zdravim mam problem s velmi pomalym stratem pc win 7 64b
dekuji za pomoc
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
velmi pomaly start pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velmi pomaly start pc
Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: velmi pomaly start pc
zdravim,..tak pri pokusu o stazeni FRSTLauncheru mi chrome hlasi,ze "Tento soubor je škodlivý a prohlížeč Chrome jej zablokoval"
vzal jsem na vedomi vase upozorneni,ze antivir muze protestovat,ale tady protestuje uz prohlizec.Mam to tedy stahnout do pc?Sorry jsem laik,tak se radsi ptam..
vzal jsem na vedomi vase upozorneni,ze antivir muze protestovat,ale tady protestuje uz prohlizec.Mam to tedy stahnout do pc?Sorry jsem laik,tak se radsi ptam..
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velmi pomaly start pc
Můžete. Utilita je vyzkoušná ude na fóru a pokud ji stahujete z doporučeného odkazu je v pořádku. Běžně ji tu používáme.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: velmi pomaly start pc
tdravim,tak tady je log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Vojta (administrator) on VOJTA-PC on 03-04-2014 16:24:30
Running from C:\Users\Vojta\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\SAgent4.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe
(Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems, Inc.) C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Vojta\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [OOTag] - C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298616 2013-04-01] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [EPSON SX420W Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [224768 2013-06-15] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [Epson Stylus SX420W(Network)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [224768 2013-06-15] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [PrinterProDesktop] - C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe [2132992 2012-02-02] ()
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [KasperskyPasswordManager] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe [7418688 2013-09-17] (Kaspersky Lab)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [AdobeBridge] - C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe [12002664 2011-06-10] (Adobe Systems, Inc.)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\MountPoints2: {24e40947-2b59-11e2-87eb-90fba6891054} - E:\setup.exe
Startup: C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w4651v23n
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w4651v23n
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_enGB509
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_enGB509
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Chrome:
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Kaspersky Password Manager) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\npkpmAutofill.dll (Kaspersky Lab)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll No File
CHR Plugin: (Software602 Form Filler) - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll No File
CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll No File
CHR Extension: (Dokumenty Google) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-08]
CHR Extension: (Disk Google) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-08]
CHR Extension: (YouTube) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-08]
CHR Extension: (OneTab) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2013-06-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-08]
CHR Extension: (Password Manager Autofill Engine) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddagfbbgmdhmolnjoaghlapikdcahbbl [2014-02-16]
CHR Extension: (AdBlock) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-23]
CHR Extension: (Skype Click to Call) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-07]
CHR Extension: (Peněženka Google) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-08]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2013-05-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
==================== Services (Whitelisted) =================
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-30] (Advanced Micro Devices, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 StatusAgent4; C:\Windows\SysWOW64\SAgent4.exe [136576 2013-06-15] (SEIKO EPSON CORPORATION)
S3 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-10-08] ()
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-03-17] (Glarysoft Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-17] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-12-08] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-03 16:24 - 2014-04-03 16:24 - 00020129 _____ () C:\Users\Vojta\Desktop\FRST.txt
2014-04-03 15:48 - 2014-04-03 15:48 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Downloads\Nepotvrzeno 957740.crdownload
2014-04-03 15:48 - 2014-04-03 15:48 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Downloads\Nepotvrzeno 845404.crdownload
2014-04-03 15:46 - 2014-04-03 15:46 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher.exe
2014-03-31 19:29 - 2014-03-31 19:29 - 00103871 _____ () C:\Users\Vojta\Downloads\zdrava strava.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00101684 _____ () C:\Users\Vojta\Downloads\Adzuki na paprice.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00100611 _____ () C:\Users\Vojta\Downloads\Červené zore.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\zdrava strava_files
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\Červené zore_files
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\Adzuki na paprice_files
2014-03-31 18:08 - 2014-04-03 15:53 - 00000000 ____D () C:\FRST
2014-03-31 18:07 - 2014-03-31 18:07 - 02157056 _____ (Farbar) C:\Users\Vojta\Desktop\FRST64.exe
2014-03-28 12:00 - 2014-04-03 16:05 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job
2014-03-28 12:00 - 2014-03-28 12:00 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5
2014-03-27 19:30 - 2014-03-17 07:07 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-03-23 12:32 - 2014-03-23 12:39 - 00000000 ____D () C:\Users\Vojta\Downloads\programy torrent
