Pro Vyosek. Děkuji za radu a pomoc
Napsal: 25 črc 2014 15:14
Dobrý den, posílam log z FRST, jako minule jelikož to druhé hlásilo opět chybu. Mám takový proglém s vyskakujísími okny při zapnutí a používání Firefoxu. Jsou to okna se stránkymi na různé počítačové online hry. Jem možné se toho nějak zbavit. Zřejmě nějaký následek mého hraní podobných her
no spíš určitě začalo to nějak potom. DĚKUJI
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-07-2014 01
Ran by sangoko (administrator) on TAKOS on 25-07-2014 16:03:31
Running from C:\Users\sangoko\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
( ) C:\Windows\System32\lxducoms.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bandwidth Meter.lnk
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe – zástupce.lnk
ShortcutTarget: thunderbird.exe – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.creativetoolbars.com/?src ... martbar&g=
SearchScopes: HKCU - {08DBECDA-5F3B-4B9F-9BCD-E74385D226EF} URL = http://search.creativetoolbars.com/resu ... earchTerms}
BHO: GoPhoto.it V9.0 -> {11111111-1111-1111-1111-110311401168} -> C:\Program Files\GoPhoto.it V9.0\GoPhoto.it V9.0-bho.dll (installdaddy)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default
FF DefaultSearchEngine: Heuréka
FF SelectedSearchEngine: Heuréka
FF Homepage: https://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lingea.com/x-lingea-translate - C:\Program Files\Common Files\Lingea Shared\LG_Mozilla.dll (Lingea s.r.o.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\sangoko\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF user.js: detected! => C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\heurkacz.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\skipity-search.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\smartbar.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: GoPhoto.it V9.0 - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\2ea36bf1-0877-4aaa-882c-ff78f7d9d95c@dfb1672d-116a-4eb4-8be0-44786bd1d3dd.com [2014-07-14]
FF Extension: Download Youtube Videos + - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\video.downloader.plugin@ffpimp.com [2012-03-22]
FF Extension: BlackFox V2-Blue - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\zigboom.designs@gmail.com [2014-07-01]
FF Extension: FT DeepDark - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-06-19]
FF Extension: DownloadHelper - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: FoxLingo - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}(49) [2012-09-02]
FF Extension: Google Translator for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\translator@zoli.bod.xpi [2012-10-23]
FF Extension: Walnut for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2011-07-13]
FF Extension: DownThemAll! - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-23]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
Chrome:
=======
CHR DefaultSearchKeyword: bechiro s.l.
CHR DefaultSearchProvider: Search the web (CT)
CHR DefaultSearchURL: http://search.creativetoolbars.com/resu ... earchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-09]
CHR Extension: (Disk Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-09]
CHR Extension: (YouTube) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-09]
CHR Extension: (Vyhledávání Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-09]
CHR Extension: (Plus-HD-V1.1) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkbhbgeekdjepnnknnbmpnkidcifbfof [2014-07-09]
CHR Extension: (Peněženka Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-09]
CHR Extension: (Gmail) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-29]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-29] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com)
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-06] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-06] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxduserv.exe [98984 2008-05-24] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [594600 2008-05-24] ( )
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 TNaviSrv; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824 2007-06-28] (TOSHIBA Corporation) [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-04-29] ()
R0 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-29] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-05-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-16] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-04-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-04-29] ()
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [44224 2006-09-06] (BVRP Software) [File not signed]
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [41912 2010-07-22] (FSPro Labs)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [34064 2008-06-01] (CACE Technologies)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-05-01] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-05-01] (Logitech Inc.)
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-16] (Duplex Secure Ltd.)
