Prosím o kontrolu LOGU
Napsal: 13 kvě 2014 17:43
Dobrý den poprosil bych o kontrolu logu z mého netbooku systém W7 ultimate 32 bit. Od včera se chová nějak podivně, nešel upgrade avast a byl i problém s operou, také nešlo stáhnout soubory s novým upgrade softem.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01
Ran by Bork (administrator) on BORK-NETBOOK on 13-05-2014 18:33:12
Running from C:\Users\Bork\Desktop
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(forum.viry.cz) C:\Users\Bork\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [6475264 2013-02-13] (Broadcom Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-13] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3257640 2013-11-21] (O&O Software GmbH)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKLM - {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.70.100.1 77.48.233.12 208.67.222.222
FireFox:
========
FF ProfilePath: C:\Users\Bork\AppData\Roaming\Mozilla\Firefox\Profiles\m2p99x90.default
FF user.js: detected! => C:\Users\Bork\AppData\Roaming\Mozilla\Firefox\Profiles\m2p99x90.default\user.js
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: http://www.seznam.cz
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Bork\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Bork\AppData\Roaming\Mozilla\Firefox\Profiles\m2p99x90.default\searchplugins\seznam.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-13]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-13] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-13] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1381672 2013-11-21] (O&O Software GmbH)
R2 ssinstall; C:\Windows\System32\ssins.exe [2324216 2013-12-16] (PS Media s.r.o.)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5186048 2013-02-13] (Broadcom Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-13] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-05-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-13] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270240 2014-05-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-05-13] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-13] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2013-02-13] (Broadcom Corporation)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [25248 2011-09-16] (Atheros)
S3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [525352 2011-08-30] (Broadcom Corporation.)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [268176 2012-07-27] (ELAN Microelectronics Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [188520 2011-05-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32872 2011-05-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\System32\DRIVERS\RTL2832U_IRHID.sys [42728 2011-06-13] (Realtek)
R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52920 2014-05-08] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-13 18:33 - 2014-05-13 18:33 - 00012268 _____ () C:\Users\Bork\Desktop\FRST.txt
2014-05-13 18:29 - 2014-05-13 18:29 - 00112640 _____ (forum.viry.cz) C:\Users\Bork\Desktop\FRSTLauncher.exe
2014-05-13 17:27 - 2014-05-13 18:33 - 00000000 ____D () C:\FRST
2014-05-13 17:22 - 2014-05-13 17:21 - 01056256 _____ (Farbar) C:\Users\Bork\Desktop\FRST.exe
2014-05-13 17:21 - 2014-05-13 17:21 - 01056256 _____ (Farbar) C:\Users\Bork\Downloads\FRST.exe
2014-05-13 17:19 - 2014-05-13 17:19 - 00112107 _____ (forum.viry.cz) C:\Users\Bork\Downloads\VerzeOS.exe
2014-05-13 16:46 - 2014-05-13 16:46 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Bork\Downloads\spybot-2.3 (2).exe
2014-05-13 16:41 - 2014-05-13 16:54 - 00000000 ____D () C:\Program Files\trend micro
2014-05-13 16:40 - 2014-05-13 16:41 - 00000000 ____D () C:\rsit
2014-05-13 16:39 - 2014-05-13 16:40 - 00781383 _____ () C:\Users\Bork\Downloads\RSIT.exe
2014-05-13 16:38 - 2014-05-13 16:38 - 00111504 _____ () C:\Users\Bork\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 11:03 - 2014-05-13 18:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 11:01 - 2014-05-13 11:01 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-13 11:01 - 2014-05-13 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-13 11:01 - 2014-05-13 11:01 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-13 11:01 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 11:01 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-13 09:04 - 2014-05-13 09:04 - 00001091 _____ () C:\Users\Public\Desktop\Opera 21.lnk
2014-05-13 09:04 - 2014-05-13 09:04 - 00001091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 21.lnk
2014-05-13 08:48 - 2014-05-13 08:48 - 00002053 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-13 08:45 - 2014-05-13 08:45 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-13 08:45 - 2014-05-13 08:45 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-13 08:44 - 2014-05-13 08:45 - 00270240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-05-13 08:42 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 08:42 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-12 20:12 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-12 20:11 - 2014-05-12 20:11 - 00004088 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-12 20:11 - 2014-05-12 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-12 20:11 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-12 20:11 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-12 20:11 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-12 19:54 - 2014-05-12 19:54 - 00000000 ____D () C:\Users\Jitka\AppData\Roaming\Macromedia