2014-03-17 19:36 - 2014-04-03 10:37 - 00004482 _____ () C:\Windows\setupact.log
2014-03-17 19:36 - 2014-03-17 19:36 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-17 19:34 - 2014-03-17 19:34 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Vojta\Downloads\Adobe_Air_v4.0.0.1390.exe
2014-03-12 18:17 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 18:17 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 18:17 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 18:17 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 18:17 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 18:17 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 18:17 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 18:17 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 18:17 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 18:17 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 18:17 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 18:17 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 18:17 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 18:17 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 18:17 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 18:17 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 18:17 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 18:17 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 18:17 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 18:17 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 18:17 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 18:17 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 18:17 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 18:17 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 18:17 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 18:17 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 18:17 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 18:17 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 18:17 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 18:17 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 18:17 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 18:17 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 18:17 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 18:17 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 18:17 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 18:17 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 18:17 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 18:17 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 18:17 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 18:17 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 18:17 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 18:17 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 18:17 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 18:17 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 18:17 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 18:17 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 18:16 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 18:16 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-03-12 17:39 - 2014-03-12 17:39 - 00003502 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Vojta-PC-Vojta
2014-03-12 17:34 - 2014-03-12 17:34 - 00000000 ____D () C:\Users\Vojta\Documents\Adobe Scripts
2014-03-12 17:26 - 2014-03-17 09:31 - 00000000 ____D () C:\Program Files\Adobe
2014-03-12 17:26 - 2014-03-12 17:40 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-03-12 17:22 - 2014-03-12 17:26 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-12 17:20 - 2014-03-12 17:20 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-03-12 17:18 - 2014-03-12 17:18 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-12 17:18 - 2014-03-12 17:18 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-03-11 19:56 - 2014-03-11 19:56 - 00003190 _____ () C:\Windows\System32\Tasks\{F7E639B3-1598-4182-9826-43080D39A4BD}
2014-03-11 19:31 - 2014-03-11 20:20 - 00000000 ____D () C:\Output
2014-03-11 18:46 - 2014-03-11 18:46 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-11 18:46 - 2014-03-11 18:46 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-784175068-2883849877-2555670383-1001
==================== One Month Modified Files and Folders =======
2014-04-03 16:24 - 2014-04-03 16:24 - 00020129 _____ () C:\Users\Vojta\Desktop\FRST.txt
2014-04-03 16:24 - 2013-03-31 18:27 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\uTorrent
2014-04-03 16:15 - 2012-11-09 20:20 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\Skype
2014-04-03 16:06 - 2012-12-25 10:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 16:05 - 2014-03-28 12:00 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job
2014-04-03 15:53 - 2014-03-31 18:08 - 00000000 ____D () C:\FRST
2014-04-03 15:48 - 2014-04-03 15:48 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Downloads\Nepotvrzeno 957740.crdownload
2014-04-03 15:48 - 2014-04-03 15:48 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Downloads\Nepotvrzeno 845404.crdownload
2014-04-03 15:46 - 2014-04-03 15:46 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher.exe
2014-04-03 14:43 - 2014-02-16 09:46 - 00000000 ___SD () C:\Users\Vojta\Documents\Passwords Database
2014-04-03 11:05 - 2014-02-12 18:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job
2014-04-03 10:45 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 10:45 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 10:41 - 2009-07-14 06:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 10:40 - 2012-11-09 22:19 - 01194130 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 10:37 - 2014-03-17 19:36 - 00004482 _____ () C:\Windows\setupact.log
2014-04-03 10:37 - 2014-02-17 17:17 - 00000328 _____ () C:\Windows\Tasks\GlaryInitialize 4.job
2014-04-03 10:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-01 19:22 - 2012-12-31 16:22 - 00000000 ___HD () C:\jexepackres
2014-03-31 19:33 - 2012-11-09 12:35 - 00000000 ____D () C:\Users\Vojta
