fixmyregistry a speedupmycomputer - nejde odinstalovat
Napsal: 07 bře 2014 12:11
Zdravím, mám problém s programy fixmyregistry a speedupmycomputer. Nejdou odinstalovat, když jeden odinstaluji, objeví se druhý. Vždy je nainstalován jen jeden a po jeho odinstalaci se nahradí druhým a tak pořád dokola. Může někdo pomoci?
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014
Ran by dvoracek (administrator) on PCESOX008 on 07-03-2014 12:16:35
Running from C:\Users\dvoracek\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Users\dvoracek\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Feed Notifier\notifier.exe
() C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RBTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-04-30] (LogMeIn, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [FileOpenBroker] - C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1589104 2013-03-26] (FileOpen Systems Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-11-06] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [GmailNotifierPro] - C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe /minimized
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [SpeedUpMyComputer] - C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2054776 2013-07-22] ()
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Policies\Explorer: []
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\MountPoints2: D - D:\Setup.exe
Startup: C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\dvoracek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk
ShortcutTarget: Feed Notifier.lnk -> C:\Program Files (x86)\Feed Notifier\notifier.exe ()
Startup: C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RBHook.dll ()
Startup: C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RBTray.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKLM - {05C9E3E5-FFC0-4341-9976-C1F86013444B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKLM-x32 - {05C9E3E5-FFC0-4341-9976-C1F86013444B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKCU - {05C9E3E5-FFC0-4341-9976-C1F86013444B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1007
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.10
FireFox:
========
FF ProfilePath: C:\Users\dvoracek\AppData\Roaming\Mozilla\Firefox\Profiles\0xu99b75.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @kb-ext.cz/PKIComponent - C:\Users\dvoracek\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-08-20]
Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2013-08-14]
CHR Extension: (Google Docs) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (YouTube) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2013-08-14]
CHR Extension: (Remember The Milk) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdiaibgndcpagmnpkjoelgfkommjbni [2013-08-14]
CHR Extension: (Webpage Screenshot Capture) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2013-08-14]
CHR Extension: (Google Search) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-08-14]
CHR Extension: (Eye Dropper) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2013-08-14]
CHR Extension: (Notes) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpekemhmelpmdedldaafbnbmbfombcp [2013-08-14]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2013-08-14]
CHR Extension: (Smooth Gestures) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2013-08-14]
CHR Extension: (Poppit) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-08-14]
CHR Extension: (Google Wallet) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Auto Refresh Plus) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-01-27]
CHR Extension: (LogMeIn) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-08-15]
CHR Extension: (Gmail) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
==================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [337264 2013-03-19] (FileOpen Systems Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-01-25] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-01-25] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
==================== Drivers (Whitelisted) ====================