S3 tosporte; C:\Windows\System32\DRIVERS\tosporte.sys [41600 2006-10-10] (TOSHIBA Corporation) [File not signed]
S3 tosrfbd; C:\Windows\System32\DRIVERS\tosrfbd.sys [113920 2007-02-22] (TOSHIBA CORPORATION) [File not signed]
S3 tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [36480 2006-11-20] (TOSHIBA Corporation) [File not signed]
S1 Tosrfcom; C:\Windows\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed]
S3 Tosrfhid; C:\Windows\System32\DRIVERS\Tosrfhid.sys [73728 2007-03-01] (TOSHIBA Corporation.) [File not signed]
S3 tosrfnds; C:\Windows\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [53376 2007-01-22] (TOSHIBA Corporation) [File not signed]
S3 Tosrfusb; C:\Windows\System32\DRIVERS\tosrfusb.sys [41344 2007-02-28] (TOSHIBA CORPORATION) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [21344 2005-05-26] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [38144 2005-05-26] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [39036 2005-06-24] (LG Electronics Inc.)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
R2 v2imount; C:\Windows\System32\DRIVERS\v2imount.sys [38112 2008-01-19] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files\BatteryCare\WinRing0.sys [14416 2008-07-26] (OpenLibSys.org)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S2 cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x32.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
S3 TpChoice; system32\DRIVERS\TpChoice.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-25 16:03 - 2014-07-25 16:04 - 00023112 _____ () C:\Users\sangoko\Desktop\FRST.txt
2014-07-25 16:02 - 2014-07-25 16:03 - 00000000 ____D () C:\FRST
2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
2014-07-25 15:59 - 2014-07-25 15:59 - 01084416 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2014-07-25 15:55 - 2014-07-25 15:57 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
2014-07-25 11:18 - 2014-07-25 11:18 - 00071416 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-25 11:16 - 2014-07-25 11:17 - 03640432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-22 23:54 - 2014-07-22 23:54 - 00000821 _____ () C:\Users\Public\Desktop\Quadrax V.lnk
2014-07-16 16:47 - 2014-07-04 15:33 - 00113019 _____ () C:\Users\Public\Documents\velké kurzy 2014.odt
2014-07-16 11:58 - 2014-07-16 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2014-07-16 11:55 - 2014-07-16 13:44 - 00000000 ____D () C:\Program Files\ABBYY FineReader 12
2014-07-15 22:17 - 2014-07-15 22:17 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Brother
2014-07-15 22:05 - 2014-07-15 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Browny02
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Brother
2014-07-15 21:59 - 2010-08-02 20:57 - 00217088 ____N (brother) C:\Windows\system32\NSSearch.dll
2014-07-15 21:59 - 2010-05-10 10:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\system32\BRRBTOOL.EXE
2014-07-15 21:59 - 2010-04-02 07:33 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\system32\BRLM03A.DLL
2014-07-15 21:59 - 2010-03-15 19:56 - 00002560 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll
2014-07-15 21:59 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll
2014-07-15 21:59 - 2010-02-05 11:42 - 00180224 ____N (Brother Industries, Ltd.) C:\Windows\system32\BroSNMP.dll
2014-07-15 21:59 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll
2014-07-15 21:59 - 2005-01-17 09:10 - 00045056 _____ () C:\Windows\system32\BRTCPCON.DLL
2014-07-15 21:59 - 2004-08-09 09:00 - 00000114 _____ () C:\Windows\system32\BRLMW03A.INI
2014-07-15 21:59 - 2004-08-09 08:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRLMW03A.DLL
2014-07-15 21:59 - 1999-10-26 18:00 - 00000050 _____ () C:\Windows\system32\BRADM10A.DAT
2014-07-15 21:58 - 2014-07-15 22:04 - 00000000 ____D () C:\ProgramData\Brother
2014-07-15 18:30 - 2014-07-15 18:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\ABBYY
2014-07-14 23:17 - 2014-07-14 23:17 - 00001000 _____ () C:\Users\sangoko\Documents\MailShield.der
2014-07-13 12:57 - 2014-07-13 12:57 - 00005844 _____ () C:\Users\sangoko\.recently-used.xbel
2014-07-11 11:34 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\gtk-2.0
2014-07-11 11:34 - 2014-07-11 15:41 - 00000000 ____D () C:\Users\sangoko\.thumbnails
2014-07-10 08:30 - 2014-07-10 20:41 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Audacity
2014-07-10 08:30 - 2014-07-10 08:30 - 00000821 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-10 08:30 - 2014-07-10 08:30 - 00000000 ____D () C:\Program Files\Audacity
2014-07-09 15:41 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 15:41 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 15:41 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 15:40 - 2014-05-28 09:08 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 15:40 - 2014-05-28 09:08 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 15:40 - 2014-05-28 09:08 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-09 15:40 - 2014-05-28 09:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-09 15:40 - 2014-05-28 09:04 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 06023168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 11082752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 15:40 - 2014-05-28 09:02 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 15:40 - 2014-05-28 09:00 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-07-09 15:40 - 2014-05-28 07:26 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-09 15:40 - 2014-05-28 05:44 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 15:40 - 2014-05-28 05:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 15:40 - 2014-05-28 05:42 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 15:40 - 2014-05-28 05:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-06 20:22 - 2014-07-06 22:54 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 19:36 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\sangoko\.gimp-2.6