2014-03-31 19:29 - 2014-03-31 19:29 - 00103871 _____ () C:\Users\Vojta\Downloads\zdrava strava.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00101684 _____ () C:\Users\Vojta\Downloads\Adzuki na paprice.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00100611 _____ () C:\Users\Vojta\Downloads\Červené zore.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\zdrava strava_files
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\Červené zore_files
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\Adzuki na paprice_files
2014-03-31 18:07 - 2014-03-31 18:07 - 02157056 _____ (Farbar) C:\Users\Vojta\Desktop\FRST64.exe
2014-03-31 14:56 - 2013-04-21 12:00 - 00000000 ____D () C:\Users\Vojta\AppData\Local\CrashDumps
2014-03-29 19:46 - 2013-11-05 16:34 - 00000000 ____D () C:\Users\Vojta\vymena manzelek
2014-03-28 12:00 - 2014-03-28 12:00 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5
2014-03-28 12:00 - 2014-02-12 18:54 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef
2014-03-27 19:30 - 2014-02-17 17:17 - 00002972 _____ () C:\Windows\System32\Tasks\GU4SkipUAC
2014-03-27 19:30 - 2014-02-17 17:17 - 00002624 _____ () C:\Windows\System32\Tasks\GlaryInitialize 4
2014-03-27 19:30 - 2014-02-17 17:17 - 00001044 _____ () C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-03-27 19:30 - 2014-02-17 17:17 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
2014-03-26 08:31 - 2012-11-29 13:29 - 00000000 ____D () C:\Users\Vojta\filmy
2014-03-25 16:04 - 2014-02-14 14:38 - 00000000 ____D () C:\Users\Vojta\tanecni pohoda
2014-03-23 17:09 - 2013-04-26 13:59 - 00000000 ____D () C:\Users\Vojta\pohadky
2014-03-23 12:39 - 2014-03-23 12:32 - 00000000 ____D () C:\Users\Vojta\Downloads\programy torrent
2014-03-21 08:51 - 2012-11-09 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-17 19:36 - 2014-03-17 19:36 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-17 19:34 - 2014-03-17 19:34 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Vojta\Downloads\Adobe_Air_v4.0.0.1390.exe
2014-03-17 09:31 - 2014-03-12 17:26 - 00000000 ____D () C:\Program Files\Adobe
2014-03-17 09:17 - 2014-02-14 14:29 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-03-17 07:22 - 2014-02-17 17:17 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-03-17 07:07 - 2014-03-27 19:30 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-03-15 19:03 - 2013-05-08 10:42 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 19:59 - 2012-11-21 08:03 - 00000000 ____D () C:\Users\Vojta\AppData\Local\Adobe
2014-03-13 19:50 - 2010-04-12 04:42 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-12 21:25 - 2012-11-09 14:10 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\Adobe
2014-03-12 18:36 - 2009-07-14 05:45 - 04983096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 18:35 - 2013-03-13 10:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 18:35 - 2013-03-13 10:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 18:23 - 2013-08-14 07:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-12 18:21 - 2012-11-10 09:58 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-12 18:20 - 2010-04-12 04:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 18:06 - 2014-03-12 18:06 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-03-12 17:41 - 2010-04-12 04:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-12 17:40 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-03-12 17:39 - 2014-03-12 17:39 - 00003502 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Vojta-PC-Vojta
2014-03-12 17:34 - 2014-03-12 17:34 - 00000000 ____D () C:\Users\Vojta\Documents\Adobe Scripts
2014-03-12 17:34 - 2012-11-09 12:37 - 00112264 _____ () C:\Users\Vojta\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-12 17:26 - 2014-03-12 17:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-12 17:20 - 2014-03-12 17:20 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-03-12 17:18 - 2014-03-12 17:18 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-12 17:18 - 2014-03-12 17:18 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-03-12 14:42 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-11 20:20 - 2014-03-11 19:31 - 00000000 ____D () C:\Output
2014-03-11 20:06 - 2012-12-25 10:09 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 20:06 - 2012-12-25 10:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 20:06 - 2012-12-25 10:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 19:56 - 2014-03-11 19:56 - 00003190 _____ () C:\Windows\System32\Tasks\{F7E639B3-1598-4182-9826-43080D39A4BD}
2014-03-11 19:50 - 2014-02-19 12:29 - 00000000 ____D () C:\Program Files\MPC-HC.1.7.3.x64
2014-03-11 19:44 - 2011-02-04 16:03 - 00000000 ____D () C:\Users\Vojta\Downloads\programy
2014-03-11 19:40 - 2012-11-09 20:40 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\RealNetworks
2014-03-11 19:40 - 2012-11-09 20:35 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\Real
2014-03-11 19:40 - 2012-11-09 20:33 - 00000000 ____D () C:\ProgramData\Real
2014-03-11 19:39 - 2014-02-01 09:52 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-11 19:39 - 2014-02-01 09:52 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-11 18:46 - 2014-03-11 18:46 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-11 18:46 - 2014-03-11 18:46 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-07 18:11 - 2012-12-31 20:00 - 00014336 _____ () C:\Users\Vojta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Users\Vojta\AppData\Local\Temp\gusetup0.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Vojta\Desktop" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirServer
C:\Program Files (x86)\AirServer\AirServer\AirServer.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirVideoServer
C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad
"C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor
"C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OV3_Monitor
"C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe" -NoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Vojta\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vojta^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Vojta\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vojta^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V�rezy obrazovky a spusten� aplikace OneNote 2007.lnk