2014-05-12 19:54 - 2014-05-12 19:54 - 00000000 ____D () C:\Users\Jitka\AppData\Local\Macromedia
2014-05-12 19:46 - 2014-05-13 13:21 - 00131748 _____ () C:\Windows\PFRO.log
2014-05-12 19:46 - 2014-05-13 13:21 - 00000224 _____ () C:\Windows\setupact.log
2014-05-12 19:46 - 2014-05-12 19:46 - 00419472 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-12 19:46 - 2014-05-12 19:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-12 00:32 - 2014-05-12 00:32 - 00283096 _____ (Mozilla) C:\Users\Bork\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-09 23:01 - 2014-05-10 10:10 - 00000044 _____ () C:\Users\Bork\Desktop\Nový textový dokument.txt
2014-05-08 23:56 - 2014-05-08 23:56 - 00001691 _____ () C:\Users\Bork\Documents\Setup.cfg.txt
2014-05-08 23:25 - 2014-05-08 23:25 - 00067374 _____ () C:\Users\Bork\Downloads\help.csy.zip
2014-05-08 22:05 - 2014-05-08 22:05 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG.sys
2014-05-08 20:24 - 2014-05-08 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMR Player
2014-05-08 20:24 - 2014-05-08 20:24 - 00000000 ____D () C:\Program Files\AMR Player
2014-05-08 20:22 - 2014-05-08 20:23 - 02529450 _____ (http://www.amrplayer.com ) C:\Users\Bork\Downloads\amrplayer_setup.exe
2014-05-06 08:10 - 2014-05-05 20:07 - 03113272 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer.dll.new
2014-05-02 18:38 - 2014-05-02 18:39 - 28862184 _____ (Mozilla) C:\Users\Bork\Downloads\Firefox Setup 29.0 (1).exe
2014-05-01 11:10 - 2014-05-02 17:13 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-04-24 17:17 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-24 17:17 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-24 17:16 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-24 17:16 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-24 17:16 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-24 17:16 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-24 17:16 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-24 17:16 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-24 17:16 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-24 17:16 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-24 17:16 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-24 17:16 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-24 17:16 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-24 17:16 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-24 17:16 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-24 17:16 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-24 17:16 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-24 17:16 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-24 17:15 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-24 17:15 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-24 17:15 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-24 17:15 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-24 17:15 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-24 17:15 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 19:09 - 2014-04-16 19:09 - 00001963 _____ () C:\Users\Public\Desktop\Trade.com MetaTrader 4.lnk
2014-04-16 19:09 - 2014-04-16 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trade.com MetaTrader 4
2014-04-16 19:09 - 2014-04-16 19:09 - 00000000 ____D () C:\Program Files\Trade.com MetaTrader 4
==================== One Month Modified Files and Folders =======
2014-05-13 18:33 - 2014-05-13 18:33 - 00012268 _____ () C:\Users\Bork\Desktop\FRST.txt
2014-05-13 18:33 - 2014-05-13 17:27 - 00000000 ____D () C:\FRST
2014-05-13 18:29 - 2014-05-13 18:29 - 00112640 _____ (forum.viry.cz) C:\Users\Bork\Desktop\FRSTLauncher.exe
2014-05-13 18:26 - 2013-02-12 22:38 - 01694462 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 18:25 - 2013-02-13 09:51 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Skype
2014-05-13 18:10 - 2013-03-04 22:13 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 18:06 - 2014-05-13 11:03 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 17:53 - 2013-02-13 00:46 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 17:21 - 2014-05-13 17:22 - 01056256 _____ (Farbar) C:\Users\Bork\Desktop\FRST.exe
2014-05-13 17:21 - 2014-05-13 17:21 - 01056256 _____ (Farbar) C:\Users\Bork\Downloads\FRST.exe
2014-05-13 17:19 - 2014-05-13 17:19 - 00112107 _____ (forum.viry.cz) C:\Users\Bork\Downloads\VerzeOS.exe
2014-05-13 16:54 - 2014-05-13 16:41 - 00000000 ____D () C:\Program Files\trend micro
2014-05-13 16:46 - 2014-05-13 16:46 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Bork\Downloads\spybot-2.3 (2).exe
2014-05-13 16:44 - 2009-07-14 06:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 16:44 - 2009-07-14 06:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 16:41 - 2014-05-13 16:40 - 00000000 ____D () C:\rsit
