads\How-I-Met-Your-Mother-S09E17-cz-titulky.avi
2014-02-05 09:35 - 2014-02-05 09:35 - 01636424 _____ () C:\Users\Ajik\Downloads\setup_Fotosvet_TETA.exe
2014-02-04 18:36 - 2010-12-27 18:32 - 00000000 ____D () C:\Users\Ajik\AppData\Local\VirtualStore
2014-02-03 14:29 - 2013-10-01 10:06 - 00000000 ____D () C:\Users\Ajik\Desktop\Adámek
2014-02-02 20:10 - 2010-08-26 21:28 - 00001854 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-02-02 20:10 - 2010-08-26 21:28 - 00001385 _____ () C:\Windows\system32\ServiceFilter.ini
2014-02-02 19:40 - 2014-02-02 19:40 - 00003544 ____N () C:\bootsqm.dat
2014-02-02 15:08 - 2014-02-02 13:44 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-02-02 15:08 - 2011-04-12 13:01 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Microsoft Help
2014-02-02 13:46 - 2014-02-02 13:46 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\AVG
2014-02-02 13:44 - 2014-02-02 13:43 - 78353832 _____ (AVG) C:\Users\Ajik\Downloads\avg_tuh_stf_all_2014_295_24c4.exe
2014-02-02 11:31 - 2014-02-02 11:31 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-02-02 11:31 - 2014-02-02 11:31 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\TuneUp Software
2014-02-02 11:30 - 2014-02-02 11:31 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-02-02 11:22 - 2014-02-02 11:22 - 10806456 _____ () C:\Users\Ajik\Downloads\avg_free.exe
2014-02-02 11:22 - 2014-02-02 11:22 - 00000000 ____D () C:\Users\Ajik\AppData\Local\MFAData
2014-02-01 21:54 - 2010-12-28 18:57 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Adobe
2014-02-01 21:51 - 2010-12-28 18:57 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Adobe
2014-02-01 21:51 - 2010-08-26 21:03 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-01 21:35 - 2010-08-26 21:03 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-01 21:29 - 2014-02-01 21:29 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Cool_Mirage
2014-02-01 16:44 - 2014-02-01 16:34 - 733913088 _____ () C:\Users\Ajik\Downloads\Mladeži nepřístupno - 2013 komedie cz dab. n@ch.avi
2014-02-01 16:34 - 2014-02-01 16:33 - 126817772 _____ () C:\Users\Ajik\Downloads\How I Met Your Mother S09E16 How Your Mother Met Me CZ titulky.avi
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-13 12:41
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:45.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:329.79 GB) (Free:329.57 GB) NTFS
Available physical RAM: 3046.51 MB
Total physical RAM: 3948.55 MB
Percentage of memory in use: 22%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E0C5913D)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Trend Micro Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: Trend Micro Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ajik\Desktop" je 21315 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Ajik (administrator) on AJIK-PC on 02-03-2014 13:09:25
Running from C:\Users\Ajik\Desktop
Windows 7 Home Premium (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(forum.viry.cz) C:\Users\Ajik\Desktop\FRSTLauncher.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [UfSeAgnt.exe] - C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1022904 2010-02-23] (Trend Micro Inc.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] - C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-08-26] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2552856 2014-02-05] ()
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\Run: [Pokki] - C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\RunOnce: [Application Restart #1] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464 2014-02-20] (Google Inc.)
HKU\S-1-5-21-2747720358-2666299132-3272033892-1000\...\MountPoints2: {f368681a-58cc-11e1-b495-1c4bd6192788} - F:\Autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: 1ClickMovieDownloader V6 - {11111111-1111-1111-1111-110411591167} - No File
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Ajik\AppData\Roaming\Mozilla\Firefox\Profiles\hbhoiud5.default
FF user.js: detected! => C:\Users\Ajik\AppData\Roaming\Mozilla\Firefox\Profiles\hbhoiud5.default\user.js
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://mysearch.avg.com?cid={895FA8B4-1108-4A9F-A9FF-FEBE235B862C}&mid=2f084e85820e47d2b4c7cd0290fdce7b-cb97dc307db1e3d3e5a938ecf793a8c929ab1fb7&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=&v=17.3.1.91&pid=safeguard&sg=&sap=hp
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91
FF Extension: No Name - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91 [2014-02-02]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR Extension: (Dokumenty Google) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-01]
CHR Extension: (Disk Google) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-01]
CHR Extension: (YouTube) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-01]
CHR Extension: (avast! Online Security) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-01]
CHR Extension: (Skype Click to Call) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-01]
CHR Extension: (Peněženka Google) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-01]
CHR Extension: (Gmail) - C:\Users\Ajik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
==================== Services (Whitelisted) =================
S2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [859712 2010-10-09] (Trend Micro Inc.)