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE /tsr [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Vojta (administrator) on VOJTA-PC on 03-04-2014 16:24:30
Running from C:\Users\Vojta\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\SAgent4.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe
(Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems, Inc.) C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Vojta\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [OOTag] - C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298616 2013-04-01] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [EPSON SX420W Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [224768 2013-06-15] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [Epson Stylus SX420W(Network)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [224768 2013-06-15] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [PrinterProDesktop] - C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe [2132992 2012-02-02] ()
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [KasperskyPasswordManager] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe [7418688 2013-09-17] (Kaspersky Lab)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [AdobeBridge] - C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe [12002664 2011-06-10] (Adobe Systems, Inc.)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\MountPoints2: {24e40947-2b59-11e2-87eb-90fba6891054} - E:\setup.exe
Startup: C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w4651v23n
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w4651v23n
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_enGB509
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_enGB509
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Chrome:
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Kaspersky Password Manager) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\npkpmAutofill.dll (Kaspersky Lab)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll No File
CHR Plugin: (Software602 Form Filler) - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll No File
CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll No File
CHR Extension: (Dokumenty Google) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-08]
CHR Extension: (Disk Google) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-08]
CHR Extension: (YouTube) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-08]
CHR Extension: (OneTab) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2013-06-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-08]
CHR Extension: (Password Manager Autofill Engine) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddagfbbgmdhmolnjoaghlapikdcahbbl [2014-02-16]
CHR Extension: (AdBlock) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-23]
CHR Extension: (Skype Click to Call) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-07]
CHR Extension: (Peněženka Google) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-08]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2013-05-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
==================== Services (Whitelisted) =================
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-30] (Advanced Micro Devices, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 StatusAgent4; C:\Windows\SysWOW64\SAgent4.exe [136576 2013-06-15] (SEIKO EPSON CORPORATION)
S3 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-10-08] ()
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-03-17] (Glarysoft Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-17] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-12-08] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-03 16:24 - 2014-04-03 16:24 - 00020129 _____ () C:\Users\Vojta\Desktop\FRST.txt
2014-04-03 15:48 - 2014-04-03 15:48 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Downloads\Nepotvrzeno 957740.crdownload
2014-04-03 15:48 - 2014-04-03 15:48 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Downloads\Nepotvrzeno 845404.crdownload
2014-04-03 15:46 - 2014-04-03 15:46 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher.exe
2014-03-31 19:29 - 2014-03-31 19:29 - 00103871 _____ () C:\Users\Vojta\Downloads\zdrava strava.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00101684 _____ () C:\Users\Vojta\Downloads\Adzuki na paprice.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00100611 _____ () C:\Users\Vojta\Downloads\Červené zore.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\zdrava strava_files
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\Červené zore_files
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\Adzuki na paprice_files
2014-03-31 18:08 - 2014-04-03 15:53 - 00000000 ____D () C:\FRST
2014-03-31 18:07 - 2014-03-31 18:07 - 02157056 _____ (Farbar) C:\Users\Vojta\Desktop\FRST64.exe
2014-03-28 12:00 - 2014-04-03 16:05 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job
2014-03-28 12:00 - 2014-03-28 12:00 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5
2014-03-27 19:30 - 2014-03-17 07:07 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-03-23 12:32 - 2014-03-23 12:39 - 00000000 ____D () C:\Users\Vojta\Downloads\programy torrent
2014-03-17 19:36 - 2014-04-03 10:37 - 00004482 _____ () C:\Windows\setupact.log
2014-03-17 19:36 - 2014-03-17 19:36 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-17 19:34 - 2014-03-17 19:34 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Vojta\Downloads\Adobe_Air_v4.0.0.1390.exe