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\Documents\gegl-0.0
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2014-07-06 19:35 - 2014-07-06 19:35 - 00000000 ____D () C:\Program Files\GIMP-2.0
2014-07-06 19:34 - 2014-07-25 13:34 - 00001466 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job
2014-07-06 19:34 - 2014-07-25 13:34 - 00001388 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job
2014-07-06 19:33 - 2014-07-25 13:33 - 00003448 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job
2014-07-06 19:33 - 2014-07-25 13:33 - 00003110 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job
2014-07-06 19:33 - 2014-07-25 13:33 - 00002190 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job
2014-07-06 19:33 - 2014-07-06 19:33 - 00000000 ____D () C:\Program Files\Plus-HD-V1.1
2014-07-06 19:31 - 2014-07-06 22:49 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-07-04 22:15 - 2014-07-25 11:18 - 00001430 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job
2014-07-04 22:15 - 2014-07-25 11:18 - 00001416 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job
2014-07-04 22:14 - 2014-07-25 13:38 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-04 22:14 - 2014-07-25 11:18 - 00002162 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job
2014-07-04 22:14 - 2014-07-25 11:18 - 00001322 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job
2014-07-04 22:14 - 2014-07-25 11:17 - 00003794 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job
2014-07-04 22:14 - 2014-07-25 11:17 - 00001536 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job
2014-07-04 22:14 - 2014-07-25 11:17 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-04 22:14 - 2014-07-04 22:15 - 00000000 ____D () C:\Program Files\GoPhoto.it V9.0
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Users\sangoko\AppData\Local\globalUpdate
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Program Files\globalUpdate
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-25 16:04 - 2014-07-25 16:03 - 00023112 _____ () C:\Users\sangoko\Desktop\FRST.txt
2014-07-25 16:03 - 2014-07-25 16:02 - 00000000 ____D () C:\FRST
2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
2014-07-25 15:59 - 2014-07-25 15:59 - 01084416 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2014-07-25 15:58 - 2014-06-17 11:53 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-25 15:57 - 2014-07-25 15:55 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
2014-07-25 15:53 - 2014-06-22 06:48 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job
2014-07-25 15:17 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-25 15:17 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-25 14:09 - 2014-05-30 16:57 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job
2014-07-25 13:38 - 2014-07-04 22:14 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-25 13:34 - 2014-07-06 19:34 - 00001466 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job
2014-07-25 13:34 - 2014-07-06 19:34 - 00001388 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job
2014-07-25 13:33 - 2014-07-06 19:33 - 00003448 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job
2014-07-25 13:33 - 2014-07-06 19:33 - 00003110 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job
2014-07-25 13:33 - 2014-07-06 19:33 - 00002190 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job
2014-07-25 12:50 - 2012-06-17 00:46 - 01455638 _____ () C:\Windows\WindowsUpdate.log
2014-07-25 11:58 - 2014-06-17 11:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-25 11:26 - 2010-06-04 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 11:25 - 2008-02-22 08:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 11:18 - 2014-07-25 11:18 - 00071416 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-25 11:18 - 2014-07-04 22:15 - 00001430 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job
2014-07-25 11:18 - 2014-07-04 22:15 - 00001416 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job
2014-07-25 11:18 - 2014-07-04 22:14 - 00002162 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job
2014-07-25 11:18 - 2014-07-04 22:14 - 00001322 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job
2014-07-25 11:18 - 2009-12-07 16:32 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-25 11:17 - 2014-07-25 11:16 - 03640432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-25 11:17 - 2014-07-04 22:14 - 00003794 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job
2014-07-25 11:17 - 2014-07-04 22:14 - 00001536 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job