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-14] (Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-12-07] (Intel Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-07 12:12 - 2014-03-07 12:16 - 00020467 _____ () C:\Users\dvoracek\Desktop\FRST.txt
2014-03-07 12:12 - 2014-03-07 12:12 - 02156544 _____ (Farbar) C:\Users\dvoracek\Desktop\FRST64.exe
2014-03-07 12:03 - 2014-03-07 12:03 - 00001218 _____ () C:\Users\dvoracek\Desktop\SpeedUpMyComputer.lnk
2014-03-07 11:48 - 2014-03-07 12:16 - 00000000 ____D () C:\FRST
2014-03-03 13:56 - 2014-03-03 13:22 - 00001124 _____ () C:\Windows\system32\Drivers\etc\hosts.premodifiedbackup.REViSE.bak
2014-03-03 13:55 - 2014-03-03 13:55 - 00002022 _____ () C:\Users\Public\Desktop\UltraEdit.lnk
2014-03-03 13:55 - 2014-03-03 13:55 - 00000000 ____D () C:\Program Files (x86)\IDM Computer Solutions
2014-03-03 11:43 - 2014-03-03 11:43 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\IDMComp
2014-03-03 11:43 - 2014-03-03 11:43 - 00000000 ____D () C:\ProgramData\IDMComp
2014-03-03 11:42 - 2014-03-03 13:54 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Downloaded Installations
2014-03-03 09:30 - 2014-03-03 09:32 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Sublime Text 3
2014-03-03 09:30 - 2014-03-03 09:30 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Sublime Text 3
2014-03-03 09:25 - 2014-03-03 09:25 - 00000647 ____H () C:\Users\dvoracek\_viminfo
2014-03-03 09:18 - 2014-03-03 09:22 - 00000013 _____ () C:\Windows\SysWOW64\WinSys32.crc
2014-03-03 09:16 - 2014-03-03 09:31 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\CoffeeCup Software
2014-02-28 11:03 - 2014-02-28 11:05 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\ActiveState
2014-02-28 11:03 - 2014-02-28 11:03 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\ActiveState
2014-02-19 16:44 - 2014-02-19 16:44 - 00000000 ____D () C:\ProgramData\RegClean
2014-02-19 15:05 - 2014-03-07 12:03 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-02-19 15:05 - 2014-03-07 12:03 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-02-19 15:05 - 2014-02-19 15:17 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-02-19 15:04 - 2014-02-19 15:17 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Seznam.cz
2014-02-18 11:22 - 2014-02-18 11:22 - 34698096 _____ (IDM Computer Solutions, Inc.) C:\Users\dvoracek\AppData\Roaming\ue_english.exe
2014-02-17 07:27 - 2014-02-24 21:09 - 00001052 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-17 07:27 - 2014-02-19 16:45 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\TeamViewer
==================== One Month Modified Files and Folders =======
2014-03-07 12:16 - 2014-03-07 12:12 - 00020467 _____ () C:\Users\dvoracek\Desktop\FRST.txt
2014-03-07 12:16 - 2014-03-07 11:48 - 00000000 ____D () C:\FRST
2014-03-07 12:12 - 2014-03-07 12:12 - 02156544 _____ (Farbar) C:\Users\dvoracek\Desktop\FRST64.exe
2014-03-07 12:11 - 2014-01-06 13:43 - 00000000 ____D () C:\Program Files (x86)\Feed Notifier
2014-03-07 12:07 - 2013-08-14 05:28 - 01239892 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 12:06 - 2009-07-14 05:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 12:06 - 2009-07-14 05:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 12:05 - 2013-08-14 08:22 - 00000000 ____D () C:\Users\dvoracek\Documents\Archivy
2014-03-07 12:03 - 2014-03-07 12:03 - 00001218 _____ () C:\Users\dvoracek\Desktop\SpeedUpMyComputer.lnk
2014-03-07 12:03 - 2014-02-19 15:05 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-03-07 12:03 - 2014-02-19 15:05 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-03-07 12:03 - 2013-06-06 04:52 - 00666194 _____ () C:\Windows\system32\perfh005.dat
2014-03-07 12:03 - 2013-06-06 04:52 - 00139890 _____ () C:\Windows\system32\perfc005.dat
2014-03-07 12:03 - 2009-07-14 06:13 - 01576554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-07 12:02 - 2013-08-19 13:01 - 00000000 ___RD () C:\Dropbox
2014-03-07 12:02 - 2013-08-19 12:58 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Dropbox
2014-03-07 12:01 - 2013-08-14 10:09 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 12:00 - 2013-08-14 05:57 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-07 11:58 - 2013-11-01 15:05 - 00018396 _____ () C:\Windows\PFRO.log
2014-03-07 11:58 - 2013-11-01 15:05 - 00004894 _____ () C:\Windows\setupact.log