2014-03-12 18:17 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 18:17 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 18:17 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 18:17 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 18:17 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 18:17 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 18:17 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 18:17 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 18:17 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 18:17 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 18:17 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 18:17 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 18:17 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 18:17 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 18:17 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 18:17 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 18:17 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 18:17 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 18:17 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 18:17 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 18:17 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 18:17 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 18:17 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 18:17 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 18:17 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 18:17 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 18:17 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 18:17 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 18:17 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 18:17 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 18:17 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 18:17 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 18:17 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 18:17 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 18:17 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 18:17 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 18:17 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 18:17 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 18:17 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 18:17 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 18:17 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 18:17 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 18:17 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 18:17 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 18:17 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 18:17 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 18:16 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 18:16 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-03-12 17:39 - 2014-03-12 17:39 - 00003502 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Vojta-PC-Vojta
2014-03-12 17:34 - 2014-03-12 17:34 - 00000000 ____D () C:\Users\Vojta\Documents\Adobe Scripts
2014-03-12 17:26 - 2014-03-17 09:31 - 00000000 ____D () C:\Program Files\Adobe
2014-03-12 17:26 - 2014-03-12 17:40 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-03-12 17:22 - 2014-03-12 17:26 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-12 17:20 - 2014-03-12 17:20 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-03-12 17:18 - 2014-03-12 17:18 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-12 17:18 - 2014-03-12 17:18 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-03-11 19:56 - 2014-03-11 19:56 - 00003190 _____ () C:\Windows\System32\Tasks\{F7E639B3-1598-4182-9826-43080D39A4BD}
2014-03-11 19:31 - 2014-03-11 20:20 - 00000000 ____D () C:\Output
2014-03-11 18:46 - 2014-03-11 18:46 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-11 18:46 - 2014-03-11 18:46 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-784175068-2883849877-2555670383-1001
==================== One Month Modified Files and Folders =======
2014-04-03 16:24 - 2014-04-03 16:24 - 00020129 _____ () C:\Users\Vojta\Desktop\FRST.txt
2014-04-03 16:24 - 2013-03-31 18:27 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\uTorrent
2014-04-03 16:15 - 2012-11-09 20:20 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\Skype
2014-04-03 16:06 - 2012-12-25 10:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 16:05 - 2014-03-28 12:00 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job
2014-04-03 15:53 - 2014-03-31 18:08 - 00000000 ____D () C:\FRST
2014-04-03 15:48 - 2014-04-03 15:48 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Downloads\Nepotvrzeno 957740.crdownload
2014-04-03 15:48 - 2014-04-03 15:48 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Downloads\Nepotvrzeno 845404.crdownload
2014-04-03 15:46 - 2014-04-03 15:46 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher.exe
2014-04-03 14:43 - 2014-02-16 09:46 - 00000000 ___SD () C:\Users\Vojta\Documents\Passwords Database
2014-04-03 11:05 - 2014-02-12 18:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job
2014-04-03 10:45 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 10:45 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 10:41 - 2009-07-14 06:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 10:40 - 2012-11-09 22:19 - 01194130 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 10:37 - 2014-03-17 19:36 - 00004482 _____ () C:\Windows\setupact.log
2014-04-03 10:37 - 2014-02-17 17:17 - 00000328 _____ () C:\Windows\Tasks\GlaryInitialize 4.job
2014-04-03 10:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-01 19:22 - 2012-12-31 16:22 - 00000000 ___HD () C:\jexepackres
2014-03-31 19:33 - 2012-11-09 12:35 - 00000000 ____D () C:\Users\Vojta
2014-03-31 19:29 - 2014-03-31 19:29 - 00103871 _____ () C:\Users\Vojta\Downloads\zdrava strava.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00101684 _____ () C:\Users\Vojta\Downloads\Adzuki na paprice.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00100611 _____ () C:\Users\Vojta\Downloads\Červené zore.htm
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\zdrava strava_files
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\Červené zore_files
2014-03-31 19:29 - 2014-03-31 19:29 - 00000000 ____D () C:\Users\Vojta\Downloads\Adzuki na paprice_files
2014-03-31 18:07 - 2014-03-31 18:07 - 02157056 _____ (Farbar) C:\Users\Vojta\Desktop\FRST64.exe
2014-03-31 14:56 - 2013-04-21 12:00 - 00000000 ____D () C:\Users\Vojta\AppData\Local\CrashDumps
2014-03-29 19:46 - 2013-11-05 16:34 - 00000000 ____D () C:\Users\Vojta\vymena manzelek