2014-07-25 11:17 - 2014-07-04 22:14 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-25 11:17 - 2011-01-12 23:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-25 11:17 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-25 01:06 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-07-25 01:05 - 2011-01-17 21:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-25 01:05 - 2006-11-02 15:01 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-25 01:03 - 2012-07-27 13:01 - 00000000 ____D () C:\Users\sangoko\AppData\Local\CrashDumps
2014-07-23 20:53 - 2013-11-17 15:27 - 00000000 ____D () C:\temp
2014-07-22 23:54 - 2014-07-22 23:54 - 00000821 _____ () C:\Users\Public\Desktop\Quadrax V.lnk
2014-07-22 23:54 - 2013-07-19 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadrax V
2014-07-22 23:54 - 2013-07-19 23:10 - 00000000 ____D () C:\Program Files\Quadrax V
2014-07-22 12:32 - 2013-10-03 16:43 - 00031161 _____ () C:\Users\sangoko\Desktop\Mag. Ventil obchod.ods
2014-07-20 00:18 - 2013-05-24 14:11 - 00000000 ___RD () C:\Users\sangoko\Desktop\SRO
2014-07-20 00:16 - 2014-01-22 20:59 - 00000000 ____D () C:\Users\sangoko\Desktop\Stahování
2014-07-19 23:45 - 2012-08-07 16:37 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Posta
2014-07-17 17:46 - 2014-06-10 12:49 - 00000000 ____D () C:\Users\sangoko\Desktop\kalendáře
2014-07-16 23:08 - 2012-09-30 17:44 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\vlc
2014-07-16 22:18 - 2014-07-11 11:34 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\gtk-2.0
2014-07-16 22:18 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\.gimp-2.6
2014-07-16 22:15 - 2008-01-17 15:39 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Adobe
2014-07-16 13:44 - 2014-07-16 11:55 - 00000000 ____D () C:\Program Files\ABBYY FineReader 12
2014-07-16 11:58 - 2014-07-16 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2014-07-16 11:55 - 2009-08-30 23:01 - 00000000 ____D () C:\Users\sangoko\AppData\Local\ABBYY
2014-07-16 11:54 - 2010-01-10 22:26 - 00000000 ____D () C:\ProgramData\ABBYY
2014-07-15 22:17 - 2014-07-15 22:17 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Brother
2014-07-15 22:05 - 2014-07-15 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-15 22:04 - 2014-07-15 21:58 - 00000000 ____D () C:\ProgramData\Brother
2014-07-15 22:00 - 2008-01-17 15:01 - 00000000 ____D () C:\Users\sangoko
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Browny02
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Brother
2014-07-15 21:59 - 2007-04-27 09:39 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-15 18:30 - 2014-07-15 18:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\ABBYY
2014-07-14 23:17 - 2014-07-14 23:17 - 00001000 _____ () C:\Users\sangoko\Documents\MailShield.der
2014-07-13 12:57 - 2014-07-13 12:57 - 00005844 _____ () C:\Users\sangoko\.recently-used.xbel
2014-07-11 15:53 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\IcoFX2X
2014-07-11 15:41 - 2014-07-11 11:34 - 00000000 ____D () C:\Users\sangoko\.thumbnails
2014-07-11 10:55 - 2008-02-22 09:33 - 00000000 ___RD () C:\Users\sangoko\Obrásky
2014-07-11 06:53 - 2014-06-22 06:48 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job
2014-07-10 20:41 - 2014-07-10 08:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Audacity
2014-07-10 13:07 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 09:46 - 2006-11-02 12:33 - 01558484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-10 08:30 - 2014-07-10 08:30 - 00000821 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-10 08:30 - 2014-07-10 08:30 - 00000000 ____D () C:\Program Files\Audacity
2014-07-10 08:23 - 2013-07-11 18:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 08:08 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-09 15:38 - 2008-02-16 21:02 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Google
2014-07-09 15:37 - 2008-02-16 21:02 - 00000000 ____D () C:\Program Files\Google
2014-07-09 13:00 - 2014-02-25 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-07 00:02 - 2011-03-24 02:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-07-06 23:05 - 2011-03-24 02:13 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-07-06 22:54 - 2014-07-06 20:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 22:49 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-07-06 20:22 - 2012-06-20 22:49 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-06 20:22 - 2012-06-20 22:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\Documents\gegl-0.0
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2014-07-06 19:35 - 2014-07-06 19:35 - 00000000 ____D () C:\Program Files\GIMP-2.0
2014-07-06 19:33 - 2014-07-06 19:33 - 00000000 ____D () C:\Program Files\Plus-HD-V1.1
2014-07-04 22:15 - 2014-07-04 22:14 - 00000000 ____D () C:\Program Files\GoPhoto.it V9.0
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Users\sangoko\AppData\Local\globalUpdate
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-04 15:33 - 2014-07-16 16:47 - 00113019 _____ () C:\Users\Public\Documents\velké kurzy 2014.odt
2014-07-01 13:02 - 2014-05-07 11:52 - 00034519 _____ () C:\Users\Public\Documents\2 čtvrdletí.ods
2014-06-27 19:26 - 2014-06-06 14:05 - 00000000 ____D () C:\Users\sangoko\Desktop\účetní faktury
Files to move or delete:
====================
C:\ProgramData\ezsid.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job => C:\Program Files\Plus-HD-V1.1\Plus-HD-V1.1-codedownloader.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-11.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-3.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-4.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job => C:\Program Files\GoPhoto.it V9.0\GoPhoto.it V9.0-codedownloader.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job => C:\Windows\system32\msfeedssync.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\sangoko\Desktop" je 380 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fences
