VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivka

https://forum.viry.cz:443/viewtopic.php?t=141417

Stránka 1 z 1

Preventivka

Napsal: 21 lis 2014 12:00
od lastsaves
Prosím o preventivku.
Log z FRST níže.
Děkuji.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-11-2014
Ran by lst (administrator) on DESKTOP on 21-11-2014 11:11:57
Running from C:\Users\lst\Desktop
Loaded Profile: lst (Available profiles: lst & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oacat.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oasrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\Avast\AvastSvc.exe
(AOMEI Tech Co., Ltd.) C:\Apps\AOMEI Backupper\ABService.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oaui.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oahlp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(SoftPerfect Research) C:\Apps\Networx\networx.exe
() C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.exe
(Nenad Hrg SoftwareOK) C:\Apps\Desktop OK\DesktopOK_x64.exe
(Alexandr Irza) C:\Apps\Volume 2 Portable\Volume2.exe
(Flux Software LLC) C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe
(Skype Technologies S.A.) C:\Apps\Skype\Phone\Skype.exe
() C:\Apps\Everything Portable\Everything.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(4t Niagara Software) C:\Apps\4t Tray Minimizer\4t-min.exe
(Carthago Software) C:\Apps\DeskTask\DeskTask.exe
(AVAST Software) C:\Program Files\Avast\avastui.exe
(4t Niagara Software) C:\Apps\4t Tray Minimizer\4t-min64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\acrotray.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Crystal Dew World) C:\Apps\Crystal Disk Info Portable\DiskInfo.exe
(Dropbox, Inc.) C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Epiforge Software) C:\Users\lst\AppData\Local\Grindstone 3\GS3.exe
() C:\Apps\Rainmeter Portable\Rainmeter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Raxco Software, Inc.) C:\Apps\Raxco Perfect Disk\PDAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Raxco Software, Inc.) C:\Apps\Raxco Perfect Disk\PDAgentS1.exe
() C:\Apps\Everything Portable\Everything.exe
(Mozilla Corporation) C:\Apps\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Apps\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(AVAST Software) C:\Program Files\Avast\setup\instup.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\lst\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [@OnlineArmor GUI] => C:\Program Files (x86)\Online Armor\oaui.exe [7558464 2013-10-11] (Emsisoft GmbH)
HKLM\...\Run: [NetWorx] => C:\Apps\Networx\networx.exe [6470864 2014-10-01] (SoftPerfect Research)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Manager] => C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [480768 2009-06-26] (WDC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [DesktopOK] => C:\Apps\Desktop OK\DesktopOK_x64.exe [417280 2014-01-15] (Nenad Hrg SoftwareOK)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [DAEMON Tools Lite] => C:\Apps\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [Volume2] => C:\Apps\Volume 2 Portable\Volume2.exe [4710912 2013-02-10] (Alexandr Irza)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [f.lux] => C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [Skype] => C:\Apps\Skype\Phone\Skype.exe [22059616 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {52557e1b-9339-11e3-906d-0023ae73d3aa} - A:\gods2.0.0.1.exe
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {c3982e40-933f-11e3-8176-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {ca61cac4-8f46-11e3-8682-806e6f6e6963} - "L:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-06] (Microsoft Corporation)
IFEO\taskmgr.exe: [Debugger] "C:\Apps\Process Hacker Portable\ProcessHacker.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4t Tray Minimizer.lnk
ShortcutTarget: 4t Tray Minimizer.lnk -> C:\Apps\4t Tray Minimizer\4t-min.exe (4t Niagara Software)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskTask.lnk
ShortcutTarget: DeskTask.lnk -> C:\Apps\DeskTask\DeskTask.exe (Carthago Software)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Grindstone 3.lnk
ShortcutTarget: Grindstone 3.lnk -> C:\Users\lst\AppData\Local\Grindstone 3\GS3.exe (Epiforge Software)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Apps\Rainmeter Portable\Rainmeter.exe ()
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lst\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lst\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lst\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lst\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
BootExecute: PDBoot.exeautocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF ProfilePath: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Apps\Foxit Reader Portable\App\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Apps\Foxit Reader Portable\App\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\dictionary.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\google-scholar.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\howlongtobeat.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\metacritic---games.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\releaselog.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\sfdcz.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\titulkycom.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\uloto-vpis-pod-sebou.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\youtube.xml
FF Extension: Český slovník pro kontrolu pravopisu (bez diakritiky) - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\cs2@dictionaries.addons.mozilla.org [2014-11-10]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\cs@dictionaries.addons.mozilla.org [2014-11-09]
FF Extension: British English Dictionary - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\en-GB@dictionaries.addons.mozilla.org [2014-04-01]
FF Extension: United States English Spellchecker - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\en-US@dictionaries.addons.mozilla.org [2014-04-01]
FF Extension: Favicon Restorer - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\faviconrestorer@masserog.it [2014-03-18]
FF Extension: Zotero Word for Windows Integration - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zoteroWinWordIntegration@zotero.org [2014-09-03]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\adblockpopups@jessehakanen.net.xpi [2014-03-18]
FF Extension: YouTube Caption Downloader - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\captiondownloader@hiephm.com.xpi [2014-05-14]
FF Extension: Case Changer - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\casechanger@plugin.xpi [2014-03-18]
FF Extension: Classic Theme Restorer - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-01]
FF Extension: Context Search X - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\contextsearch2@lwz.addons.mozilla.org.xpi [2014-04-16]
FF Extension: Copy Plain Text 2 - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\copyplaintext@teo.pl.xpi [2014-10-13]
FF Extension: Gmelius - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\gmailadsremover@florian.bersier.xpi [2014-03-25]
FF Extension: Multi Links - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\multilinks@plugin.xpi [2014-05-18]
FF Extension: Clickjacking Reveal - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\no-clickjacking@daohoangson.com.xpi [2014-11-21]
FF Extension: Open With - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\openwith@darktrojan.net.xpi [2014-04-22]
FF Extension: Social Fixer - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\socialfixer@mattkruse.com.xpi [2014-04-01]
FF Extension: Undo Closed Tabs Button - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2014-03-18]
FF Extension: Zotero Bibliography Locale Switcher - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zotbiblioswitchlocal@somwhere.org.xpi [2014-10-05]
FF Extension: Zotero - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zotero@chnm.gmu.edu.xpi [2014-03-18]
FF Extension: Zotero Scholar Citations - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zoteroscholarcitations@beloglazov.info.xpi [2014-10-05]
FF Extension: ZotFile - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zotfile@columbia.edu.xpi [2014-05-14]
FF Extension: Zutilo Utility for Zotero - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zutilo@www.wesailatdawn.com.xpi [2014-10-05]
FF Extension: Quick Locale Switcher - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{25A1388B-6B18-46c3-BEBA-A81915D0DE8F}.xpi [2014-04-01]
FF Extension: Linkification - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi [2014-04-16]
FF Extension: X-notifier - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-03-18]
FF Extension: Download Status Bar - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-03-18]
FF Extension: Mozilla Archive Format - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}.xpi [2014-03-18]
FF Extension: Adblock Plus - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-18]
FF Extension: DownThemAll! - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-05-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Avast\WebRep\FF
FF StartMenuInternet: FIREFOX.EXE - C:\Apps\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR Profile: C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bandzone.cz MP3 Download) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\adicpanjnjbpmhpcamgmihddcifhhceg [2014-04-18]
CHR Extension: (Dokumenty Google) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-04]
CHR Extension: (Download FB Album mod) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2014-03-25]
CHR Extension: (Vyhledávání Google) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-04]
CHR Extension: (Gmelius for Gmail) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl [2014-09-16]
CHR Extension: (Social Fixer for Facebook) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2014-03-26]
CHR Extension: (Peněženka Google) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-05]
CHR Extension: (Snooze Your Email for Gmail™) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbmfoncgccdhoknelpglaacbgkclcape [2014-09-16]
CHR Extension: (Streak for Gmail) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2014-09-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [50344 2014-07-08] (AVAST Software)
R2 Backupper Service; C:\Apps\AOMEI Backupper\ABService.exe [29912 2014-04-08] (AOMEI Tech Co., Ltd.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
R2 Everything; C:\Apps\Everything Portable\Everything.exe [1441792 2014-08-06] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-02-10] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [584864 2013-10-11] (Emsisoft GmbH)
R2 PDAgent; C:\Apps\Raxco Perfect Disk\PDAgent.exe [1976696 2012-10-04] (Raxco Software, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4457688 2013-10-11] (Emsisoft GmbH)
S2 SwOffScheduler; C:\Apps\Switch Off\swoff.exe [173056 2014-02-13] (Airytec) [File not signed]
S2 SwOffWeb; C:\Apps\Switch Off\swoff.exe [173056 2014-02-13] (Airytec) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [119296 2009-06-26] (WDC) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2013-05-07] () [File not signed]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2013-05-07] () [File not signed]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2013-02-06] () [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-08] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-08] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-11] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [64720 2013-10-11] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [62008 2013-10-11] ()
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [52360 2013-10-11] (Emsisoft)
R3 OAnet; C:\Windows\System32\DRIVERS\oanet.sys [35368 2013-10-11] (Emsisoft)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-02-11] (Duplex Secure Ltd.)
U5 UnlockerDriver5; C:\Apps\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U3 anieuz32; C:\Windows\System32\Drivers\anieuz32.sys [0 ] (Microsoft Corporation)
R3 WinRing0_1_2_0; \??\C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-21 11:11 - 2014-11-21 11:13 - 00028532 _____ () C:\Users\lst\Desktop\FRST.txt
2014-11-21 11:11 - 2014-11-21 11:12 - 00000000 ____D () C:\FRST
2014-11-21 11:06 - 2014-11-21 11:06 - 00112640 _____ (forum.viry.cz) C:\Users\lst\Desktop\FRSTLauncher.exe
2014-11-21 11:01 - 2014-11-21 11:02 - 02117632 _____ (Farbar) C:\Users\lst\Desktop\FRST64.exe
2014-11-20 20:59 - 2014-11-20 20:59 - 00000000 ____D () C:\Users\lst\restore
2014-11-20 20:06 - 2014-11-20 23:16 - 00000000 ____D () C:\ProgramData\tmp
2014-11-20 20:06 - 2014-11-20 20:06 - 00000807 _____ () C:\Users\Public\Desktop\Fotolab Fotosvet.lnk
2014-11-20 20:06 - 2014-11-20 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotolab Fotosvet
2014-11-20 20:06 - 2014-11-20 20:06 - 00000000 ____D () C:\ProgramData\hps
2014-11-19 07:22 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 07:22 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 07:22 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 07:22 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 19:40 - 2014-11-13 19:40 - 00001132 _____ () C:\Windows\PFRO.log