2014-03-28 12:00 - 2014-03-28 12:00 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5
2014-03-28 12:00 - 2014-02-12 18:54 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef
2014-03-27 19:30 - 2014-02-17 17:17 - 00002972 _____ () C:\Windows\System32\Tasks\GU4SkipUAC
2014-03-27 19:30 - 2014-02-17 17:17 - 00002624 _____ () C:\Windows\System32\Tasks\GlaryInitialize 4
2014-03-27 19:30 - 2014-02-17 17:17 - 00001044 _____ () C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-03-27 19:30 - 2014-02-17 17:17 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
2014-03-26 08:31 - 2012-11-29 13:29 - 00000000 ____D () C:\Users\Vojta\filmy
2014-03-25 16:04 - 2014-02-14 14:38 - 00000000 ____D () C:\Users\Vojta\tanecni pohoda
2014-03-23 17:09 - 2013-04-26 13:59 - 00000000 ____D () C:\Users\Vojta\pohadky
2014-03-23 12:39 - 2014-03-23 12:32 - 00000000 ____D () C:\Users\Vojta\Downloads\programy torrent
2014-03-21 08:51 - 2012-11-09 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-17 19:36 - 2014-03-17 19:36 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-17 19:34 - 2014-03-17 19:34 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Vojta\Downloads\Adobe_Air_v4.0.0.1390.exe
2014-03-17 09:31 - 2014-03-12 17:26 - 00000000 ____D () C:\Program Files\Adobe
2014-03-17 09:17 - 2014-02-14 14:29 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-03-17 07:22 - 2014-02-17 17:17 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-03-17 07:07 - 2014-03-27 19:30 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-03-15 19:03 - 2013-05-08 10:42 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 19:59 - 2012-11-21 08:03 - 00000000 ____D () C:\Users\Vojta\AppData\Local\Adobe
2014-03-13 19:50 - 2010-04-12 04:42 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-12 21:25 - 2012-11-09 14:10 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\Adobe
2014-03-12 18:36 - 2009-07-14 05:45 - 04983096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 18:35 - 2013-03-13 10:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 18:35 - 2013-03-13 10:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 18:23 - 2013-08-14 07:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-12 18:21 - 2012-11-10 09:58 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-12 18:20 - 2010-04-12 04:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 18:06 - 2014-03-12 18:06 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-03-12 17:41 - 2010-04-12 04:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-12 17:40 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-03-12 17:39 - 2014-03-12 17:39 - 00003502 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Vojta-PC-Vojta
2014-03-12 17:34 - 2014-03-12 17:34 - 00000000 ____D () C:\Users\Vojta\Documents\Adobe Scripts
2014-03-12 17:34 - 2012-11-09 12:37 - 00112264 _____ () C:\Users\Vojta\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-12 17:26 - 2014-03-12 17:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-12 17:20 - 2014-03-12 17:20 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-03-12 17:18 - 2014-03-12 17:18 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-12 17:18 - 2014-03-12 17:18 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-03-12 14:42 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-11 20:20 - 2014-03-11 19:31 - 00000000 ____D () C:\Output
2014-03-11 20:06 - 2012-12-25 10:09 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 20:06 - 2012-12-25 10:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 20:06 - 2012-12-25 10:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 19:56 - 2014-03-11 19:56 - 00003190 _____ () C:\Windows\System32\Tasks\{F7E639B3-1598-4182-9826-43080D39A4BD}
2014-03-11 19:50 - 2014-02-19 12:29 - 00000000 ____D () C:\Program Files\MPC-HC.1.7.3.x64
2014-03-11 19:44 - 2011-02-04 16:03 - 00000000 ____D () C:\Users\Vojta\Downloads\programy
2014-03-11 19:40 - 2012-11-09 20:40 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\RealNetworks
2014-03-11 19:40 - 2012-11-09 20:35 - 00000000 ____D () C:\Users\Vojta\AppData\Roaming\Real
2014-03-11 19:40 - 2012-11-09 20:33 - 00000000 ____D () C:\ProgramData\Real
2014-03-11 19:39 - 2014-02-01 09:52 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-11 19:39 - 2014-02-01 09:52 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-11 18:46 - 2014-03-11 18:46 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-11 18:46 - 2014-03-11 18:46 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-784175068-2883849877-2555670383-1001
2014-03-07 18:11 - 2012-12-31 20:00 - 00014336 _____ () C:\Users\Vojta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Users\Vojta\AppData\Local\Temp\gusetup0.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Vojta\Desktop" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirServer
C:\Program Files (x86)\AirServer\AirServer\AirServer.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirVideoServer
C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad
"C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor
"C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OV3_Monitor
"C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe" -NoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Vojta\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vojta^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Vojta\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vojta^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V�rezy obrazovky a spusten� aplikace OneNote 2007.lnk
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE /tsr [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velmi pomaly start pc
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\MountPoints2: {24e40947-2b59-11e2-87eb-90fba6891054} - E:\setup.exe
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
C:\Windows\System32\Tasks\{F7E639B3-1598-4182-9826-43080D39A4BD}
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job
C:\Users\Vojta\AppData\Local\Temp
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: velmi pomaly start pc
Tak tady to je...