S3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [570632 2010-02-23] (Trend Micro Inc.)
S3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [917768 2010-02-23] (Trend Micro Inc.)
S2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1772056 2014-02-02] (AVG Secure Search)
S2 HitmanPro37CrusaderBoot; "F:\vir\HitmanPro_x64.exe" /crusader:boot [X]
==================== Drivers (Whitelisted) ====================
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2014-02-02] (AVG Technologies)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
S2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [107536 2010-02-23] (Trend Micro Inc.)
S2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
S2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-02-26] (StdLib)
U3 tmlwf;
U3 tmwfp;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-02 13:09 - 2014-03-02 13:10 - 00015299 _____ () C:\Users\Ajik\Desktop\FRST.txt
2014-03-02 13:08 - 2014-03-02 13:09 - 00000000 ____D () C:\FRST
2014-03-02 13:07 - 2014-03-02 13:07 - 00112640 _____ (forum.viry.cz) C:\Users\Ajik\Desktop\FRSTLauncher.exe
2014-03-02 13:06 - 2014-03-02 13:07 - 02156544 _____ (Farbar) C:\Users\Ajik\Desktop\FRST64.exe
2014-03-02 08:31 - 2014-03-02 12:52 - 00000000 ____D () C:\Users\Ajik\AppData\Local\CrashDumps
2014-03-02 08:24 - 2014-03-02 08:24 - 00040342 _____ () C:\ComboFix.txt
2014-03-02 08:12 - 2014-03-02 12:44 - 00000000 ____D () C:\Windows\erdnt
2014-03-02 08:12 - 2014-03-02 08:24 - 00000000 ____D () C:\Qoobox
2014-03-01 10:20 - 2014-03-01 10:20 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\AVAST Software
2014-03-01 10:19 - 2014-03-01 10:19 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-01 10:18 - 2014-03-01 10:18 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-01 10:01 - 2014-03-01 10:01 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Google
2014-02-28 18:53 - 2014-03-02 12:56 - 00020901 _____ () C:\Windows\WindowsUpdate.log
2014-02-28 18:45 - 2014-02-28 18:45 - 00518928 _____ () C:\Windows\system32\.crusader
2014-02-28 18:45 - 2014-02-28 18:45 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-28 18:43 - 2014-02-28 18:45 - 00438568 _____ () C:\Windows\system32\bootdelete.lst
2014-02-28 18:34 - 2014-02-28 18:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-28 18:28 - 2014-02-28 18:28 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Malwarebytes
2014-02-28 18:26 - 2014-03-02 12:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-28 18:26 - 2014-03-02 12:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-28 18:26 - 2014-02-28 18:26 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-28 18:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-28 18:19 - 2014-02-13 10:20 - 00000426 _____ () C:\AVScanner.ini
2014-02-26 17:52 - 2014-02-26 17:52 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-02-26 10:43 - 2014-02-26 10:43 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-26 10:43 - 2014-02-26 10:43 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-26 10:43 - 2014-02-26 10:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-26 10:42 - 2014-02-26 10:42 - 11140364 _____ () C:\Users\Ajik\Downloads\cc-setup(1).exe
2014-02-26 10:40 - 2014-02-26 10:41 - 11140364 _____ () C:\Users\Ajik\Downloads\cc-setup.exe
2014-02-26 05:45 - 2014-02-26 05:47 - 00000000 ____D () C:\Users\Ajik\Desktop\2014-02-26 ff
2014-02-07 13:28 - 2014-02-07 13:28 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-07 13:28 - 2014-02-07 13:28 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-06 20:38 - 2014-02-06 20:39 - 00000000 ____D () C:\ProgramData\tmp
2014-02-06 20:38 - 2014-02-06 20:38 - 00001304 _____ () C:\Users\Public\Desktop\CEWE prezentace fotografií.lnk