2014-05-13 16:40 - 2014-05-13 16:39 - 00781383 _____ () C:\Users\Bork\Downloads\RSIT.exe
2014-05-13 16:38 - 2014-05-13 16:38 - 00111504 _____ () C:\Users\Bork\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 13:24 - 2013-02-20 17:02 - 00000000 ____D () C:\Program Files\MetaTrader-Admiral Markets
2014-05-13 13:21 - 2014-05-12 19:46 - 00131748 _____ () C:\Windows\PFRO.log
2014-05-13 13:21 - 2014-05-12 19:46 - 00000224 _____ () C:\Windows\setupact.log
2014-05-13 13:21 - 2013-12-16 18:27 - 00000000 _____ () C:\Windows\system32\sinstall.log
2014-05-13 13:21 - 2013-02-13 00:46 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 13:21 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-13 13:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Speech
2014-05-13 11:33 - 2009-07-14 04:04 - 00000580 _____ () C:\Windows\win.ini
2014-05-13 11:01 - 2014-05-13 11:01 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-13 11:01 - 2014-05-13 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-13 11:01 - 2014-05-13 11:01 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-13 11:01 - 2013-03-13 12:20 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Malwarebytes
2014-05-13 11:01 - 2013-03-13 12:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 10:23 - 2013-10-19 15:14 - 00000000 ____D () C:\Program Files (x86)
2014-05-13 09:43 - 2013-03-13 23:05 - 00002117 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-13 09:08 - 2013-12-20 16:39 - 00000000 ____D () C:\Users\Bork\AppData\Local\Opera Software
2014-05-13 09:04 - 2014-05-13 09:04 - 00001091 _____ () C:\Users\Public\Desktop\Opera 21.lnk
2014-05-13 09:04 - 2014-05-13 09:04 - 00001091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 21.lnk
2014-05-13 09:04 - 2013-12-20 16:38 - 00000000 ____D () C:\Program Files\Opera
2014-05-13 08:51 - 2013-08-15 23:18 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-05-13 08:48 - 2014-05-13 08:48 - 00002053 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-13 08:48 - 2013-10-24 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-13 08:45 - 2014-05-13 08:45 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-13 08:45 - 2014-05-13 08:45 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-13 08:45 - 2014-05-13 08:44 - 00270240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-05-13 08:45 - 2014-01-04 20:53 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-13 08:45 - 2013-03-08 23:24 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-13 08:45 - 2013-03-08 23:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-13 08:45 - 2013-02-13 01:07 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-13 08:45 - 2013-02-13 01:07 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-13 08:45 - 2013-02-13 01:07 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-13 08:45 - 2013-02-13 01:07 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-13 08:45 - 2013-02-13 01:06 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-13 08:44 - 2013-03-08 23:24 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-05-12 20:12 - 2013-10-07 14:12 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 20:11 - 2014-05-12 20:11 - 00004088 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-12 20:11 - 2014-05-12 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-12 20:11 - 2013-10-07 14:11 - 00000000 ____D () C:\Program Files\Java
2014-05-12 19:54 - 2014-05-12 19:54 - 00000000 ____D () C:\Users\Jitka\AppData\Roaming\Macromedia
2014-05-12 19:54 - 2014-05-12 19:54 - 00000000 ____D () C:\Users\Jitka\AppData\Local\Macromedia
2014-05-12 19:52 - 2013-02-15 20:59 - 00000000 ____D () C:\Users\Jitka\AppData\Local\Mozilla
2014-05-12 19:51 - 2013-02-13 22:59 - 00000000 ____D () C:\Users\Jitka\AppData\Roaming\Seznam.cz
2014-05-12 19:46 - 2014-05-12 19:46 - 00419472 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-12 19:46 - 2014-05-12 19:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-12 19:38 - 2013-02-13 13:36 - 00000000 ____D () C:\Users\Bork\AppData\Local\CrashDumps
2014-05-12 00:38 - 2014-02-15 11:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 00:32 - 2014-05-12 00:32 - 00283096 _____ (Mozilla) C:\Users\Bork\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-12 00:17 - 2013-02-13 11:13 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Seznam.cz
2014-05-12 00:11 - 2013-02-12 22:48 - 00000000 ____D () C:\Users\Bork
2014-05-12 00:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-05-12 00:10 - 2013-10-20 07:55 - 00000000 ____D () C:\Windows\pss
2014-05-12 00:10 - 2013-02-13 22:59 - 00000000 ____D () C:\Users\Jitka
2014-05-12 00:09 - 2013-12-20 16:39 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Opera Software
2014-05-12 00:09 - 2013-10-31 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xOption
2014-05-12 00:09 - 2013-10-31 23:48 - 00000000 ____D () C:\Program Files\xOption
2014-05-12 00:09 - 2013-10-19 15:13 - 00000000 ____D () C:\Users\Bork\AppData\Local\MoboGenie
2014-05-12 00:09 - 2013-07-29 14:07 - 00000000 ____D () C:\Users\Bork\AppData\Local\Newsoft
2014-05-12 00:09 - 2013-07-29 13:56 - 00000000 ____D () C:\Program Files\Blaze Video Magic