2014-11-12 18:37 - 2014-11-12 18:37 - 00001551 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-11-12 18:37 - 2014-11-12 18:37 - 00001539 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-11-12 18:37 - 2014-11-12 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-11-11 20:37 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 20:37 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 20:37 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 20:36 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 20:36 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 20:36 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 20:36 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 20:36 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 20:36 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 20:36 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 20:36 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 20:36 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 20:36 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 20:36 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 20:36 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 20:36 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 20:36 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 20:36 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 20:36 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 20:36 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 20:36 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 20:36 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 20:36 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 20:36 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 20:36 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 20:36 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 20:36 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 20:36 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 20:36 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 20:36 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 20:36 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 20:36 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 20:36 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 20:36 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 20:36 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 20:36 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 20:36 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 20:36 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 20:36 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 20:36 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 20:36 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 20:36 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 20:36 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 20:36 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 20:36 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 20:36 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 20:36 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 20:36 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 20:36 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 20:36 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 20:36 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 20:36 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 20:36 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 20:36 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 20:36 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 20:36 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 20:36 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 20:36 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 20:36 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 20:36 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 20:36 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 20:36 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 20:36 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 20:36 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 20:36 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 20:36 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 20:36 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 20:36 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 20:35 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 20:35 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 20:35 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 20:35 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 20:35 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 20:35 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 20:35 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 20:35 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 20:35 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 20:35 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 20:35 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 20:35 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 20:35 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 20:35 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 20:35 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 20:35 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 20:35 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 20:35 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 20:35 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 20:35 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 20:35 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 20:35 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 20:35 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 20:35 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 20:35 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 20:35 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 20:35 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 20:35 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 20:35 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 20:35 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 20:35 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 20:34 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 20:34 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-08 12:22 - 2014-11-08 12:22 - 00000000 ____D () C:\Users\lst\Documents\My SureThing Projects
2014-11-08 12:22 - 2014-11-08 12:22 - 00000000 ____D () C:\Users\lst\AppData\Local\MicroVision Applications
2014-11-08 09:57 - 2014-11-08 09:57 - 00000000 ____D () C:\Users\lst\Documents\dvd
2014-11-08 09:52 - 2014-11-08 23:27 - 00000000 ____D () C:\Users\lst\AppData\Roaming\DVD Flick
2014-11-08 09:50 - 2014-11-08 09:50 - 00001588 _____ () C:\Users\lst\Desktop\DVD Flick.lnk
2014-11-08 09:50 - 2014-11-08 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
2014-11-08 09:50 - 2008-08-31 13:27 - 00028672 _____ (-) C:\Windows\SysWOW64\mousewheel.ocx
2014-11-08 09:50 - 2007-08-31 18:36 - 00036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2014-11-08 09:50 - 2004-03-09 00:00 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2014-11-08 09:50 - 2004-03-09 00:00 - 00609824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2014-11-08 09:50 - 2004-03-09 00:00 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2014-11-08 09:50 - 2003-01-26 13:41 - 00040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2014-11-08 09:50 - 1998-06-24 00:00 - 00164144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2014-11-05 22:05 - 2014-11-18 00:36 - 00000522 _____ () C:\Users\lst\Desktop\Nový textový dokument (3).txt
2014-10-28 22:09 - 2014-10-28 22:23 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-10-28 22:09 - 2014-10-28 22:21 - 00000000 ____D () C:\Users\lst\AppData\Roaming\NCH Software
2014-10-28 22:09 - 2014-10-28 22:09 - 00001156 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoPad Image Editor.lnk
2014-10-28 22:09 - 2014-10-28 22:09 - 00001144 _____ () C:\Users\Public\Desktop\PhotoPad Image Editor.lnk
2014-10-28 22:09 - 2014-10-28 22:09 - 00000000 ____D () C:\ProgramData\NCH Software
2014-10-28 22:09 - 2014-10-28 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-10-28 22:09 - 2014-10-28 22:09 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-10-28 08:38 - 2014-10-28 08:38 - 00000667 _____ () C:\Users\lst\Desktop\Alien Isolation.lnk
2014-10-28 08:38 - 2014-10-28 08:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alien Isolation
2014-10-28 07:46 - 2014-11-21 10:50 - 00008064 _____ () C:\Windows\setupact.log
2014-10-28 07:46 - 2014-10-28 07:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-27 08:31 - 2014-10-27 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deadfall Adventures
2014-10-24 06:04 - 2014-10-24 06:06 - 00000000 ____D () C:\Users\lst\AppData\Roaming\FolderColorize
2014-10-22 10:07 - 2014-10-22 10:07 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-22 10:07 - 2014-10-22 10:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-22 10:07 - 2014-10-22 10:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-22 10:07 - 2014-10-22 10:07 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-22 10:07 - 2014-10-22 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-21 11:08 - 2014-02-23 13:15 - 00000000 ____D () C:\Users\lst\AppData\Roaming\Skype
2014-11-21 10:57 - 2009-07-14 05:45 - 00027840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-21 10:57 - 2009-07-14 05:45 - 00027840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-21 10:56 - 2009-07-14 11:49 - 00731302 _____ () C:\Windows\system32\perfh005.dat
2014-11-21 10:56 - 2009-07-14 11:49 - 00167472 _____ () C:\Windows\system32\perfc005.dat
2014-11-21 10:56 - 2009-07-14 06:13 - 01758162 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-21 10:55 - 2014-02-03 18:05 - 01605922 _____ () C:\Windows\WindowsUpdate.log
2014-11-21 10:51 - 2014-02-16 20:39 - 00000000 ____D () C:\Users\lst\AppData\Roaming\Dropbox
2014-11-21 10:51 - 2014-02-16 14:46 - 00000000 ___RD () C:\Dropbox
2014-11-21 10:49 - 2014-05-09 07:17 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-21 10:48 - 2014-02-16 08:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-21 10:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-21 10:28 - 2014-02-06 20:42 - 00004152 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-21 09:39 - 2014-05-09 07:17 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-20 20:59 - 2014-02-03 17:12 - 00000000 ____D () C:\Users\lst
2014-11-20 08:13 - 2014-02-23 16:19 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-20 08:10 - 2014-02-24 09:13 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-11-19 17:09 - 2014-02-18 19:35 - 00000000 ____D () C:\Users\lst\AppData\Roaming\uTorrent
2014-11-19 14:41 - 2014-02-04 17:48 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-16 20:54 - 2014-02-23 13:00 - 00000000 ____D () C:\TEMP
2014-11-15 14:02 - 2014-02-16 20:42 - 00001057 _____ () C:\Users\lst\Desktop\Dropbox.lnk
2014-11-15 14:02 - 2014-02-16 20:40 - 00000000 ____D () C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-14 01:34 - 2014-05-09 07:17 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 01:34 - 2014-05-09 07:17 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 18:23 - 2014-08-24 08:30 - 00000000 ____D () C:\Users\lst\AppData\Local\Adobe
2014-11-12 18:23 - 2014-02-18 18:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 18:23 - 2014-02-18 18:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 13:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 11:26 - 2014-02-04 09:06 - 00110088 _____ () C:\Users\lst\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-12 11:22 - 2009-07-14 05:45 - 00410528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 11:21 - 2014-02-06 22:50 - 00000000 ____D () C:\Program Files\Avast
2014-11-12 01:51 - 2014-04-24 06:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-11 21:33 - 2014-02-03 18:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-11 21:14 - 2014-02-04 14:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 21:09 - 2014-02-04 14:08 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-07 13:05 - 2014-03-23 10:12 - 00002176 _____ () C:\Users\lst\Desktop\SVIP.txt
2014-11-04 14:30 - 2014-02-04 14:03 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 19:34 - 2014-09-29 19:10 - 00001519 _____ () C:\Users\lst\Desktop\Emaily předsednictva.txt
2014-10-29 19:34 - 2014-04-12 22:25 - 00001918 _____ () C:\Users\lst\Desktop\Nový textový dokument.txt
2014-10-29 16:26 - 2014-02-16 14:32 - 00000000 ___RD () C:\APPS - PORTABLE
2014-10-27 23:59 - 2014-02-11 17:48 - 00000000 ____D () C:\Users\lst\AppData\Roaming\DAEMON Tools Lite
2014-10-27 23:55 - 2014-08-25 12:32 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-10-27 23:54 - 2014-08-25 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-10-27 23:52 - 2014-03-09 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-10-27 23:52 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-27 12:13 - 2014-04-16 21:35 - 00000000 ____D () C:\Users\lst\Documents\My Games
2014-10-24 22:23 - 2014-06-16 20:36 - 00000000 ____D () C:\Users\lst\AppData\Roaming\calibre
2014-10-22 10:08 - 2014-07-15 17:43 - 00000000 ____D () C:\ProgramData\Oracle