2014-02-06 20:38 - 2014-02-06 20:38 - 00001239 _____ () C:\Users\Public\Desktop\Fotosvet TETA.lnk
2014-02-06 20:38 - 2014-02-06 20:38 - 00000000 ____D () C:\ProgramData\hps
2014-02-06 20:30 - 2014-02-06 20:30 - 00000000 ____D () C:\Program Files (x86)\Drogerie TETA
2014-02-05 23:03 - 2014-02-05 23:05 - 178266112 _____ () C:\Users\Ajik\Downloads\How-I-Met-Your-Mother-S09E17-cz-titulky.avi
2014-02-05 09:35 - 2014-02-05 09:35 - 01636424 _____ () C:\Users\Ajik\Downloads\setup_Fotosvet_TETA.exe
2014-02-02 19:40 - 2014-02-02 19:40 - 00003544 ____N () C:\bootsqm.dat
2014-02-02 13:46 - 2014-02-02 13:46 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\AVG
2014-02-02 13:45 - 2014-03-02 12:44 - 00000000 ____D () C:\ProgramData\AVG
2014-02-02 13:44 - 2014-02-02 15:08 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-02-02 13:43 - 2014-02-02 13:44 - 78353832 _____ (AVG) C:\Users\Ajik\Downloads\avg_tuh_stf_all_2014_295_24c4.exe
2014-02-02 11:31 - 2014-02-02 11:31 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-02-02 11:31 - 2014-02-02 11:31 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\TuneUp Software
2014-02-02 11:31 - 2014-02-02 11:30 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-02-02 11:30 - 2014-03-02 12:45 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-02-02 11:30 - 2014-03-02 12:44 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-02-02 11:22 - 2014-02-28 18:47 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Avg2014
2014-02-02 11:22 - 2014-02-28 18:47 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-02 11:22 - 2014-02-02 11:22 - 10806456 _____ () C:\Users\Ajik\Downloads\avg_free.exe
2014-02-02 11:22 - 2014-02-02 11:22 - 00000000 ____D () C:\Users\Ajik\AppData\Local\MFAData
2014-02-01 21:29 - 2014-02-01 21:29 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Cool_Mirage
2014-02-01 21:26 - 1998-11-13 12:58 - 00307200 _____ (InstallShield Software Corporation) C:\Windows\IsUn0405.exe
2014-02-01 16:34 - 2014-02-01 16:44 - 733913088 _____ () C:\Users\Ajik\Downloads\Mladeži nepřístupno - 2013 komedie cz dab. n@ch.avi
2014-02-01 16:33 - 2014-02-01 16:34 - 126817772 _____ () C:\Users\Ajik\Downloads\How I Met Your Mother S09E16 How Your Mother Met Me CZ titulky.avi
==================== One Month Modified Files and Folders =======
2014-03-02 13:10 - 2014-03-02 13:09 - 00015299 _____ () C:\Users\Ajik\Desktop\FRST.txt
2014-03-02 13:09 - 2014-03-02 13:08 - 00000000 ____D () C:\FRST
2014-03-02 13:07 - 2014-03-02 13:07 - 00112640 _____ (forum.viry.cz) C:\Users\Ajik\Desktop\FRSTLauncher.exe
2014-03-02 13:07 - 2014-03-02 13:06 - 02156544 _____ (Farbar) C:\Users\Ajik\Desktop\FRST64.exe
2014-03-02 12:56 - 2014-02-28 18:53 - 00020901 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 12:56 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 12:56 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 12:52 - 2014-03-02 08:31 - 00000000 ____D () C:\Users\Ajik\AppData\Local\CrashDumps
2014-03-02 12:51 - 2009-08-03 21:00 - 00631526 _____ () C:\Windows\system32\perfh005.dat
2014-03-02 12:51 - 2009-08-03 21:00 - 00122148 _____ () C:\Windows\system32\perfc005.dat
2014-03-02 12:51 - 2009-07-14 06:13 - 01470298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-02 12:47 - 2010-08-26 21:04 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 12:46 - 2010-12-27 18:25 - 00000000 ____D () C:\Users\Ajik
2014-03-02 12:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 12:45 - 2014-02-02 11:30 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-02 12:45 - 2013-12-17 20:33 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
2014-03-02 12:45 - 2013-12-17 20:33 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Pokki
2014-03-02 12:45 - 2010-08-26 21:27 - 00000000 ____D () C:\ProgramData\P4G