2014-05-12 00:09 - 2013-02-13 18:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-12 00:09 - 2013-02-13 11:14 - 00000000 ____D () C:\Program Files\Seznam.cz
2014-05-12 00:09 - 2013-02-13 10:53 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\GHISLER
2014-05-12 00:09 - 2013-02-13 01:16 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-12 00:09 - 2009-07-14 11:20 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-12 00:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-05-10 10:10 - 2014-05-09 23:01 - 00000044 _____ () C:\Users\Bork\Desktop\Nový textový dokument.txt
2014-05-08 23:56 - 2014-05-08 23:56 - 00001691 _____ () C:\Users\Bork\Documents\Setup.cfg.txt
2014-05-08 23:35 - 2013-03-07 15:39 - 00000000 ____D () C:\Users\Bork\AppData\Local\GHISLER
2014-05-08 23:34 - 2013-07-21 09:42 - 00000000 ____D () C:\Program Files\Orbitron
2014-05-08 23:25 - 2014-05-08 23:25 - 00067374 _____ () C:\Users\Bork\Downloads\help.csy.zip
2014-05-08 22:05 - 2014-05-08 22:05 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG.sys
2014-05-08 20:29 - 2013-12-03 11:24 - 00000000 ___RD () C:\Users\Bork\Dropbox
2014-05-08 20:29 - 2013-12-03 11:17 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Dropbox
2014-05-08 20:24 - 2014-05-08 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMR Player
2014-05-08 20:24 - 2014-05-08 20:24 - 00000000 ____D () C:\Program Files\AMR Player
2014-05-08 20:23 - 2014-05-08 20:22 - 02529450 _____ (http://www.amrplayer.com ) C:\Users\Bork\Downloads\amrplayer_setup.exe
2014-05-07 07:46 - 2013-02-13 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-06 08:11 - 2014-03-17 22:05 - 00000000 ____D () C:\Program Files\MetaTrader - Alpari UK
2014-05-05 20:07 - 2014-05-06 08:10 - 03113272 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer.dll.new
2014-05-03 14:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-02 18:40 - 2013-02-13 18:32 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-02 18:40 - 2013-02-13 18:32 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-02 18:39 - 2014-05-02 18:38 - 28862184 _____ (Mozilla) C:\Users\Bork\Downloads\Firefox Setup 29.0 (1).exe
2014-05-02 17:13 - 2014-05-01 11:10 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-04-29 21:15 - 2013-03-04 22:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 21:15 - 2013-03-04 22:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 14:48 - 2014-05-13 08:42 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:34 - 2014-05-13 08:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-28 19:30 - 2013-08-28 10:58 - 00000000 ____D () C:\Windows\Minidump
2014-04-24 17:37 - 2013-02-13 09:51 - 00000000 ___RD () C:\Program Files\Skype
2014-04-21 09:21 - 2013-02-13 11:13 - 00000000 ____D () C:\Users\Bork\AppData\Local\Adobe
2014-04-16 19:09 - 2014-04-16 19:09 - 00001963 _____ () C:\Users\Public\Desktop\Trade.com MetaTrader 4.lnk
2014-04-16 19:09 - 2014-04-16 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trade.com MetaTrader 4
2014-04-16 19:09 - 2014-04-16 19:09 - 00000000 ____D () C:\Program Files\Trade.com MetaTrader 4
2014-04-14 20:13 - 2014-05-12 20:11 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-05-12 20:12 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-14 20:05 - 2014-05-12 20:11 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-14 20:04 - 2014-05-12 20:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-13 10:04 - 2013-02-13 12:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-13 10:00 - 2013-08-02 16:51 - 00000000 ____D () C:\Windows\system32\MRT
Files to move or delete:
====================
C:\Users\Bork\teletradecy4setup.exe
Some content of TEMP:
====================
C:\Users\Bork\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Bork\AppData\Local\Temp\{A5150BA3-E211-4FF2-86DA-471CE44895A4}-GoogleUpdateSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Bork\Desktop" je 3 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert EPM Support
"C:\PROGRA~1\ALLIN1~1\bar\2.bin\8hmedint.exe" T8EPMSUP.DLL,S [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray
"C:\Program Files\Bluetooth Suite\AthBtTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack
"C:\Program Files\Bluetooth Suite\BtvStack.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Bork\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Bork\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GfxServiceInstall
C:\Windows\system32\GfxCUIServiceInstall.vbs
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msapxwdSrv
C:\Windows\inf\msapxwd.vbe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msoewbtySrv
C:\Windows\inf\msoewbty.vbe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
C:\Program Files\OO Software\Defrag\oodtray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\Windows\system32\igfxpers.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk
C:\Windows\INSTAL~1\{59C75~1\app_icon.ico
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Bork^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE /tsr [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Za vyhodnocení předem děkuji Jibo. Hezký den!