"C:\Program Files\Stardock\Fences\Fences.exe" /startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nexus Radio
C:\Program Files\Nexus Radio\Nexus Radio.exe -0 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management
%windir%\WindowsMobile\wmdc.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk
C:\PROGRA~1\Secunia\PSI\psi_tray.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SymmTime.lnk
C:\PROGRA~1\SYMMET~1\SymmTime\GeTTime.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-07-2014 01
Ran by sangoko (administrator) on TAKOS on 25-07-2014 16:03:31
Running from C:\Users\sangoko\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
( ) C:\Windows\System32\lxducoms.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bandwidth Meter.lnk
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe – zástupce.lnk
ShortcutTarget: thunderbird.exe – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.creativetoolbars.com/?src ... martbar&g=
SearchScopes: HKCU - {08DBECDA-5F3B-4B9F-9BCD-E74385D226EF} URL = http://search.creativetoolbars.com/resu ... earchTerms}
BHO: GoPhoto.it V9.0 -> {11111111-1111-1111-1111-110311401168} -> C:\Program Files\GoPhoto.it V9.0\GoPhoto.it V9.0-bho.dll (installdaddy)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default
FF DefaultSearchEngine: Heuréka
FF SelectedSearchEngine: Heuréka
FF Homepage: https://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lingea.com/x-lingea-translate - C:\Program Files\Common Files\Lingea Shared\LG_Mozilla.dll (Lingea s.r.o.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\sangoko\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF user.js: detected! => C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\heurkacz.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\skipity-search.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\smartbar.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: GoPhoto.it V9.0 - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\2ea36bf1-0877-4aaa-882c-ff78f7d9d95c@dfb1672d-116a-4eb4-8be0-44786bd1d3dd.com [2014-07-14]
FF Extension: Download Youtube Videos + - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\video.downloader.plugin@ffpimp.com [2012-03-22]
FF Extension: BlackFox V2-Blue - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\zigboom.designs@gmail.com [2014-07-01]
FF Extension: FT DeepDark - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-06-19]
FF Extension: DownloadHelper - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: FoxLingo - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}(49) [2012-09-02]
FF Extension: Google Translator for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\translator@zoli.bod.xpi [2012-10-23]
FF Extension: Walnut for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2011-07-13]
FF Extension: DownThemAll! - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-23]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
Chrome:
=======
CHR DefaultSearchKeyword: bechiro s.l.
CHR DefaultSearchProvider: Search the web (CT)
CHR DefaultSearchURL: http://search.creativetoolbars.com/resu ... earchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-09]
CHR Extension: (Disk Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-09]
CHR Extension: (YouTube) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-09]
CHR Extension: (Vyhledávání Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-09]
CHR Extension: (Plus-HD-V1.1) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkbhbgeekdjepnnknnbmpnkidcifbfof [2014-07-09]
CHR Extension: (Peněženka Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-09]
CHR Extension: (Gmail) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-29]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-29] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com)
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-06] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-06] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxduserv.exe [98984 2008-05-24] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [594600 2008-05-24] ( )
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 TNaviSrv; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824 2007-06-28] (TOSHIBA Corporation) [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-04-29] ()
R0 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-29] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-05-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-16] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-04-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-04-29] ()
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [44224 2006-09-06] (BVRP Software) [File not signed]
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [41912 2010-07-22] (FSPro Labs)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [34064 2008-06-01] (CACE Technologies)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-05-01] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-05-01] (Logitech Inc.)
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-16] (Duplex Secure Ltd.)