2014-03-07 11:58 - 2013-08-14 05:43 - 00000112 _____ () C:\Windows\system32\config\netlogon.ftl
2014-03-07 11:58 - 2013-06-06 05:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 11:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 11:49 - 2013-12-06 13:36 - 00000000 ____D () C:\Win
2014-03-07 11:44 - 2013-11-25 08:57 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Skype
2014-03-07 11:30 - 2013-08-14 10:09 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 11:26 - 2013-06-06 05:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-07 07:40 - 2013-08-15 13:45 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-03-07 02:00 - 2013-08-14 08:43 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Adobe
2014-03-05 10:58 - 2013-08-21 12:42 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\XnView
2014-03-05 10:41 - 2013-08-20 09:57 - 00001456 _____ () C:\Users\dvoracek\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-03-03 15:50 - 2013-12-03 09:28 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-03-03 15:49 - 2013-08-14 10:32 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\uTorrent
2014-03-03 13:55 - 2014-03-03 13:55 - 00002022 _____ () C:\Users\Public\Desktop\UltraEdit.lnk
2014-03-03 13:55 - 2014-03-03 13:55 - 00000000 ____D () C:\Program Files (x86)\IDM Computer Solutions
2014-03-03 13:55 - 2013-06-06 05:18 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-03-03 13:54 - 2014-03-03 11:42 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Downloaded Installations
2014-03-03 13:35 - 2013-08-14 11:04 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\CrashDumps
2014-03-03 13:27 - 2013-09-30 09:35 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Notepad++
2014-03-03 13:27 - 2013-09-30 09:35 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-03-03 13:22 - 2014-03-03 13:56 - 00001124 _____ () C:\Windows\system32\Drivers\etc\hosts.premodifiedbackup.REViSE.bak
2014-03-03 11:43 - 2014-03-03 11:43 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\IDMComp
2014-03-03 11:43 - 2014-03-03 11:43 - 00000000 ____D () C:\ProgramData\IDMComp
2014-03-03 09:32 - 2014-03-03 09:30 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Sublime Text 3
2014-03-03 09:31 - 2014-03-03 09:16 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\CoffeeCup Software
2014-03-03 09:30 - 2014-03-03 09:30 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Sublime Text 3
2014-03-03 09:25 - 2014-03-03 09:25 - 00000647 ____H () C:\Users\dvoracek\_viminfo
2014-03-03 09:25 - 2013-08-14 07:55 - 00000000 ____D () C:\Users\dvoracek
2014-03-03 09:22 - 2014-03-03 09:18 - 00000013 _____ () C:\Windows\SysWOW64\WinSys32.crc
2014-02-28 11:05 - 2014-02-28 11:03 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\ActiveState
2014-02-28 11:03 - 2014-02-28 11:03 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\ActiveState
2014-02-28 11:03 - 2013-11-28 07:41 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\VirtualStore
2014-02-24 21:09 - 2014-02-17 07:27 - 00001052 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-19 16:45 - 2014-02-17 07:27 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\TeamViewer
2014-02-19 16:44 - 2014-02-19 16:44 - 00000000 ____D () C:\ProgramData\RegClean
2014-02-19 16:44 - 2009-07-14 05:45 - 05311168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-19 15:17 - 2014-02-19 15:05 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-02-19 15:17 - 2014-02-19 15:04 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Seznam.cz
2014-02-18 11:22 - 2014-02-18 11:22 - 34698096 _____ (IDM Computer Solutions, Inc.) C:\Users\dvoracek\AppData\Roaming\ue_english.exe
2014-02-17 14:18 - 2013-08-14 08:13 - 00142960 _____ () C:\Users\dvoracek\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-17 07:27 - 2013-08-14 06:28 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-11 07:25 - 2013-08-14 10:09 - 00003952 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 07:25 - 2013-08-14 10:09 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 16:04 - 2013-08-14 10:48 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\GHISLER
Some content of TEMP:
====================
C:\Users\administrator\AppData\Local\Temp\AcDeltree.exe
C:\Users\administrator\AppData\Local\Temp\uninstall.exe