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01
Ran by Bork (administrator) on BORK-NETBOOK on 13-05-2014 18:33:12
Running from C:\Users\Bork\Desktop
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(forum.viry.cz) C:\Users\Bork\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [6475264 2013-02-13] (Broadcom Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-13] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3257640 2013-11-21] (O&O Software GmbH)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKLM - {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.70.100.1 77.48.233.12 208.67.222.222
FireFox:
========
FF ProfilePath: C:\Users\Bork\AppData\Roaming\Mozilla\Firefox\Profiles\m2p99x90.default
FF user.js: detected! => C:\Users\Bork\AppData\Roaming\Mozilla\Firefox\Profiles\m2p99x90.default\user.js
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: http://www.seznam.cz
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Bork\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Bork\AppData\Roaming\Mozilla\Firefox\Profiles\m2p99x90.default\searchplugins\seznam.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-13]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-13] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-13] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1381672 2013-11-21] (O&O Software GmbH)
R2 ssinstall; C:\Windows\System32\ssins.exe [2324216 2013-12-16] (PS Media s.r.o.)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5186048 2013-02-13] (Broadcom Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-13] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-05-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-13] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270240 2014-05-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-05-13] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-13] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2013-02-13] (Broadcom Corporation)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [25248 2011-09-16] (Atheros)
S3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [525352 2011-08-30] (Broadcom Corporation.)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [268176 2012-07-27] (ELAN Microelectronics Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [188520 2011-05-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32872 2011-05-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\System32\DRIVERS\RTL2832U_IRHID.sys [42728 2011-06-13] (Realtek)
R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52920 2014-05-08] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-13 18:33 - 2014-05-13 18:33 - 00012268 _____ () C:\Users\Bork\Desktop\FRST.txt
2014-05-13 18:29 - 2014-05-13 18:29 - 00112640 _____ (forum.viry.cz) C:\Users\Bork\Desktop\FRSTLauncher.exe
2014-05-13 17:27 - 2014-05-13 18:33 - 00000000 ____D () C:\FRST
2014-05-13 17:22 - 2014-05-13 17:21 - 01056256 _____ (Farbar) C:\Users\Bork\Desktop\FRST.exe
2014-05-13 17:21 - 2014-05-13 17:21 - 01056256 _____ (Farbar) C:\Users\Bork\Downloads\FRST.exe
2014-05-13 17:19 - 2014-05-13 17:19 - 00112107 _____ (forum.viry.cz) C:\Users\Bork\Downloads\VerzeOS.exe
2014-05-13 16:46 - 2014-05-13 16:46 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Bork\Downloads\spybot-2.3 (2).exe
2014-05-13 16:41 - 2014-05-13 16:54 - 00000000 ____D () C:\Program Files\trend micro
2014-05-13 16:40 - 2014-05-13 16:41 - 00000000 ____D () C:\rsit
2014-05-13 16:39 - 2014-05-13 16:40 - 00781383 _____ () C:\Users\Bork\Downloads\RSIT.exe
2014-05-13 16:38 - 2014-05-13 16:38 - 00111504 _____ () C:\Users\Bork\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 11:03 - 2014-05-13 18:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 11:01 - 2014-05-13 11:01 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-13 11:01 - 2014-05-13 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-13 11:01 - 2014-05-13 11:01 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-13 11:01 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 11:01 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-13 09:04 - 2014-05-13 09:04 - 00001091 _____ () C:\Users\Public\Desktop\Opera 21.lnk
2014-05-13 09:04 - 2014-05-13 09:04 - 00001091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 21.lnk
2014-05-13 08:48 - 2014-05-13 08:48 - 00002053 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-13 08:45 - 2014-05-13 08:45 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-13 08:45 - 2014-05-13 08:45 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-13 08:44 - 2014-05-13 08:45 - 00270240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-05-13 08:42 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 08:42 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-12 20:12 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-12 20:11 - 2014-05-12 20:11 - 00004088 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-12 20:11 - 2014-05-12 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-12 20:11 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-12 20:11 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-12 20:11 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-12 19:54 - 2014-05-12 19:54 - 00000000 ____D () C:\Users\Jitka\AppData\Roaming\Macromedia