S3 tosporte; C:\Windows\System32\DRIVERS\tosporte.sys [41600 2006-10-10] (TOSHIBA Corporation) [File not signed]
S3 tosrfbd; C:\Windows\System32\DRIVERS\tosrfbd.sys [113920 2007-02-22] (TOSHIBA CORPORATION) [File not signed]
S3 tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [36480 2006-11-20] (TOSHIBA Corporation) [File not signed]
S1 Tosrfcom; C:\Windows\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed]
S3 Tosrfhid; C:\Windows\System32\DRIVERS\Tosrfhid.sys [73728 2007-03-01] (TOSHIBA Corporation.) [File not signed]
S3 tosrfnds; C:\Windows\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [53376 2007-01-22] (TOSHIBA Corporation) [File not signed]
S3 Tosrfusb; C:\Windows\System32\DRIVERS\tosrfusb.sys [41344 2007-02-28] (TOSHIBA CORPORATION) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [21344 2005-05-26] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [38144 2005-05-26] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [39036 2005-06-24] (LG Electronics Inc.)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
R2 v2imount; C:\Windows\System32\DRIVERS\v2imount.sys [38112 2008-01-19] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files\BatteryCare\WinRing0.sys [14416 2008-07-26] (OpenLibSys.org)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S2 cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x32.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
S3 TpChoice; system32\DRIVERS\TpChoice.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-25 16:03 - 2014-07-25 16:04 - 00023112 _____ () C:\Users\sangoko\Desktop\FRST.txt
2014-07-25 16:02 - 2014-07-25 16:03 - 00000000 ____D () C:\FRST
2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
2014-07-25 15:59 - 2014-07-25 15:59 - 01084416 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2014-07-25 15:55 - 2014-07-25 15:57 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
2014-07-25 11:18 - 2014-07-25 11:18 - 00071416 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-25 11:16 - 2014-07-25 11:17 - 03640432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-22 23:54 - 2014-07-22 23:54 - 00000821 _____ () C:\Users\Public\Desktop\Quadrax V.lnk
2014-07-16 16:47 - 2014-07-04 15:33 - 00113019 _____ () C:\Users\Public\Documents\velké kurzy 2014.odt
2014-07-16 11:58 - 2014-07-16 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2014-07-16 11:55 - 2014-07-16 13:44 - 00000000 ____D () C:\Program Files\ABBYY FineReader 12
2014-07-15 22:17 - 2014-07-15 22:17 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Brother
2014-07-15 22:05 - 2014-07-15 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Browny02
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Brother
2014-07-15 21:59 - 2010-08-02 20:57 - 00217088 ____N (brother) C:\Windows\system32\NSSearch.dll
2014-07-15 21:59 - 2010-05-10 10:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\system32\BRRBTOOL.EXE
2014-07-15 21:59 - 2010-04-02 07:33 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\system32\BRLM03A.DLL
2014-07-15 21:59 - 2010-03-15 19:56 - 00002560 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll
2014-07-15 21:59 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll
2014-07-15 21:59 - 2010-02-05 11:42 - 00180224 ____N (Brother Industries, Ltd.) C:\Windows\system32\BroSNMP.dll
2014-07-15 21:59 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll
2014-07-15 21:59 - 2005-01-17 09:10 - 00045056 _____ () C:\Windows\system32\BRTCPCON.DLL
2014-07-15 21:59 - 2004-08-09 09:00 - 00000114 _____ () C:\Windows\system32\BRLMW03A.INI
2014-07-15 21:59 - 2004-08-09 08:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRLMW03A.DLL
2014-07-15 21:59 - 1999-10-26 18:00 - 00000050 _____ () C:\Windows\system32\BRADM10A.DAT
2014-07-15 21:58 - 2014-07-15 22:04 - 00000000 ____D () C:\ProgramData\Brother
2014-07-15 18:30 - 2014-07-15 18:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\ABBYY
2014-07-14 23:17 - 2014-07-14 23:17 - 00001000 _____ () C:\Users\sangoko\Documents\MailShield.der
2014-07-13 12:57 - 2014-07-13 12:57 - 00005844 _____ () C:\Users\sangoko\.recently-used.xbel
2014-07-11 11:34 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\gtk-2.0
2014-07-11 11:34 - 2014-07-11 15:41 - 00000000 ____D () C:\Users\sangoko\.thumbnails
2014-07-10 08:30 - 2014-07-10 20:41 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Audacity
2014-07-10 08:30 - 2014-07-10 08:30 - 00000821 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-10 08:30 - 2014-07-10 08:30 - 00000000 ____D () C:\Program Files\Audacity
2014-07-09 15:41 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 15:41 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 15:41 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 15:40 - 2014-05-28 09:08 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 15:40 - 2014-05-28 09:08 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 15:40 - 2014-05-28 09:08 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-09 15:40 - 2014-05-28 09:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-09 15:40 - 2014-05-28 09:04 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 06023168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 11082752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 15:40 - 2014-05-28 09:02 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 15:40 - 2014-05-28 09:00 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-07-09 15:40 - 2014-05-28 07:26 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-09 15:40 - 2014-05-28 05:44 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 15:40 - 2014-05-28 05:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 15:40 - 2014-05-28 05:42 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 15:40 - 2014-05-28 05:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-06 20:22 - 2014-07-06 22:54 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 19:36 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\sangoko\.gimp-2.6