Some content of TEMP:
====================
C:\Users\lst\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptdd5lo.dll
C:\Users\lst\AppData\Local\Temp\infozip3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Online Armor Firewall (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\lst\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Preventivka

Napsal: 21 lis 2014 16:12
od altrok
Dobre odpoledne Vam preju :bye:

:arrow: Jsou s PC nejake konkretni problemy?

:arrow: Spustte Mozillu Firefox, stisknete Ctrl + Shift + A a odinstalujte rozsireni a doplnky, ktere nepouzivate.

:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Clean
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Re: Preventivka

Napsal: 28 pro 2014 22:50
od lastsaves
Omlouvám se za dlouhé nereagování.
Kromě citelného zpomalení spouštění většiny programů žádné další symptomy.
Addony ve Firofoxu užívám všechny.
Log níže, děkuji.

# AdwCleaner v4.106 - Report created 28/12/2014 at 22:38:53
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : lst - DESKTOP
# Running from : C:\Users\lst\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Users\lst\AppData\Local\CrashRpt
Folder Deleted : C:\Users\lst\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.lst\Extensions\isreaditlater@ideashower.com

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v27.0 (cs)


-\\ Google Chrome v39.0.2171.95


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [1548 octets] - [28/12/2014 22:35:36]
AdwCleaner[S0].txt - [1479 octets] - [28/12/2014 22:38:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1539 octets] ##########

Poznámka k čištění - PhotoPad Editor od NCH Software, který AdwCleaner odstranil bych rád nainstaloval znovu. Je v něm nějaká havěť?

Re: Preventivka

Napsal: 28 pro 2014 23:20
od altrok
:arrow: Pravdepodobne bude false positive... hned to nahlasim autorum. Diky za pripominku.

:arrow: Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: Preventivka

Napsal: 28 pro 2014 23:40
od lastsaves
Logy níže, díky.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by lst (administrator) on DESKTOP on 28-12-2014 23:33:35
Running from C:\Users\lst\Desktop
Loaded Profile: lst (Available profiles: lst & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oacat.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oasrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\Avast\AvastSvc.exe
(AOMEI Tech Co., Ltd.) C:\Apps\AOMEI Backupper\ABService.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oaui.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oahlp.exe
(SoftPerfect Research) C:\Apps\Networx\networx.exe
() C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Nenad Hrg SoftwareOK) C:\Apps\Desktop OK\DesktopOK_x64.exe
(Alexandr Irza) C:\Apps\Volume 2 Portable\Volume2.exe
(Flux Software LLC) C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Apps\Everything Portable\Everything.exe
(Skype Technologies S.A.) C:\Apps\Skype\Phone\Skype.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Foxit Software Inc.) C:\Apps\Foxit Reader Portable\App\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(4t Niagara Software) C:\Apps\4t Tray Minimizer\4t-min.exe
(Carthago Software) C:\Apps\DeskTask\DeskTask.exe
(4t Niagara Software) C:\Apps\4t Tray Minimizer\4t-min64.exe
(AVAST Software) C:\Program Files\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\acrotray.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Crystal Dew World) C:\Apps\Crystal Disk Info Portable\DiskInfo.exe
(Dropbox, Inc.) C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Apps\Evernote\EvernoteClipper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Raxco Software, Inc.) C:\Apps\Raxco Perfect Disk\PDAgent.exe
() C:\Apps\Rainmeter Portable\Rainmeter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Raxco Software, Inc.) C:\Apps\Raxco Perfect Disk\PDAgentS1.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
() C:\Apps\Everything Portable\Everything.exe
(Mozilla Corporation) C:\Apps\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Apps\Mozilla Firefox\plugin-container.exe
(forum.viry.cz) C:\Users\lst\Desktop\FRST-OlderVersion\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [@OnlineArmor GUI] => C:\Program Files (x86)\Online Armor\oaui.exe [7558464 2013-10-11] (Emsisoft GmbH)
HKLM\...\Run: [NetWorx] => C:\Apps\Networx\networx.exe [6470864 2014-10-01] (SoftPerfect Research)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems

Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Manager] => C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [480768 2009-06-26] (WDC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [DesktopOK] => C:\Apps\Desktop OK\DesktopOK_x64.exe [417280 2014-01-15] (Nenad Hrg

SoftwareOK)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [DAEMON Tools Lite] => C:\Apps\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft

Ltd)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [Volume2] => C:\Apps\Volume 2 Portable\Volume2.exe [4710912 2013-02-10] (Alexandr Irza)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [f.lux] => C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux

Software LLC)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [Skype] => C:\Apps\Skype\Phone\Skype.exe [30522472 2014-11-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [] => [X]
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10

-02] (Nokia)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {52557e1b-9339-11e3-906d-0023ae73d3aa} - A:\setup.exe
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {c3982e40-933f-11e3-8176-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {ca61cac4-8f46-11e3-8682-806e6f6e6963} - "L:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-06] (Microsoft Corporation)
IFEO\taskmgr.exe: [Debugger] "C:\Apps\Process Hacker Portable\ProcessHacker.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4t Tray Minimizer.lnk
ShortcutTarget: 4t Tray Minimizer.lnk -> C:\Apps\4t Tray Minimizer\4t-min.exe (4t Niagara Software)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskTask.lnk
ShortcutTarget: DeskTask.lnk -> C:\Apps\DeskTask\DeskTask.exe (Carthago Software)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Apps\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Grindstone 3.lnk
ShortcutTarget: Grindstone 3.lnk -> C:\Users\lst\AppData\Local\Grindstone 3\GS3.exe (Epiforge Software)
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Apps\Rainmeter Portable\Rainmeter.exe ()
Startup: C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft

Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lst\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

(Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lst\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

(Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lst\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

(Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lst\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

(Dropbox, Inc.)
BootExecute: PDBoot.exeautocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchTerms}

&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft

Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft

Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft

Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Apps\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood

City, CA 94063)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

(Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

(Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

(Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF ProfilePath: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Apps\Foxit Reader Portable\App\Foxit Reader\plugins

\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\dictionary.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\gog.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\google-scholar.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\metacritic---games.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\releaselog.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\sfdcz.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\titulkycom.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\uloto-vpis-pod-sebou.xml
FF SearchPlugin: C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\youtube.xml
FF Extension: Český slovník pro kontrolu pravopisu (bez diakritiky) - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\cs2@dictionaries.addons.mozilla.org [2014-11-10]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\cs@dictionaries.addons.mozilla.org [2014-11-09]
FF Extension: British English Dictionary - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\en-

GB@dictionaries.addons.mozilla.org [2014-04-01]
FF Extension: United States English Spellchecker - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\en-

US@dictionaries.addons.mozilla.org [2014-04-01]
FF Extension: Favicon Restorer - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\faviconrestorer@masserog.it [2014-03-

18]
FF Extension: Zotero Word for Windows Integration - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\zoteroWinWordIntegration@zotero.org [2014-09-03]
FF Extension: Evernote Web Clipper - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{E0B8C461-F8FB-49b4-8373-

FE32E9252800} [2014-12-06]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\adblockpopups@jessehakanen.net.xpi [2014-03-18]
FF Extension: YouTube Caption Downloader - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\captiondownloader@hiephm.com.xpi [2014-05-14]
FF Extension: Case Changer - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\casechanger@plugin.xpi [2014-03-18]
FF Extension: Classic Theme Restorer - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-01]
FF Extension: Context Search X - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\contextsearch2@lwz.addons.mozilla.org.xpi [2014-04-16]
FF Extension: Copy Plain Text 2 - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\copyplaintext@teo.pl.xpi [2014-10-13]
FF Extension: Gmelius - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\gmailadsremover@florian.bersier.xpi [2014-03-25]
FF Extension: Clickjacking Reveal - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\no-clickjacking@daohoangson.com.xpi

[2014-11-21]
FF Extension: Open With - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\openwith@darktrojan.net.xpi [2014-04-22]
FF Extension: Snap Links Plus - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\snaplinks@snaplinks.mozdev.org.xpi

[2014-11-21]
FF Extension: Social Fixer - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\socialfixer@mattkruse.com.xpi [2014-04-01]
FF Extension: Undo Closed Tabs Button - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\undoclosedtabsbutton@supernova00.biz.xpi [2014-03-18]
FF Extension: Zotero Bibliography Locale Switcher - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\zotbiblioswitchlocal@somwhere.org.xpi [2014-10-05]
FF Extension: Zotero - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zotero@chnm.gmu.edu.xpi [2014-03-18]
FF Extension: Zotero Scholar Citations - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\zoteroscholarcitations@beloglazov.info.xpi [2014-10-05]
FF Extension: ZotFile - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zotfile@columbia.edu.xpi [2014-05-14]
FF Extension: Zutilo Utility for Zotero - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions

\zutilo@www.wesailatdawn.com.xpi [2014-10-05]
FF Extension: Quick Locale Switcher - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{25A1388B-6B18-46c3-BEBA-

A81915D0DE8F}.xpi [2014-04-01]
FF Extension: Linkification - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi

[2014-04-16]
FF Extension: X-notifier - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi

[2014-03-18]
FF Extension: Download Status Bar - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{6c28e999-e900-4635-a39d-

b1ec90ba0c0f}.xpi [2014-03-18]
FF Extension: Mozilla Archive Format - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{7f57cf46-4467-4c2d-adfa-

0cba7c507e54}.xpi [2014-03-18]
FF Extension: Adblock Plus - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2014-03-18]
FF Extension: DownThemAll! - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

[2014-05-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Avast\WebRep\FF
FF StartMenuInternet: FIREFOX.EXE - C:\Apps\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR Profile: C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bandzone.cz MP3 Download) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\adicpanjnjbpmhpcamgmihddcifhhceg [2014

-04-18]
CHR Extension: (Dokumenty Google) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-04]
CHR Extension: (Download FB Album mod) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2014-03

-25]
CHR Extension: (Vyhledávání Google) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-04]
CHR Extension: (Gmelius for Gmail) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl [2014-09-16]
CHR Extension: (Social Fixer for Facebook) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb

[2014-03-26]
CHR Extension: (Peněženka Google) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-05]
CHR Extension: (Snooze Your Email for Gmail™) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbmfoncgccdhoknelpglaacbgkclcape

[2014-09-16]
CHR Extension: (Streak for Gmail) - C:\Users\lst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2014-09-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [50344 2014-11-21] (AVAST Software)
R2 Backupper Service; C:\Apps\AOMEI Backupper\ABService.exe [29912 2014-04-08] (AOMEI Tech Co., Ltd.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
R2 Everything; C:\Apps\Everything Portable\Everything.exe [1441792 2014-08-06] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-02-10]