2014-05-12 19:54 - 2014-05-12 19:54 - 00000000 ____D () C:\Users\Jitka\AppData\Local\Macromedia
2014-05-12 19:46 - 2014-05-13 13:21 - 00131748 _____ () C:\Windows\PFRO.log
2014-05-12 19:46 - 2014-05-13 13:21 - 00000224 _____ () C:\Windows\setupact.log
2014-05-12 19:46 - 2014-05-12 19:46 - 00419472 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-12 19:46 - 2014-05-12 19:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-12 00:32 - 2014-05-12 00:32 - 00283096 _____ (Mozilla) C:\Users\Bork\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-09 23:01 - 2014-05-10 10:10 - 00000044 _____ () C:\Users\Bork\Desktop\Nový textový dokument.txt
2014-05-08 23:56 - 2014-05-08 23:56 - 00001691 _____ () C:\Users\Bork\Documents\Setup.cfg.txt
2014-05-08 23:25 - 2014-05-08 23:25 - 00067374 _____ () C:\Users\Bork\Downloads\help.csy.zip
2014-05-08 22:05 - 2014-05-08 22:05 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG.sys
2014-05-08 20:24 - 2014-05-08 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMR Player
2014-05-08 20:24 - 2014-05-08 20:24 - 00000000 ____D () C:\Program Files\AMR Player
2014-05-08 20:22 - 2014-05-08 20:23 - 02529450 _____ (http://www.amrplayer.com ) C:\Users\Bork\Downloads\amrplayer_setup.exe
2014-05-06 08:10 - 2014-05-05 20:07 - 03113272 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer.dll.new
2014-05-02 18:38 - 2014-05-02 18:39 - 28862184 _____ (Mozilla) C:\Users\Bork\Downloads\Firefox Setup 29.0 (1).exe
2014-05-01 11:10 - 2014-05-02 17:13 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-04-24 17:17 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-24 17:17 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-24 17:16 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-24 17:16 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-24 17:16 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-24 17:16 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-24 17:16 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-24 17:16 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-24 17:16 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-24 17:16 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-24 17:16 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-24 17:16 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-24 17:16 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-24 17:16 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-24 17:16 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-24 17:16 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-24 17:16 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-24 17:16 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-24 17:15 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-24 17:15 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-24 17:15 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-24 17:15 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-24 17:15 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-24 17:15 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 19:09 - 2014-04-16 19:09 - 00001963 _____ () C:\Users\Public\Desktop\Trade.com MetaTrader 4.lnk
2014-04-16 19:09 - 2014-04-16 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trade.com MetaTrader 4
2014-04-16 19:09 - 2014-04-16 19:09 - 00000000 ____D () C:\Program Files\Trade.com MetaTrader 4
==================== One Month Modified Files and Folders =======
2014-05-13 18:33 - 2014-05-13 18:33 - 00012268 _____ () C:\Users\Bork\Desktop\FRST.txt
2014-05-13 18:33 - 2014-05-13 17:27 - 00000000 ____D () C:\FRST
2014-05-13 18:29 - 2014-05-13 18:29 - 00112640 _____ (forum.viry.cz) C:\Users\Bork\Desktop\FRSTLauncher.exe
2014-05-13 18:26 - 2013-02-12 22:38 - 01694462 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 18:25 - 2013-02-13 09:51 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Skype
2014-05-13 18:10 - 2013-03-04 22:13 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 18:06 - 2014-05-13 11:03 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 17:53 - 2013-02-13 00:46 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 17:21 - 2014-05-13 17:22 - 01056256 _____ (Farbar) C:\Users\Bork\Desktop\FRST.exe
2014-05-13 17:21 - 2014-05-13 17:21 - 01056256 _____ (Farbar) C:\Users\Bork\Downloads\FRST.exe
2014-05-13 17:19 - 2014-05-13 17:19 - 00112107 _____ (forum.viry.cz) C:\Users\Bork\Downloads\VerzeOS.exe
2014-05-13 16:54 - 2014-05-13 16:41 - 00000000 ____D () C:\Program Files\trend micro
2014-05-13 16:46 - 2014-05-13 16:46 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Bork\Downloads\spybot-2.3 (2).exe
2014-05-13 16:44 - 2009-07-14 06:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 16:44 - 2009-07-14 06:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 16:41 - 2014-05-13 16:40 - 00000000 ____D () C:\rsit
2014-05-13 16:40 - 2014-05-13 16:39 - 00781383 _____ () C:\Users\Bork\Downloads\RSIT.exe
2014-05-13 16:38 - 2014-05-13 16:38 - 00111504 _____ () C:\Users\Bork\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 13:24 - 2013-02-20 17:02 - 00000000 ____D () C:\Program Files\MetaTrader-Admiral Markets