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Vojta at 2014-04-03 18:24:39 Run:1
Running from C:\Users\Vojta\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\MountPoints2: {24e40947-2b59-11e2-87eb-90fba6891054} - E:\setup.exe
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
C:\Windows\System32\Tasks\{F7E639B3-1598-4182-9826-43080D39A4BD}
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job
C:\Users\Vojta\AppData\Local\Temp
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24e40947-2b59-11e2-87eb-90fba6891054} => Key deleted successfully.
HKCR\CLSID\{24e40947-2b59-11e2-87eb-90fba6891054} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll not found.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll not found.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => File/Directory not found.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
C:\Windows\System32\Tasks\{F7E639B3-1598-4182-9826-43080D39A4BD} => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job => Moved successfully.
"C:\Users\Vojta\AppData\Local\Temp" directory move:
C:\Users\Vojta\AppData\Local\Temp\AdobeARM.log => Moved successfully.
Could not move "C:\Users\Vojta\AppData\Local\Temp\etilqs_Zcou9MTxiyUTws9" => Scheduled to move on reboot.
Could not move "C:\Users\Vojta\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Vojta\AppData\Local\Temp\gusetup0.exe => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\PDApp.log => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~3892.tmp => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~4BDE.bat => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~4BDE.tmp => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~8480.tmp => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~autoupdate.dat => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~F30B.tmp => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~glaryutilities-version.dat => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~gu3-ver.dat => Moved successfully.
Could not move "C:\Users\Vojta\AppData\Local\Temp\Skype\DbTemp\temp-b6Z83aqZ0rokS2RnbBezo7U1" => Scheduled to move on reboot.
Could not move "C:\Users\Vojta\AppData\Local\Temp\Skype\DbTemp\temp-Dd23tBa6wtd5mfEwdzIb8dlM" => Scheduled to move on reboot.
C:\Users\Vojta\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\732_18019\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\732_18019\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\732_18019\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\6028_13324\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\6028_13324\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\6028_13324\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5948_1900\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5948_1900\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5948_1900\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5816_21900\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5816_21900\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5816_21900\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5524_13072\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5524_13072\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5524_13072\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5444_8456\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5444_8456\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5444_8456\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5216_6852\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5216_6852\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5216_6852\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5164_22720\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5164_22720\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5164_22720\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5072_16847\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5072_16847\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5072_16847\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4980_1127\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4980_1127\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4980_1127\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4764_8752\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4764_8752\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4764_8752\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4292_25269\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4292_25269\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4292_25269\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\3520_16740\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\3520_16740\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\3520_16740\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2804_9643\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2804_9643\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2804_9643\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2372_31210\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2372_31210\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2372_31210\manifest.json => Moved successfully.
Could not move "C:\Users\Vojta\AppData\Local\Temp" directory. => Scheduled to move on reboot.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job not found.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-03 18:26:29)<=
C:\Users\Vojta\AppData\Local\Temp\etilqs_Zcou9MTxiyUTws9 => Is moved successfully.