(Macrovision Europe Ltd.) [File not signed]
R2 FoxitCloudUpdateService; C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [584864 2013-10-11] (Emsisoft GmbH)
R2 PDAgent; C:\Apps\Raxco Perfect Disk\PDAgent.exe [1976696 2012-10-04] (Raxco Software, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 SkypeUpdate; C:\Apps\Skype\Updater\Updater.exe [315008 2014-04-03] (Skype Technologies)
R2 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4457688 2013-10-11] (Emsisoft GmbH)
S2 SwOffScheduler; C:\Apps\Switch Off\swoff.exe [173056 2014-02-13] (Airytec) [File not signed]
S2 SwOffWeb; C:\Apps\Switch Off\swoff.exe [173056 2014-02-13] (Airytec) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [119296 2009-06-26] (WDC) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2013-05-07] () [File not signed]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2013-05-07] () [File not signed]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2013-02-06] () [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-21] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-11] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [64720 2013-10-11] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [62008 2013-10-11] ()
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [52360 2013-10-11] (Emsisoft)
R3 OAnet; C:\Windows\System32\DRIVERS\oanet.sys [35368 2013-10-11] (Emsisoft)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-02-11] (Duplex Secure Ltd.)
U5 UnlockerDriver5; C:\Apps\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U3 ap6vjyqv; C:\Windows\System32\Drivers\ap6vjyqv.sys [0 ] (Microsoft Corporation)
R3 WinRing0_1_2_0; \??\C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 23:33 - 2014-12-28 23:34 - 00030248 _____ () C:\Users\lst\Desktop\FRST.txt
2014-12-28 23:32 - 2014-12-28 23:32 - 00000000 ____D () C:\Users\lst\Desktop\FRST-OlderVersion
2014-12-28 23:28 - 2014-12-28 23:28 - 00000000 ____D () C:\Users\lst\Desktop\FRST OLD
2014-12-28 22:35 - 2014-12-28 22:45 - 00000000 ____D () C:\AdwCleaner
2014-12-28 22:30 - 2014-12-28 22:30 - 02173952 _____ () C:\Users\lst\Desktop\adwcleaner_4.106.exe
2014-12-28 17:58 - 2014-12-28 17:58 - 00001008 _____ () C:\Users\Public\Desktop\The Vanishing of Ethan Carter.lnk
2014-12-22 13:12 - 2014-12-22 13:12 - 00000000 ____D () C:\Users\lst\Documents\Klei
2014-12-22 13:01 - 2014-12-22 13:01 - 00000819 _____ () C:\Users\Public\Desktop\Don't Starve.lnk
2014-12-20 19:50 - 2014-12-28 22:40 - 00001186 _____ () C:\Windows\PFRO.log
2014-12-17 19:47 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 19:47 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 20:04 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-16 20:04 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-15 08:51 - 2014-12-28 22:42 - 00004377 _____ () C:\Windows\setupact.log
2014-12-15 08:51 - 2014-12-15 08:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-12 22:56 - 2014-12-12 22:56 - 00000758 _____ () C:\Users\Public\Desktop\The Cat Lady.lnk
2014-12-11 07:59 - 2014-12-11 07:59 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-12-10 21:41 - 2014-12-10 21:41 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-12-10 15:39 - 2014-12-10 15:39 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 11:50 - 2014-12-10 11:50 - 00000000 ____D () C:\Users\lst\Documents\Nokia Suite
2014-12-10 11:42 - 2014-12-10 11:42 - 00002095 _____ () C:\Users\Public\Desktop\Nokia Suite.lnk
2014-12-10 11:42 - 2014-12-10 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
2014-12-10 10:56 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 10:56 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 10:36 - 2014-12-10 10:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2014-12-10 09:26 - 2014-12-10 09:27 - 00000000 ____D () C:\Users\lst\AppData\Local\NokiaAccount
2014-12-10 09:20 - 2014-12-10 09:25 - 00000000 ____D () C:\Users\lst\AppData\Local\Nokia
2014-12-10 09:04 - 2014-12-10 09:18 - 00000000 ____D () C:\ProgramData\Nokia
2014-12-10 09:04 - 2012-10-17 14:53 - 00026112 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfdx64.sys
2014-12-10 09:02 - 2014-12-10 09:02 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution
2014-12-10 09:00 - 2014-12-10 09:04 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-12-10 09:00 - 2014-12-10 09:00 - 00000000 ____D () C:\ProgramData\NokiaInstallerCache
2014-12-10 08:47 - 2014-12-10 11:37 - 00000000 ____D () C:\Users\lst\AppData\Roaming\Nokia
2014-12-10 08:47 - 2014-12-10 10:52 - 00000000 ____D () C:\Users\lst\AppData\Roaming\PC Suite
2014-12-10 08:47 - 2014-12-10 08:47 - 00000000 ____D () C:\ProgramData\PC Suite
2014-12-10 08:36 - 2014-12-10 08:36 - 00001814 _____ () C:\Users\Public\Desktop\Nokia PC Suite.lnk
2014-12-10 08:36 - 2014-12-10 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
2014-12-10 08:35 - 2014-12-10 08:46 - 00000000 ____D () C:\Program Files\DIFX
2014-12-10 08:32 - 2013-01-23 10:31 - 00057856 _____ (Nokia) C:\Windows\system32\nmwcdclsX64.dll
2014-12-10 08:31 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 08:31 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 08:31 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 08:31 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 08:31 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 08:31 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 08:31 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 08:31 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 08:31 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 08:31 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 08:31 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 08:31 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 08:31 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 08:31 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 08:31 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 08:31 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 08:31 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 08:31 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 08:31 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 08:31 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 08:31 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 08:31 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 08:31 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 08:31 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 08:31 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 08:31 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 08:31 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 08:31 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 08:31 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 08:31 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 08:31 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 08:31 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 08:31 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 08:31 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 08:31 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 08:31 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 08:31 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 08:31 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 08:31 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 08:31 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 08:31 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 08:31 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 08:31 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 08:31 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 08:31 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 08:31 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 08:31 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 08:31 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 08:31 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 08:31 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 08:31 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 08:31 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 08:31 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 08:31 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 08:31 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 08:31 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 08:31 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 08:31 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 08:30 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 08:30 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 08:30 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 08:30 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 08:30 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 08:30 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 08:30 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 08:30 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 08:30 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 08:30 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 08:30 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 08:30 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 08:30 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 08:30 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 08:30 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 08:30 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 08:30 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 08:30 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 08:30 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 08:29 - 2014-12-10 08:29 - 00000000 ____D () C:\ProgramData\Installations
2014-12-10 08:29 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 08:29 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-06 14:14 - 2014-12-06 14:14 - 00000000 ____D () C:\Users\lst\AppData\Local\Evernote
2014-12-06 14:01 - 2014-12-06 14:01 - 00000553 _____ () C:\Users\lst\Desktop\Evernote.lnk
2014-12-06 14:01 - 2014-12-06 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-12-06 11:25 - 2014-10-28 22:09 - 00001184 _____ () C:\Users\lst\Desktop\PhotoPad Editor.lnk
2014-12-06 09:45 - 2014-12-06 09:45 - 00000670 _____ () C:\Users\lst\Desktop\Never Alone.lnk
2014-12-06 09:45 - 2014-12-06 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Never Alone
2014-12-05 23:47 - 2014-12-05 23:47 - 00000000 ____D () C:\Users\lst\Documents\KillHouseGames
2014-12-05 19:03 - 2014-12-05 19:03 - 00000767 _____ () C:\Users\Public\Desktop\Door Kickers.lnk
2014-12-05 09:42 - 2014-12-05 09:42 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-12-04 23:32 - 2014-12-04 23:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-04 23:32 - 2014-12-04 23:32 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-12-04 23:32 - 2014-12-04 23:32 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-12-04 23:32 - 2014-12-04 23:32 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-12-04 23:32 - 2014-12-04 23:32 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-12-04 23:32 - 2014-12-04 23:32 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-12-04 23:31 - 2014-12-04 23:31 - 00000728 _____ () C:\Users\Public\Desktop\Dead State.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 23:33 - 2014-11-21 11:11 - 00000000 ____D () C:\FRST
2014-12-28 23:32 - 2014-11-21 11:01 - 02123264 _____ (Farbar) C:\Users\lst\Desktop\FRST64.exe
2014-12-28 23:32 - 2014-02-23 13:15 - 00000000 ____D () C:\Users\lst\AppData\Roaming\Skype
2014-12-28 22:50 - 2009-07-14 05:45 - 00027840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-