2014-05-13 13:21 - 2014-05-12 19:46 - 00131748 _____ () C:\Windows\PFRO.log
2014-05-13 13:21 - 2014-05-12 19:46 - 00000224 _____ () C:\Windows\setupact.log
2014-05-13 13:21 - 2013-12-16 18:27 - 00000000 _____ () C:\Windows\system32\sinstall.log
2014-05-13 13:21 - 2013-02-13 00:46 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 13:21 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-13 13:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Speech
2014-05-13 11:33 - 2009-07-14 04:04 - 00000580 _____ () C:\Windows\win.ini
2014-05-13 11:01 - 2014-05-13 11:01 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-13 11:01 - 2014-05-13 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-13 11:01 - 2014-05-13 11:01 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-13 11:01 - 2013-03-13 12:20 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Malwarebytes
2014-05-13 11:01 - 2013-03-13 12:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 10:23 - 2013-10-19 15:14 - 00000000 ____D () C:\Program Files (x86)
2014-05-13 09:43 - 2013-03-13 23:05 - 00002117 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-13 09:08 - 2013-12-20 16:39 - 00000000 ____D () C:\Users\Bork\AppData\Local\Opera Software
2014-05-13 09:04 - 2014-05-13 09:04 - 00001091 _____ () C:\Users\Public\Desktop\Opera 21.lnk
2014-05-13 09:04 - 2014-05-13 09:04 - 00001091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 21.lnk
2014-05-13 09:04 - 2013-12-20 16:38 - 00000000 ____D () C:\Program Files\Opera
2014-05-13 08:51 - 2013-08-15 23:18 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-05-13 08:48 - 2014-05-13 08:48 - 00002053 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-13 08:48 - 2013-10-24 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-13 08:45 - 2014-05-13 08:45 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-13 08:45 - 2014-05-13 08:45 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-13 08:45 - 2014-05-13 08:44 - 00270240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-05-13 08:45 - 2014-01-04 20:53 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-13 08:45 - 2013-03-08 23:24 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-13 08:45 - 2013-03-08 23:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-13 08:45 - 2013-02-13 01:07 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-13 08:45 - 2013-02-13 01:07 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-13 08:45 - 2013-02-13 01:07 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-13 08:45 - 2013-02-13 01:07 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-13 08:45 - 2013-02-13 01:06 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-13 08:44 - 2013-03-08 23:24 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-05-12 20:12 - 2013-10-07 14:12 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 20:11 - 2014-05-12 20:11 - 00004088 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-12 20:11 - 2014-05-12 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-12 20:11 - 2013-10-07 14:11 - 00000000 ____D () C:\Program Files\Java
2014-05-12 19:54 - 2014-05-12 19:54 - 00000000 ____D () C:\Users\Jitka\AppData\Roaming\Macromedia
2014-05-12 19:54 - 2014-05-12 19:54 - 00000000 ____D () C:\Users\Jitka\AppData\Local\Macromedia
2014-05-12 19:52 - 2013-02-15 20:59 - 00000000 ____D () C:\Users\Jitka\AppData\Local\Mozilla
2014-05-12 19:51 - 2013-02-13 22:59 - 00000000 ____D () C:\Users\Jitka\AppData\Roaming\Seznam.cz
2014-05-12 19:46 - 2014-05-12 19:46 - 00419472 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-12 19:46 - 2014-05-12 19:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-12 19:38 - 2013-02-13 13:36 - 00000000 ____D () C:\Users\Bork\AppData\Local\CrashDumps
2014-05-12 00:38 - 2014-02-15 11:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 00:32 - 2014-05-12 00:32 - 00283096 _____ (Mozilla) C:\Users\Bork\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-12 00:17 - 2013-02-13 11:13 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Seznam.cz
2014-05-12 00:11 - 2013-02-12 22:48 - 00000000 ____D () C:\Users\Bork
2014-05-12 00:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-05-12 00:10 - 2013-10-20 07:55 - 00000000 ____D () C:\Windows\pss
2014-05-12 00:10 - 2013-02-13 22:59 - 00000000 ____D () C:\Users\Jitka
2014-05-12 00:09 - 2013-12-20 16:39 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Opera Software
2014-05-12 00:09 - 2013-10-31 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xOption
2014-05-12 00:09 - 2013-10-31 23:48 - 00000000 ____D () C:\Program Files\xOption
2014-05-12 00:09 - 2013-10-19 15:13 - 00000000 ____D () C:\Users\Bork\AppData\Local\MoboGenie
2014-05-12 00:09 - 2013-07-29 14:07 - 00000000 ____D () C:\Users\Bork\AppData\Local\Newsoft
2014-05-12 00:09 - 2013-07-29 13:56 - 00000000 ____D () C:\Program Files\Blaze Video Magic
2014-05-12 00:09 - 2013-02-13 18:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-12 00:09 - 2013-02-13 11:14 - 00000000 ____D () C:\Program Files\Seznam.cz
2014-05-12 00:09 - 2013-02-13 10:53 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\GHISLER