C:\Users\Vojta\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Vojta\AppData\Local\Temp\Skype\DbTemp\temp-b6Z83aqZ0rokS2RnbBezo7U1 => Is moved successfully.
C:\Users\Vojta\AppData\Local\Temp\Skype\DbTemp\temp-Dd23tBa6wtd5mfEwdzIb8dlM => Is moved successfully.
C:\Users\Vojta\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Vojta at 2014-04-03 18:24:39 Run:1
Running from C:\Users\Vojta\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\...\MountPoints2: {24e40947-2b59-11e2-87eb-90fba6891054} - E:\setup.exe
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
C:\Windows\System32\Tasks\{F7E639B3-1598-4182-9826-43080D39A4BD}
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job
C:\Users\Vojta\AppData\Local\Temp
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\S-1-5-21-784175068-2883849877-2555670383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24e40947-2b59-11e2-87eb-90fba6891054} => Key deleted successfully.
HKCR\CLSID\{24e40947-2b59-11e2-87eb-90fba6891054} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll not found.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll not found.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => File/Directory not found.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
C:\Windows\System32\Tasks\{F7E639B3-1598-4182-9826-43080D39A4BD} => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job => Moved successfully.
"C:\Users\Vojta\AppData\Local\Temp" directory move:
C:\Users\Vojta\AppData\Local\Temp\AdobeARM.log => Moved successfully.
Could not move "C:\Users\Vojta\AppData\Local\Temp\etilqs_Zcou9MTxiyUTws9" => Scheduled to move on reboot.
Could not move "C:\Users\Vojta\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Vojta\AppData\Local\Temp\gusetup0.exe => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\PDApp.log => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~3892.tmp => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~4BDE.bat => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~4BDE.tmp => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~8480.tmp => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~autoupdate.dat => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~F30B.tmp => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~glaryutilities-version.dat => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\~gu3-ver.dat => Moved successfully.
Could not move "C:\Users\Vojta\AppData\Local\Temp\Skype\DbTemp\temp-b6Z83aqZ0rokS2RnbBezo7U1" => Scheduled to move on reboot.
Could not move "C:\Users\Vojta\AppData\Local\Temp\Skype\DbTemp\temp-Dd23tBa6wtd5mfEwdzIb8dlM" => Scheduled to move on reboot.
C:\Users\Vojta\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\732_18019\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\732_18019\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\732_18019\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\6028_13324\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\6028_13324\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\6028_13324\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5948_1900\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5948_1900\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5948_1900\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5816_21900\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5816_21900\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5816_21900\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5524_13072\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5524_13072\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5524_13072\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5444_8456\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5444_8456\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5444_8456\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5216_6852\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5216_6852\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5216_6852\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5164_22720\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5164_22720\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5164_22720\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5072_16847\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5072_16847\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\5072_16847\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4980_1127\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4980_1127\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4980_1127\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4764_8752\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4764_8752\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4764_8752\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4292_25269\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4292_25269\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\4292_25269\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\3520_16740\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\3520_16740\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\3520_16740\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2804_9643\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2804_9643\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2804_9643\manifest.json => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2372_31210\crl-set => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2372_31210\manifest.fingerprint => Moved successfully.
C:\Users\Vojta\AppData\Local\Temp\2372_31210\manifest.json => Moved successfully.
Could not move "C:\Users\Vojta\AppData\Local\Temp" directory. => Scheduled to move on reboot.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf281b7e2a73ef.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a74f857eee5.job not found.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-03 18:26:29)<=
C:\Users\Vojta\AppData\Local\Temp\etilqs_Zcou9MTxiyUTws9 => Is moved successfully.
C:\Users\Vojta\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Vojta\AppData\Local\Temp\Skype\DbTemp\temp-b6Z83aqZ0rokS2RnbBezo7U1 => Is moved successfully.
C:\Users\Vojta\AppData\Local\Temp\Skype\DbTemp\temp-Dd23tBa6wtd5mfEwdzIb8dlM => Is moved successfully.
C:\Users\Vojta\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velmi pomaly start pc
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: velmi pomaly start pc
Ano,start pc je ted o poznani rychlejsi 
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velmi pomaly start pc
Tak to jsem rád.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: velmi pomaly start pc
Tak pokud je to takto vse,tak Vam mnohokrat dekuji,mejte se..
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velmi pomaly start pc
Ano, vše. FRST smažte. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?