C:\Users\dvoracek\AppData\Local\Temp\SpeedUpMyComputer.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 00:04
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014
Ran by dvoracek (administrator) on PCESOX008 on 07-03-2014 12:16:35
Running from C:\Users\dvoracek\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Users\dvoracek\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Feed Notifier\notifier.exe
() C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RBTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-04-30] (LogMeIn, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [FileOpenBroker] - C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1589104 2013-03-26] (FileOpen Systems Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-11-06] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [GmailNotifierPro] - C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe /minimized
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Run: [SpeedUpMyComputer] - C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2054776 2013-07-22] ()
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\Policies\Explorer: []
HKU\S-1-5-21-461167447-66101275-2988584735-1152\...\MountPoints2: D - D:\Setup.exe
Startup: C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\dvoracek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk
ShortcutTarget: Feed Notifier.lnk -> C:\Program Files (x86)\Feed Notifier\notifier.exe ()
Startup: C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RBHook.dll ()
Startup: C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RBTray.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKLM - {05C9E3E5-FFC0-4341-9976-C1F86013444B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKLM-x32 - {05C9E3E5-FFC0-4341-9976-C1F86013444B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
SearchScopes: HKCU - {05C9E3E5-FFC0-4341-9976-C1F86013444B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1007
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.10
FireFox:
========
FF ProfilePath: C:\Users\dvoracek\AppData\Roaming\Mozilla\Firefox\Profiles\0xu99b75.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @kb-ext.cz/PKIComponent - C:\Users\dvoracek\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-08-20]
Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2013-08-14]
CHR Extension: (Google Docs) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (YouTube) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2013-08-14]
CHR Extension: (Remember The Milk) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdiaibgndcpagmnpkjoelgfkommjbni [2013-08-14]
CHR Extension: (Webpage Screenshot Capture) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2013-08-14]
CHR Extension: (Google Search) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-08-14]
CHR Extension: (Eye Dropper) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2013-08-14]
CHR Extension: (Notes) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpekemhmelpmdedldaafbnbmbfombcp [2013-08-14]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2013-08-14]
CHR Extension: (Smooth Gestures) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2013-08-14]
CHR Extension: (Poppit) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-08-14]
CHR Extension: (Google Wallet) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Auto Refresh Plus) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-01-27]
CHR Extension: (LogMeIn) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-08-15]
CHR Extension: (Gmail) - C:\Users\dvoracek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
==================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [337264 2013-03-19] (FileOpen Systems Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-01-25] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-01-25] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
==================== Drivers (Whitelisted) ====================
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-14] (Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-12-07] (Intel Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-07 12:12 - 2014-03-07 12:16 - 00020467 _____ () C:\Users\dvoracek\Desktop\FRST.txt