2014-05-12 00:09 - 2013-02-13 01:16 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-12 00:09 - 2009-07-14 11:20 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-12 00:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-05-10 10:10 - 2014-05-09 23:01 - 00000044 _____ () C:\Users\Bork\Desktop\Nový textový dokument.txt
2014-05-08 23:56 - 2014-05-08 23:56 - 00001691 _____ () C:\Users\Bork\Documents\Setup.cfg.txt
2014-05-08 23:35 - 2013-03-07 15:39 - 00000000 ____D () C:\Users\Bork\AppData\Local\GHISLER
2014-05-08 23:34 - 2013-07-21 09:42 - 00000000 ____D () C:\Program Files\Orbitron
2014-05-08 23:25 - 2014-05-08 23:25 - 00067374 _____ () C:\Users\Bork\Downloads\help.csy.zip
2014-05-08 22:05 - 2014-05-08 22:05 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG.sys
2014-05-08 20:29 - 2013-12-03 11:24 - 00000000 ___RD () C:\Users\Bork\Dropbox
2014-05-08 20:29 - 2013-12-03 11:17 - 00000000 ____D () C:\Users\Bork\AppData\Roaming\Dropbox
2014-05-08 20:24 - 2014-05-08 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMR Player
2014-05-08 20:24 - 2014-05-08 20:24 - 00000000 ____D () C:\Program Files\AMR Player
2014-05-08 20:23 - 2014-05-08 20:22 - 02529450 _____ (http://www.amrplayer.com ) C:\Users\Bork\Downloads\amrplayer_setup.exe
2014-05-07 07:46 - 2013-02-13 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-06 08:11 - 2014-03-17 22:05 - 00000000 ____D () C:\Program Files\MetaTrader - Alpari UK
2014-05-05 20:07 - 2014-05-06 08:10 - 03113272 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer.dll.new
2014-05-03 14:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-02 18:40 - 2013-02-13 18:32 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-02 18:40 - 2013-02-13 18:32 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-02 18:39 - 2014-05-02 18:38 - 28862184 _____ (Mozilla) C:\Users\Bork\Downloads\Firefox Setup 29.0 (1).exe
2014-05-02 17:13 - 2014-05-01 11:10 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-04-29 21:15 - 2013-03-04 22:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 21:15 - 2013-03-04 22:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 14:48 - 2014-05-13 08:42 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:34 - 2014-05-13 08:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-28 19:30 - 2013-08-28 10:58 - 00000000 ____D () C:\Windows\Minidump
2014-04-24 17:37 - 2013-02-13 09:51 - 00000000 ___RD () C:\Program Files\Skype
2014-04-21 09:21 - 2013-02-13 11:13 - 00000000 ____D () C:\Users\Bork\AppData\Local\Adobe
2014-04-16 19:09 - 2014-04-16 19:09 - 00001963 _____ () C:\Users\Public\Desktop\Trade.com MetaTrader 4.lnk
2014-04-16 19:09 - 2014-04-16 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trade.com MetaTrader 4
2014-04-16 19:09 - 2014-04-16 19:09 - 00000000 ____D () C:\Program Files\Trade.com MetaTrader 4
2014-04-14 20:13 - 2014-05-12 20:11 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-05-12 20:12 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-14 20:05 - 2014-05-12 20:11 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-14 20:04 - 2014-05-12 20:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-13 10:04 - 2013-02-13 12:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-13 10:00 - 2013-08-02 16:51 - 00000000 ____D () C:\Windows\system32\MRT
Files to move or delete:
====================
C:\Users\Bork\teletradecy4setup.exe
Some content of TEMP:
====================
C:\Users\Bork\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Bork\AppData\Local\Temp\{A5150BA3-E211-4FF2-86DA-471CE44895A4}-GoogleUpdateSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Bork\Desktop" je 3 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert EPM Support
"C:\PROGRA~1\ALLIN1~1\bar\2.bin\8hmedint.exe" T8EPMSUP.DLL,S [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray
"C:\Program Files\Bluetooth Suite\AthBtTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack
"C:\Program Files\Bluetooth Suite\BtvStack.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Bork\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Bork\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GfxServiceInstall
C:\Windows\system32\GfxCUIServiceInstall.vbs
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msapxwdSrv
C:\Windows\inf\msapxwd.vbe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msoewbtySrv
C:\Windows\inf\msoewbty.vbe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
C:\Program Files\OO Software\Defrag\oodtray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\Windows\system32\igfxpers.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk
C:\Windows\INSTAL~1\{59C75~1\app_icon.ico
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Bork^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE /tsr [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Za vyhodnocení předem děkuji Jibo. Hezký den!
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL 
Jak je to s legalitou systemu? Ultimate neni zrovna bezna domci verze 
. Tak nyní budu činit kroky k legalizaci, zřejmě dám provést legální instalaci do místní firmy s výp. technikou. 
Je tam pouzity crack, ktery umoznuje i stahovani aktualizaci. Ono to funguje, ale u nas se takto "upravene" systemy neresi.