2014-03-02 12:45 - 2010-08-26 21:08 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-03-02 12:44 - 2014-03-02 08:12 - 00000000 ____D () C:\Windows\erdnt
2014-03-02 12:44 - 2014-02-28 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 12:44 - 2014-02-28 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-02 12:44 - 2014-02-02 13:45 - 00000000 ____D () C:\ProgramData\AVG
2014-03-02 12:44 - 2014-02-02 11:30 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-03-02 12:44 - 2013-12-11 10:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 12:44 - 2010-08-26 21:08 - 00000000 ____D () C:\Program Files\Trend Micro
2014-03-02 12:44 - 2010-08-26 21:04 - 00000000 ____D () C:\Program Files\Google
2014-03-02 12:44 - 2010-08-26 21:04 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-02 12:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-02 12:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-02 12:43 - 2010-08-26 20:51 - 00000000 ____D () C:\eSupport
2014-03-02 08:24 - 2014-03-02 08:24 - 00040342 _____ () C:\ComboFix.txt
2014-03-02 08:24 - 2014-03-02 08:12 - 00000000 ____D () C:\Qoobox
2014-03-01 10:20 - 2014-03-01 10:20 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\AVAST Software
2014-03-01 10:19 - 2014-03-01 10:19 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-01 10:18 - 2014-03-01 10:18 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-01 10:01 - 2014-03-01 10:01 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Google
2014-02-28 18:47 - 2014-02-28 18:34 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-28 18:47 - 2014-02-02 11:22 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Avg2014
2014-02-28 18:47 - 2014-02-02 11:22 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-28 18:45 - 2014-02-28 18:45 - 00518928 _____ () C:\Windows\system32\.crusader
2014-02-28 18:45 - 2014-02-28 18:45 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-28 18:45 - 2014-02-28 18:43 - 00438568 _____ () C:\Windows\system32\bootdelete.lst
2014-02-28 18:34 - 2013-12-17 20:35 - 00000000 ____D () C:\Users\Ajik\AppData\Local\genienext
2014-02-28 18:28 - 2014-02-28 18:28 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Malwarebytes
2014-02-28 18:26 - 2014-02-28 18:26 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-28 14:36 - 2013-12-17 20:35 - 00055586 _____ () C:\Users\Ajik\daemonprocess.txt
2014-02-28 14:34 - 2011-10-28 15:41 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Skype
2014-02-28 14:26 - 2010-08-26 21:04 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-28 14:24 - 2012-05-19 17:35 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 17:52 - 2014-02-26 17:52 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-02-26 14:11 - 2012-05-05 22:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-26 10:45 - 2013-08-14 06:18 - 00000000 ____D () C:\Windows\Minidump
2014-02-26 10:45 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-02-26 10:43 - 2014-02-26 10:43 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-26 10:43 - 2014-02-26 10:43 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-26 10:43 - 2014-02-26 10:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-26 10:42 - 2014-02-26 10:42 - 11140364 _____ () C:\Users\Ajik\Downloads\cc-setup(1).exe
2014-02-26 10:41 - 2014-02-26 10:40 - 11140364 _____ () C:\Users\Ajik\Downloads\cc-setup.exe
2014-02-26 05:47 - 2014-02-26 05:45 - 00000000 ____D () C:\Users\Ajik\Desktop\2014-02-26 ff
2014-02-25 11:36 - 2012-05-19 17:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-25 11:36 - 2012-05-19 17:35 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-25 11:36 - 2012-02-29 18:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-14 10:21 - 2010-08-26 21:04 - 00003962 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 10:21 - 2010-08-26 21:04 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 10:20 - 2014-02-28 18:19 - 00000426 _____ () C:\AVScanner.ini