2014-03-07 12:12 - 2014-03-07 12:12 - 02156544 _____ (Farbar) C:\Users\dvoracek\Desktop\FRST64.exe
2014-03-07 12:03 - 2014-03-07 12:03 - 00001218 _____ () C:\Users\dvoracek\Desktop\SpeedUpMyComputer.lnk
2014-03-07 11:48 - 2014-03-07 12:16 - 00000000 ____D () C:\FRST
2014-03-03 13:56 - 2014-03-03 13:22 - 00001124 _____ () C:\Windows\system32\Drivers\etc\hosts.premodifiedbackup.REViSE.bak
2014-03-03 13:55 - 2014-03-03 13:55 - 00002022 _____ () C:\Users\Public\Desktop\UltraEdit.lnk
2014-03-03 13:55 - 2014-03-03 13:55 - 00000000 ____D () C:\Program Files (x86)\IDM Computer Solutions
2014-03-03 11:43 - 2014-03-03 11:43 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\IDMComp
2014-03-03 11:43 - 2014-03-03 11:43 - 00000000 ____D () C:\ProgramData\IDMComp
2014-03-03 11:42 - 2014-03-03 13:54 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Downloaded Installations
2014-03-03 09:30 - 2014-03-03 09:32 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Sublime Text 3
2014-03-03 09:30 - 2014-03-03 09:30 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Sublime Text 3
2014-03-03 09:25 - 2014-03-03 09:25 - 00000647 ____H () C:\Users\dvoracek\_viminfo
2014-03-03 09:18 - 2014-03-03 09:22 - 00000013 _____ () C:\Windows\SysWOW64\WinSys32.crc
2014-03-03 09:16 - 2014-03-03 09:31 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\CoffeeCup Software
2014-02-28 11:03 - 2014-02-28 11:05 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\ActiveState
2014-02-28 11:03 - 2014-02-28 11:03 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\ActiveState
2014-02-19 16:44 - 2014-02-19 16:44 - 00000000 ____D () C:\ProgramData\RegClean
2014-02-19 15:05 - 2014-03-07 12:03 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-02-19 15:05 - 2014-03-07 12:03 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-02-19 15:05 - 2014-02-19 15:17 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-02-19 15:04 - 2014-02-19 15:17 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Seznam.cz
2014-02-18 11:22 - 2014-02-18 11:22 - 34698096 _____ (IDM Computer Solutions, Inc.) C:\Users\dvoracek\AppData\Roaming\ue_english.exe
2014-02-17 07:27 - 2014-02-24 21:09 - 00001052 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-17 07:27 - 2014-02-19 16:45 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\TeamViewer
==================== One Month Modified Files and Folders =======
2014-03-07 12:16 - 2014-03-07 12:12 - 00020467 _____ () C:\Users\dvoracek\Desktop\FRST.txt
2014-03-07 12:16 - 2014-03-07 11:48 - 00000000 ____D () C:\FRST
2014-03-07 12:12 - 2014-03-07 12:12 - 02156544 _____ (Farbar) C:\Users\dvoracek\Desktop\FRST64.exe
2014-03-07 12:11 - 2014-01-06 13:43 - 00000000 ____D () C:\Program Files (x86)\Feed Notifier
2014-03-07 12:07 - 2013-08-14 05:28 - 01239892 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 12:06 - 2009-07-14 05:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 12:06 - 2009-07-14 05:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 12:05 - 2013-08-14 08:22 - 00000000 ____D () C:\Users\dvoracek\Documents\Archivy
2014-03-07 12:03 - 2014-03-07 12:03 - 00001218 _____ () C:\Users\dvoracek\Desktop\SpeedUpMyComputer.lnk
2014-03-07 12:03 - 2014-02-19 15:05 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-03-07 12:03 - 2014-02-19 15:05 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-03-07 12:03 - 2013-06-06 04:52 - 00666194 _____ () C:\Windows\system32\perfh005.dat
2014-03-07 12:03 - 2013-06-06 04:52 - 00139890 _____ () C:\Windows\system32\perfc005.dat
2014-03-07 12:03 - 2009-07-14 06:13 - 01576554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-07 12:02 - 2013-08-19 13:01 - 00000000 ___RD () C:\Dropbox
2014-03-07 12:02 - 2013-08-19 12:58 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Dropbox
2014-03-07 12:01 - 2013-08-14 10:09 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 12:00 - 2013-08-14 05:57 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-07 11:58 - 2013-11-01 15:05 - 00018396 _____ () C:\Windows\PFRO.log
2014-03-07 11:58 - 2013-11-01 15:05 - 00004894 _____ () C:\Windows\setupact.log
2014-03-07 11:58 - 2013-08-14 05:43 - 00000112 _____ () C:\Windows\system32\config\netlogon.ftl
2014-03-07 11:58 - 2013-06-06 05:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 11:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 11:49 - 2013-12-06 13:36 - 00000000 ____D () C:\Win