601632D005A0
2014-12-28 22:50 - 2009-07-14 05:45 - 00027840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-

601632D005A0
2014-12-28 22:47 - 2014-02-03 18:05 - 02082136 _____ () C:\Windows\WindowsUpdate.log
2014-12-28 22:44 - 2014-02-16 20:39 - 00000000 ____D () C:\Users\lst\AppData\Roaming\Dropbox
2014-12-28 22:44 - 2014-02-16 14:46 - 00000000 ___RD () C:\Dropbox
2014-12-28 22:42 - 2014-05-09 07:17 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-28 22:41 - 2014-02-16 08:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-28 22:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-28 22:39 - 2014-05-09 07:17 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-28 20:14 - 2014-02-23 13:00 - 00000000 ____D () C:\TEMP
2014-12-28 17:58 - 2014-03-09 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-12-28 17:58 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-28 10:30 - 2014-02-24 09:13 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-27 13:32 - 2014-03-09 20:07 - 00001030 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-12-27 13:32 - 2014-03-09 20:07 - 00001018 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-12-27 11:00 - 2014-02-06 20:42 - 00004152 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-23 10:37 - 2014-03-23 10:12 - 00001505 _____ () C:\Users\lst\Desktop\SVIP.txt
2014-12-23 10:37 - 2014-02-23 16:19 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-22 20:23 - 2009-07-14 11:49 - 00731302 _____ () C:\Windows\system32\perfh005.dat
2014-12-22 20:23 - 2009-07-14 11:49 - 00167472 _____ () C:\Windows\system32\perfc005.dat
2014-12-22 20:23 - 2009-07-14 06:13 - 01758162 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 21:01 - 2014-07-30 23:15 - 00000667 _____ () C:\Users\lst\Desktop\Sony.txt
2014-12-20 08:43 - 2014-02-18 19:35 - 00000000 ____D () C:\Users\lst\AppData\Roaming\uTorrent
2014-12-19 14:58 - 2014-02-11 17:48 - 00000000 ____D () C:\Users\lst\AppData\Roaming\DAEMON Tools Lite
2014-12-17 11:26 - 2014-10-15 08:46 - 00000900 _____ () C:\Users\lst\Desktop\EssentialPIM Pro Portable.lnk
2014-12-17 10:52 - 2014-02-06 22:50 - 00000000 ____D () C:\Program Files\Avast
2014-12-13 01:12 - 2014-07-25 13:44 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-07-25 13:44 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2014-02-16 08:58 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-13 01:12 - 2014-02-16 08:58 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-12 18:23 - 2014-08-24 08:30 - 00000000 ____D () C:\Users\lst\AppData\Local\Adobe
2014-12-12 18:23 - 2014-02-18 18:44 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 18:23 - 2014-02-18 18:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 18:13 - 2014-02-16 20:42 - 00001057 _____ () C:\Users\lst\Desktop\Dropbox.lnk
2014-12-12 18:13 - 2014-02-16 20:40 - 00000000 ____D () C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-12 18:07 - 2014-02-04 17:48 - 00002265 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 19:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 15:39 - 2014-04-24 06:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 15:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 15:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 11:12 - 2014-02-03 18:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 11:09 - 2014-02-04 14:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 11:01 - 2014-02-04 14:08 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-05 09:42 - 2014-02-23 13:15 - 00000000 ____D () C:\ProgramData\Skype
2014-12-04 23:40 - 2014-04-16 21:35 - 00000000 ____D () C:\Users\lst\Documents\My Games

Some content of TEMP:
====================
C:\Users\lst\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxwls9j.dll
C:\Users\lst\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\lst\AppData\Local\Temp\Quarantine.exe
C:\Users\lst\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Percentage of memory in use: 49%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:A29E7570

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Online Armor Firewall (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\lst\Desktop" je 6 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by lst at 2014-12-28 23:34:28
Running from C:\Users\lst\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Online Armor Firewall (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\uTorrent) (Version: 3.4.2.37594 - BitTorrent Inc.)
4t Tray Minimizer Free 6.04.2 (HKLM-x32\...\4t Tray Minimizer_is1) (Version: 6.04.2 - 4t Niagara Software)
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version:

9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Airytec Switch Off (HKLM\...\Airytec Switch Off) (Version: 3.4.2 - Airytec)
Aktualizace NVIDIA 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
Alan Wake (HKLM-x32\...\Alan Wake_is1) (Version: - GOG.com)
Amazon Kindle (HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Amazon Kindle) (Version: - Amazon)
AOMEI Backupper Standard Edition 2.0 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
BackUp Maker (HKLM-x32\...\BackUp Maker_is1) (Version: 7.0.0.3 - ASCOMP Software GmbH)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 -

Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version:

05/31/2012 7.1.2.0 - Nokia)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{0BED0B96-70B8-4893-884B-DC485DC8C1B7}) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
Card City Nights (HKLM-x32\...\Q2FyZENpdHlOaWdodHM=_is1) (Version: 1 - )
Classic Menu for Office Home and Student 2010 v5.25 (HKLM\...\{9A7CEBDF-37E2-4B63-A384-2A9FD5CE0A80}_is1) (Version: 5.25 - Addintools)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
CONSORTIUM - The Master Edition (HKLM-x32\...\GOGPACKCONSORTIUM_is1) (Version: 2.0.1.5 - GOG.com)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dead State (HKLM-x32\...\1207666333_is1) (Version: 2.0.0.1 - GOG.com)
DeskTask (remove only) (HKLM-x32\...\desktask) (Version: - )
Desktop Dungeons (HKLM-x32\...\GOGPACKDESKTOPDUNGEONS_is1) (Version: 2.0.0.1 - GOG.com)
Don't Starve (HKLM-x32\...\GOGPACKDONTSTARVE_is1) (Version: 2.7.0.16 - GOG.com)
Door Kickers (HKLM-x32\...\1207666463_is1) (Version: 2.0.0.1 - GOG.com)
Dropbox (HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Duplicate Cleaner Free 3.2.4 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.4 - DigitalVolcano Software Ltd) <==== ATTENTION
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
f.lux (HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Flux) (Version: - )
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.3.25.1124 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Collector (HKLM-x32\...\{9E6E8929-ECC5-4941-9898-C7C66ACE49F1}_is1) (Version: - Collectorz.com)
GCstar 1.6.1 (HKLM-x32\...\GCstar) (Version: 1.6.1 - Tian)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grindstone 3 (HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Grindstone 3) (Version: - )
Guitar Pro 5.0 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Legend of Grimrock II (HKLM-x32\...\1207666193_is1) (Version: 2.0.0.1 - GOG.com)
MAXQDA 11 (Release 11.0.8) (HKLM-x32\...\MAXQDA11) (Version: (Release 11.0.8) - VERBI Software.Consult.Sozialforschung GmbH)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Converter Pack (HKLM-x32\...\{6EECB283-E65F-40EF-86D3-D51BF02A8D43}) (Version: 11.0.0.0 - Microsoft Corporation - Office Resource Kit