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\Documents\gegl-0.0
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2014-07-06 19:35 - 2014-07-06 19:35 - 00000000 ____D () C:\Program Files\GIMP-2.0
2014-07-06 19:34 - 2014-07-25 13:34 - 00001466 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job
2014-07-06 19:34 - 2014-07-25 13:34 - 00001388 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job
2014-07-06 19:33 - 2014-07-25 13:33 - 00003448 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job
2014-07-06 19:33 - 2014-07-25 13:33 - 00003110 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job
2014-07-06 19:33 - 2014-07-25 13:33 - 00002190 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job
2014-07-06 19:33 - 2014-07-06 19:33 - 00000000 ____D () C:\Program Files\Plus-HD-V1.1
2014-07-06 19:31 - 2014-07-06 22:49 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-07-04 22:15 - 2014-07-25 11:18 - 00001430 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job
2014-07-04 22:15 - 2014-07-25 11:18 - 00001416 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job
2014-07-04 22:14 - 2014-07-25 13:38 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-04 22:14 - 2014-07-25 11:18 - 00002162 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job
2014-07-04 22:14 - 2014-07-25 11:18 - 00001322 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job
2014-07-04 22:14 - 2014-07-25 11:17 - 00003794 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job
2014-07-04 22:14 - 2014-07-25 11:17 - 00001536 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job
2014-07-04 22:14 - 2014-07-25 11:17 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-04 22:14 - 2014-07-04 22:15 - 00000000 ____D () C:\Program Files\GoPhoto.it V9.0
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Users\sangoko\AppData\Local\globalUpdate
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Program Files\globalUpdate
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-25 16:04 - 2014-07-25 16:03 - 00023112 _____ () C:\Users\sangoko\Desktop\FRST.txt
2014-07-25 16:03 - 2014-07-25 16:02 - 00000000 ____D () C:\FRST
2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
2014-07-25 15:59 - 2014-07-25 15:59 - 01084416 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2014-07-25 15:58 - 2014-06-17 11:53 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-25 15:57 - 2014-07-25 15:55 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
2014-07-25 15:53 - 2014-06-22 06:48 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job
2014-07-25 15:17 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-25 15:17 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-25 14:09 - 2014-05-30 16:57 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job
2014-07-25 13:38 - 2014-07-04 22:14 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-25 13:34 - 2014-07-06 19:34 - 00001466 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job
2014-07-25 13:34 - 2014-07-06 19:34 - 00001388 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job
2014-07-25 13:33 - 2014-07-06 19:33 - 00003448 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job
2014-07-25 13:33 - 2014-07-06 19:33 - 00003110 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job
2014-07-25 13:33 - 2014-07-06 19:33 - 00002190 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job
2014-07-25 12:50 - 2012-06-17 00:46 - 01455638 _____ () C:\Windows\WindowsUpdate.log
2014-07-25 11:58 - 2014-06-17 11:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-25 11:26 - 2010-06-04 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 11:25 - 2008-02-22 08:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 11:18 - 2014-07-25 11:18 - 00071416 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-25 11:18 - 2014-07-04 22:15 - 00001430 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job
2014-07-25 11:18 - 2014-07-04 22:15 - 00001416 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job
2014-07-25 11:18 - 2014-07-04 22:14 - 00002162 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job
2014-07-25 11:18 - 2014-07-04 22:14 - 00001322 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job
2014-07-25 11:18 - 2009-12-07 16:32 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-25 11:17 - 2014-07-25 11:16 - 03640432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-25 11:17 - 2014-07-04 22:14 - 00003794 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job
2014-07-25 11:17 - 2014-07-04 22:14 - 00001536 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job
2014-07-25 11:17 - 2014-07-04 22:14 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-25 11:17 - 2011-01-12 23:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-25 11:17 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-25 01:06 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-07-25 01:05 - 2011-01-17 21:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-25 01:05 - 2006-11-02 15:01 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-25 01:03 - 2012-07-27 13:01 - 00000000 ____D () C:\Users\sangoko\AppData\Local\CrashDumps
2014-07-23 20:53 - 2013-11-17 15:27 - 00000000 ____D () C:\temp
2014-07-22 23:54 - 2014-07-22 23:54 - 00000821 _____ () C:\Users\Public\Desktop\Quadrax V.lnk
2014-07-22 23:54 - 2013-07-19 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadrax V