2014-02-07 13:28 - 2014-02-07 13:28 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-07 13:28 - 2014-02-07 13:28 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-06 20:39 - 2014-02-06 20:38 - 00000000 ____D () C:\ProgramData\tmp
2014-02-06 20:38 - 2014-02-06 20:38 - 00001304 _____ () C:\Users\Public\Desktop\CEWE prezentace fotografií.lnk
2014-02-06 20:38 - 2014-02-06 20:38 - 00001239 _____ () C:\Users\Public\Desktop\Fotosvet TETA.lnk
2014-02-06 20:38 - 2014-02-06 20:38 - 00000000 ____D () C:\ProgramData\hps
2014-02-06 20:30 - 2014-02-06 20:30 - 00000000 ____D () C:\Program Files (x86)\Drogerie TETA
2014-02-05 23:05 - 2014-02-05 23:03 - 178266112 _____ () C:\Users\Ajik\Downloads\How-I-Met-Your-Mother-S09E17-cz-titulky.avi
2014-02-05 09:35 - 2014-02-05 09:35 - 01636424 _____ () C:\Users\Ajik\Downloads\setup_Fotosvet_TETA.exe
2014-02-04 18:36 - 2010-12-27 18:32 - 00000000 ____D () C:\Users\Ajik\AppData\Local\VirtualStore
2014-02-03 14:29 - 2013-10-01 10:06 - 00000000 ____D () C:\Users\Ajik\Desktop\Adámek
2014-02-02 20:10 - 2010-08-26 21:28 - 00001854 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-02-02 20:10 - 2010-08-26 21:28 - 00001385 _____ () C:\Windows\system32\ServiceFilter.ini
2014-02-02 19:40 - 2014-02-02 19:40 - 00003544 ____N () C:\bootsqm.dat
2014-02-02 15:08 - 2014-02-02 13:44 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-02-02 15:08 - 2011-04-12 13:01 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Microsoft Help
2014-02-02 13:46 - 2014-02-02 13:46 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\AVG
2014-02-02 13:44 - 2014-02-02 13:43 - 78353832 _____ (AVG) C:\Users\Ajik\Downloads\avg_tuh_stf_all_2014_295_24c4.exe
2014-02-02 11:31 - 2014-02-02 11:31 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-02-02 11:31 - 2014-02-02 11:31 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\TuneUp Software
2014-02-02 11:30 - 2014-02-02 11:31 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-02-02 11:22 - 2014-02-02 11:22 - 10806456 _____ () C:\Users\Ajik\Downloads\avg_free.exe
2014-02-02 11:22 - 2014-02-02 11:22 - 00000000 ____D () C:\Users\Ajik\AppData\Local\MFAData
2014-02-01 21:54 - 2010-12-28 18:57 - 00000000 ____D () C:\Users\Ajik\AppData\Roaming\Adobe
2014-02-01 21:51 - 2010-12-28 18:57 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Adobe
2014-02-01 21:51 - 2010-08-26 21:03 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-01 21:35 - 2010-08-26 21:03 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-01 21:29 - 2014-02-01 21:29 - 00000000 ____D () C:\Users\Ajik\AppData\Local\Cool_Mirage
2014-02-01 16:44 - 2014-02-01 16:34 - 733913088 _____ () C:\Users\Ajik\Downloads\Mladeži nepřístupno - 2013 komedie cz dab. n@ch.avi
2014-02-01 16:34 - 2014-02-01 16:33 - 126817772 _____ () C:\Users\Ajik\Downloads\How I Met Your Mother S09E16 How Your Mother Met Me CZ titulky.avi
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-13 12:41
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:45.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:329.79 GB) (Free:329.57 GB) NTFS
Available physical RAM: 3046.51 MB
Total physical RAM: 3948.55 MB
Percentage of memory in use: 22%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E0C5913D)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Trend Micro Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: Trend Micro Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ajik\Desktop" je 21315 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