Group)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft

Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft

Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft

Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft

Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft

Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft

Corporation)
Movie Collector (HKLM-x32\...\{8EC6EBB4-D899-4C6B-BA17-C21B78988F23}_is1) (Version: - Collectorz.com)
Mozilla Firefox 27.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 27.0 (x86 cs)) (Version: 27.0 - Mozilla)
Mozilla Firefox 34.0 (x86 cs) (HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Mozilla Firefox 34.0 (x86 cs)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Never Alone (HKLM-x32\...\Never Alone_is1) (Version: - )
NEWTON Dictate 4.0 START (HKLM-x32\...\{31A2A058-149E-4622-A8F4-3DC5D2322ADD}_is1) (Version: 4.0.0.73 - NEWTON Technologies, a.s.)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Online Armor 7.0 (HKLM-x32\...\OnlineArmor_is1) (Version: 7.0 - Emsisoft GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outlast (HKLM-x32\...\GOGPACKOUTLAST_is1) (Version: 2.0.0.3 - GOG.com)
Ovládací panel NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PerfectDisk 12.5 Professional (HKLM\...\{FD310764-B3E5-430F-980E-D6C0016B2660}) (Version: 12.05.312 - Raxco Software Inc.)
Philips SpMikeCtrl (HKLM-x32\...\{78F24F78-0969-4E48-8B01-7096BF22B984}) (Version: 3.1.310.01 - Speech Processing Solutions GmbH)
PhilipsDriver (HKLM-x32\...\{646C0CDC-FE1C-43D6-BC43-99E5DE3166AB}) (Version: 1.0.0 - Newton IT)
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 2.61 - NCH Software)
Replay Video Capture 7 (HKLM-x32\...\Replay Video Capture7.4) (Version: 7.4 - Applian Technologies Inc.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Scan Tailor (HKLM-x32\...\Scan Tailor) (Version: - )
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8

-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shadowrun Dragonfall - Director's Cut (HKLM-x32\...\1207660913_is1) (Version: 2.0.0.1 - GOG.com)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Sigil 0.7.4 (HKLM-x32\...\Sigil_is1) (Version: - John Schember)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Small World 2 v2.5.1.1365 MULTI6 (HKLM-x32\...\U21hbGxXb3JsZDI=_is1) (Version: 1 - )
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Steamalot - Epoch's Journey version 2.0 (HKLM-x32\...\{8127AD01-4FEF-413C-B9D5-74A9969059EC}_is1) (Version: 2.0 - Risen Phoenix Studios)
The Cat Lady (HKLM-x32\...\1207659201_is1) (Version: 2.2.0.6 - GOG.com)
The Last Door - Collector's Edition version 1 (HKLM-x32\...\{5202B225-B0CD-4958-ABEE-4D7507322FBB}_is1) (Version: 1 - Phoenix Online Publishing)
The Vanishing of Ethan Carter (HKLM-x32\...\1207665373_is1) (Version: 2.0.0.2 - GOG.com)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\GOGPACKTHEWITCHER2EE_is1) (Version: 3.4.0.25 - GOG.com)
This War of Mine (HKLM-x32\...\1207666873_is1) (Version: 2.0.0.2 - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
WD Drive Manager (x64) (HKLM\...\{D2CBDAE4-0D71-4A61-A565-CA8A26026C6C}) (Version: 2.115 - Western Digital)
yEd Graph Editor 3.12.2 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.12.2 - yWorks GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2534191315-2677609168-2277508931-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\lst

\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2534191315-2677609168-2277508931-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lst

\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2534191315-2677609168-2277508931-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lst

\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2534191315-2677609168-2277508931-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lst

\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2534191315-2677609168-2277508931-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lst

\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0608589E-120B-443B-89BB-34F0332667F0} - System32\Tasks\Chameleon Monitor-lst => c:\program files (x86)\common files\Chameleon Manager\monitor.exe

[2014-03-23] (NeoSoft Tools)
Task: {36ED28DB-8761-45B6-A7F2-34DB3DC61AAA} - System32\Tasks\Everything => C:\Apps\Everything Portable\Everything.exe [2014-08-06] ()
Task: {40303F20-AF51-423C-A5F1-5CC62A529FFB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {479AD052-1FB3-4ADC-9AC2-9064A833640D} - System32\Tasks\BackUp_Maker-Martin_Hermansky => C:\Apps\BackUp Maker\bkmaker.exe [2014-10-02] (ASCOMP

Software GmbH)
Task: {6BC4CFC5-5971-4830-A123-854AD68F1605} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014

-02-04] (Google Inc.)
Task: {7A7620BD-E6C3-4FE7-B76F-D2C72FE40888} - System32\Tasks\Run Everything Search => C:\Apps\Everything Portable\Everything-1.2.1.371.exe
Task: {7D116E8D-FE4E-4992-ABF9-934F302DEC17} - System32\Tasks\Chameleon Monitor-startup-lst => c:\program files (x86)\common files\Chameleon Manager

\monitor.exe [2014-03-23] (NeoSoft Tools)
Task: {94B85FE1-9236-4A61-88D1-53E57B23620B} - System32\Tasks\Networx => C:\Apps\Networx\networx.exe [2014-10-01] (SoftPerfect Research)
Task: {9D562549-E25E-43E5-ADAC-3869D8940854} - System32\Tasks\CrystalDiskInfo => C:\Apps\Crystal Disk Info Portable\DiskInfo.exe [2014-01-29] (Crystal

Dew World)
Task: {9F4C3BCB-A4EE-4386-832F-A6C5F1AA7A62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-

02-04] (Google Inc.)
Task: {C88746A3-B037-4D41-A33F-413EC4A768D1} - System32\Tasks\Run Everything => C:\Apps\Everything Portable\Everything-1.2.1.371.exe
Task: {E9A76DA4-30B1-42A5-BB93-95B5A0F07B2F} - System32\Tasks\Open Hardware Monitor\Startup => C:\Apps\Open Hardware Monitor Portable

\OpenHardwareMonitor.exe [2013-07-14] ()
Task: {FFE85434-D1C1-4DB0-91D3-1322658B8A54} - System32\Tasks\avast! Emergency Update => C:\Program Files\Avast\AvastEmUpdate.exe [2014-11-21] (AVAST