2014-07-22 23:54 - 2013-07-19 23:10 - 00000000 ____D () C:\Program Files\Quadrax V
2014-07-22 12:32 - 2013-10-03 16:43 - 00031161 _____ () C:\Users\sangoko\Desktop\Mag. Ventil obchod.ods
2014-07-20 00:18 - 2013-05-24 14:11 - 00000000 ___RD () C:\Users\sangoko\Desktop\SRO
2014-07-20 00:16 - 2014-01-22 20:59 - 00000000 ____D () C:\Users\sangoko\Desktop\Stahování
2014-07-19 23:45 - 2012-08-07 16:37 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Posta
2014-07-17 17:46 - 2014-06-10 12:49 - 00000000 ____D () C:\Users\sangoko\Desktop\kalendáře
2014-07-16 23:08 - 2012-09-30 17:44 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\vlc
2014-07-16 22:18 - 2014-07-11 11:34 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\gtk-2.0
2014-07-16 22:18 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\.gimp-2.6
2014-07-16 22:15 - 2008-01-17 15:39 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Adobe
2014-07-16 13:44 - 2014-07-16 11:55 - 00000000 ____D () C:\Program Files\ABBYY FineReader 12
2014-07-16 11:58 - 2014-07-16 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2014-07-16 11:55 - 2009-08-30 23:01 - 00000000 ____D () C:\Users\sangoko\AppData\Local\ABBYY
2014-07-16 11:54 - 2010-01-10 22:26 - 00000000 ____D () C:\ProgramData\ABBYY
2014-07-15 22:17 - 2014-07-15 22:17 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Brother
2014-07-15 22:05 - 2014-07-15 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-15 22:04 - 2014-07-15 21:58 - 00000000 ____D () C:\ProgramData\Brother
2014-07-15 22:00 - 2008-01-17 15:01 - 00000000 ____D () C:\Users\sangoko
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Browny02
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Brother
2014-07-15 21:59 - 2007-04-27 09:39 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-15 18:30 - 2014-07-15 18:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\ABBYY
2014-07-14 23:17 - 2014-07-14 23:17 - 00001000 _____ () C:\Users\sangoko\Documents\MailShield.der
2014-07-13 12:57 - 2014-07-13 12:57 - 00005844 _____ () C:\Users\sangoko\.recently-used.xbel
2014-07-11 15:53 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\IcoFX2X
2014-07-11 15:41 - 2014-07-11 11:34 - 00000000 ____D () C:\Users\sangoko\.thumbnails
2014-07-11 10:55 - 2008-02-22 09:33 - 00000000 ___RD () C:\Users\sangoko\Obrásky
2014-07-11 06:53 - 2014-06-22 06:48 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job
2014-07-10 20:41 - 2014-07-10 08:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Audacity
2014-07-10 13:07 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 09:46 - 2006-11-02 12:33 - 01558484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-10 08:30 - 2014-07-10 08:30 - 00000821 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-10 08:30 - 2014-07-10 08:30 - 00000000 ____D () C:\Program Files\Audacity
2014-07-10 08:23 - 2013-07-11 18:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 08:08 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-09 15:38 - 2008-02-16 21:02 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Google
2014-07-09 15:37 - 2008-02-16 21:02 - 00000000 ____D () C:\Program Files\Google
2014-07-09 13:00 - 2014-02-25 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-07 00:02 - 2011-03-24 02:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-07-06 23:05 - 2011-03-24 02:13 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-07-06 22:54 - 2014-07-06 20:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 22:49 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-07-06 20:22 - 2012-06-20 22:49 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-06 20:22 - 2012-06-20 22:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\Documents\gegl-0.0
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2014-07-06 19:35 - 2014-07-06 19:35 - 00000000 ____D () C:\Program Files\GIMP-2.0
2014-07-06 19:33 - 2014-07-06 19:33 - 00000000 ____D () C:\Program Files\Plus-HD-V1.1
2014-07-04 22:15 - 2014-07-04 22:14 - 00000000 ____D () C:\Program Files\GoPhoto.it V9.0
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Users\sangoko\AppData\Local\globalUpdate
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-04 15:33 - 2014-07-16 16:47 - 00113019 _____ () C:\Users\Public\Documents\velké kurzy 2014.odt
2014-07-01 13:02 - 2014-05-07 11:52 - 00034519 _____ () C:\Users\Public\Documents\2 čtvrdletí.ods
2014-06-27 19:26 - 2014-06-06 14:05 - 00000000 ____D () C:\Users\sangoko\Desktop\účetní faktury
Files to move or delete:
====================
C:\ProgramData\ezsid.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job => C:\Program Files\Plus-HD-V1.1\Plus-HD-V1.1-codedownloader.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-11.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-3.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-4.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job => C:\Program Files\GoPhoto.it V9.0\GoPhoto.it V9.0-codedownloader.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job => C:\Windows\system32\msfeedssync.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\sangoko\Desktop" je 380 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fences
"C:\Program Files\Stardock\Fences\Fences.exe" /startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nexus Radio
C:\Program Files\Nexus Radio\Nexus Radio.exe -0 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management
%windir%\WindowsMobile\wmdc.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk
C:\PROGRA~1\Secunia\PSI\psi_tray.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SymmTime.lnk
C:\PROGRA~1\SYMMET~1\SymmTime\GeTTime.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================