2014-03-07 11:44 - 2013-11-25 08:57 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Skype
2014-03-07 11:30 - 2013-08-14 10:09 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 11:26 - 2013-06-06 05:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-07 07:40 - 2013-08-15 13:45 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-03-07 02:00 - 2013-08-14 08:43 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Adobe
2014-03-05 10:58 - 2013-08-21 12:42 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\XnView
2014-03-05 10:41 - 2013-08-20 09:57 - 00001456 _____ () C:\Users\dvoracek\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-03-03 15:50 - 2013-12-03 09:28 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-03-03 15:49 - 2013-08-14 10:32 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\uTorrent
2014-03-03 13:55 - 2014-03-03 13:55 - 00002022 _____ () C:\Users\Public\Desktop\UltraEdit.lnk
2014-03-03 13:55 - 2014-03-03 13:55 - 00000000 ____D () C:\Program Files (x86)\IDM Computer Solutions
2014-03-03 13:55 - 2013-06-06 05:18 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-03-03 13:54 - 2014-03-03 11:42 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Downloaded Installations
2014-03-03 13:35 - 2013-08-14 11:04 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\CrashDumps
2014-03-03 13:27 - 2013-09-30 09:35 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Notepad++
2014-03-03 13:27 - 2013-09-30 09:35 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-03-03 13:22 - 2014-03-03 13:56 - 00001124 _____ () C:\Windows\system32\Drivers\etc\hosts.premodifiedbackup.REViSE.bak
2014-03-03 11:43 - 2014-03-03 11:43 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\IDMComp
2014-03-03 11:43 - 2014-03-03 11:43 - 00000000 ____D () C:\ProgramData\IDMComp
2014-03-03 09:32 - 2014-03-03 09:30 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\Sublime Text 3
2014-03-03 09:31 - 2014-03-03 09:16 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\CoffeeCup Software
2014-03-03 09:30 - 2014-03-03 09:30 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Sublime Text 3
2014-03-03 09:25 - 2014-03-03 09:25 - 00000647 ____H () C:\Users\dvoracek\_viminfo
2014-03-03 09:25 - 2013-08-14 07:55 - 00000000 ____D () C:\Users\dvoracek
2014-03-03 09:22 - 2014-03-03 09:18 - 00000013 _____ () C:\Windows\SysWOW64\WinSys32.crc
2014-02-28 11:05 - 2014-02-28 11:03 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\ActiveState
2014-02-28 11:03 - 2014-02-28 11:03 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\ActiveState
2014-02-28 11:03 - 2013-11-28 07:41 - 00000000 ____D () C:\Users\dvoracek\AppData\Local\VirtualStore
2014-02-24 21:09 - 2014-02-17 07:27 - 00001052 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-19 16:45 - 2014-02-17 07:27 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\TeamViewer
2014-02-19 16:44 - 2014-02-19 16:44 - 00000000 ____D () C:\ProgramData\RegClean
2014-02-19 16:44 - 2009-07-14 05:45 - 05311168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-19 15:17 - 2014-02-19 15:05 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-02-19 15:17 - 2014-02-19 15:04 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\Seznam.cz
2014-02-18 11:22 - 2014-02-18 11:22 - 34698096 _____ (IDM Computer Solutions, Inc.) C:\Users\dvoracek\AppData\Roaming\ue_english.exe
2014-02-17 14:18 - 2013-08-14 08:13 - 00142960 _____ () C:\Users\dvoracek\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-17 07:27 - 2013-08-14 06:28 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-11 07:25 - 2013-08-14 10:09 - 00003952 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 07:25 - 2013-08-14 10:09 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 16:04 - 2013-08-14 10:48 - 00000000 ____D () C:\Users\dvoracek\AppData\Roaming\GHISLER
Some content of TEMP:
====================
C:\Users\administrator\AppData\Local\Temp\AcDeltree.exe
C:\Users\administrator\AppData\Local\Temp\uninstall.exe
C:\Users\dvoracek\AppData\Local\Temp\SpeedUpMyComputer.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 00:04
==================== End Of Log ============================
Udelejte 