Software)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-16 08:56 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-11-09 11:18 - 2012-11-09 11:18 - 00034304 _____ () C:\Windows\System32\xrxs1l6.dll
2014-02-11 12:17 - 2014-06-06 14:41 - 00718336 _____ () C:\Apps\Networx\sqlite.dll
2014-02-11 12:14 - 2013-07-14 17:33 - 00486912 _____ () C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.exe
2014-02-11 12:14 - 2012-05-27 18:05 - 00149504 _____ () C:\Apps\Open Hardware Monitor Portable\Aga.Controls.dll
2014-02-11 12:14 - 2013-07-14 17:33 - 00259584 _____ () C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitorLib.dll
2014-08-08 18:39 - 2014-08-06 09:34 - 01441792 _____ () C:\Apps\Everything Portable\Everything.exe
2013-10-29 21:45 - 2013-10-29 21:45 - 00036536 _____ () C:\Apps\Rainmeter Portable\Rainmeter.exe
2013-10-29 21:45 - 2013-10-29 21:45 - 00798392 _____ () C:\Apps\Rainmeter Portable\Rainmeter.dll
2013-10-29 21:44 - 2013-10-29 21:44 - 00368640 _____ () C:\Apps\Rainmeter Portable\Plugins\NowPlaying.DLL
2013-10-29 21:41 - 2013-10-29 21:41 - 00058880 _____ () C:\Apps\Rainmeter Portable\Plugins\WebParser.dll
2014-12-28 20:39 - 2014-12-28 20:39 - 02908160 _____ () C:\Program Files\Avast\defs\14122801\algo.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00237272 _____ () C:\Apps\AOMEI Backupper\UiLogic.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00224984 _____ () C:\Apps\AOMEI Backupper\diskmgr.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00171736 _____ () C:\Apps\AOMEI Backupper\Comn.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00077528 _____ () C:\Apps\AOMEI Backupper\Ldm.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00061144 _____ () C:\Apps\AOMEI Backupper\Device.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00257752 _____ () C:\Apps\AOMEI Backupper\BrFat.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00368344 _____ () C:\Apps\AOMEI Backupper\BrNtfs.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00069336 _____ () C:\Apps\AOMEI Backupper\FuncLogic.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00224984 _____ () C:\Apps\AOMEI Backupper\Clone.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00335576 _____ () C:\Apps\AOMEI Backupper\ImgFile.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00028376 _____ () C:\Apps\AOMEI Backupper\Encrypt.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00073432 _____ () C:\Apps\AOMEI Backupper\Compress.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00093912 _____ () C:\Apps\AOMEI Backupper\BrVol.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00188120 _____ () C:\Apps\AOMEI Backupper\GptBcd.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00138968 _____ () C:\Apps\AOMEI Backupper\FlBackup.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00478936 _____ () C:\Apps\AOMEI Backupper\EnumFolder.dll
2014-04-28 18:37 - 2014-04-08 17:51 - 00061144 _____ () C:\Apps\AOMEI Backupper\Backup.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-02 20:29 - 2013-10-02 20:29 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-10-02 20:30 - 2013-10-02 20:30 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-10-02 20:28 - 2013-10-02 20:28 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-10-02 20:28 - 2013-10-02 20:28 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-10-02 20:30 - 2013-10-02 20:30 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2014-11-21 11:30 - 2014-11-21 11:30 - 38562088 _____ () C:\Program Files\Avast\libcef.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\lst\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-28 22:43 - 2014-12-28 22:43 - 00043008 _____ () c:\Users\lst\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-

3e3e7ecf0d81}.tmpxwls9j.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\lst\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\lst\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\lst\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-11-19 22:14 - 2014-11-19 22:14 - 00438336 _____ () C:\Apps\Evernote\libxml2.dll
2014-11-19 22:14 - 2014-11-19 22:14 - 00320064 _____ () C:\Apps\Evernote\libtidy.dll
2014-12-03 21:05 - 2014-12-03 21:05 - 03758192 _____ () C:\Apps\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:A29E7570

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2534191315-2677609168-2277508931-500 - Administrator - Disabled)
Guest (S-1-5-21-2534191315-2677609168-2277508931-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2534191315-2677609168-2277508931-1002 - Limited - Enabled)
lst (S-1-5-21-2534191315-2677609168-2277508931-1000 - Administrator - Enabled) => C:\Users\lst

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2014 10:43:35 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/28/2014 11:13:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro

Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/28/2014 11:13:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro

Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/28/2014 09:08:43 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis =

Naplánovaný kontrolní bod; Chyba = 0x80070422).

Error: (12/28/2014 09:03:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro

Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze

najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/28/2014 09:03:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro

Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/28/2014 08:39:02 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/27/2014 08:24:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis =

Naplánovaný kontrolní bod; Chyba = 0x80070422).

Error: (12/27/2014 05:44:48 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/27/2014 01:35:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro

Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (12/28/2014 10:43:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error: (12/28/2014 04:06:01 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.

Error: (12/28/2014 08:48:05 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače TABLET-HP,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{71010EE1-66D9-4F7A-9BCA-163F06904E87}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (12/28/2014 08:39:05 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (12/28/2014 08:39:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Adaptér naslouchání Net.Tcp závisí na službě Služba sdílení portů Net.Tcp, která neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (12/28/2014 08:39:05 AM) (Source: W3SVC) (EventID: 1004) (User: )
Description: Služba publikování na webu (Webová služba) neregistrovala předponu adresy URL http://*:80/ pro web 1. Web byl zakázán. Datové pole obsahuje

číslo chyby.

Error: (12/28/2014 08:39:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error: (12/28/2014 08:38:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba sdílení portů Net.Tcp neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (12/28/2014 08:38:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba sdílení portů Net.Tcp bylo dosaženo časového limitu (30000 ms).

Error: (12/27/2014 05:44:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064


Microsoft Office Sessions:
=========================
Error: (12/28/2014 10:43:35 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/28/2014 11:13:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS

\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL

Error: (12/28/2014 11:13:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS

\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL

Error: (12/28/2014 09:08:43 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationNaplánovaný kontrolní bod0x80070422

Error: (12/28/2014 09:03:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"c:\Apps\replay

video capture 7\MakeLink.exe

Error: (12/28/2014 09:03:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\Apps\Nokia\nokia

pc suite 7\TIS_Windows7PIM.dll

Error: (12/28/2014 08:39:02 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/27/2014 08:24:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationNaplánovaný kontrolní bod0x80070422

Error: (12/27/2014 05:44:48 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/27/2014 01:35:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS

\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 49%
Total physical RAM: 3965.61 MB
Available physical RAM: 2019.18 MB
Total Pagefile: 7929.4 MB
Available Pagefile: 5160.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive a: (Outcast 1.1) (CDROM) (Total:1.43 GB) (Free:0 GB) UDF
Drive c: (SYSTEM) (Fixed) (Total:62.49 GB) (Free:2.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Never Alone) (CDROM) (Total:2.65 GB) (Free:0 GB) CDFS
Drive e: (BACKUP_SG160) (Fixed) (Total:97.65 GB) (Free:3.62 GB) NTFS
Drive f: (GAMES_SG) (Fixed) (Total:195.31 GB) (Free:20.61 GB) NTFS
Drive g: (RPG_WD) (Fixed) (Total:48.83 GB) (Free:1.04 GB) NTFS
Drive h: (MOVIES_SG) (Fixed) (Total:488.28 GB) (Free:20.62 GB) NTFS
Drive i: (ANTROPO_WD) (Fixed) (Total:195.32 GB) (Free:17.28 GB) NTFS
Drive k: (FUN_WD) (Fixed) (Total:215.31 GB) (Free:45.84 GB) NTFS
Drive o: (AUDIO_SG) (Fixed) (Total:185.43 GB) (Free:0.74 GB) NTFS
Drive p: (DOWN_SG160) (Fixed) (Total:51.35 GB) (Free:7.89 GB) NTFS
Drive q: (PHOTO_WD) (Fixed) (Total:136.71 GB) (Free:0.4 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

Re: Preventivka

Napsal: 29 pro 2014 02:31
od altrok
  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [DAEMON Tools Lite] => C:\Apps\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [] => [X]
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {52557e1b-9339-11e3-906d-0023ae73d3aa} - A:\setup.exe
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {c3982e40-933f-11e3-8176-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {ca61cac4-8f46-11e3-8682-806e6f6e6963} - "L:\WD SmartWare.exe" autoplay=true

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Apps\Foxit Reader Portable\App\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

2014-12-28 23:33 - 2014-12-28 23:34 - 00030248 _____ () C:\Users\lst\Desktop\FRST.txt
2014-12-28 23:32 - 2014-12-28 23:32 - 00000000 ____D () C:\Users\lst\Desktop\FRST-OlderVersion
2014-12-28 23:28 - 2014-12-28 23:28 - 00000000 ____D () C:\Users\lst\Desktop\FRST OLD
2014-12-28 22:35 - 2014-12-28 22:45 - 00000000 ____D () C:\AdwCleaner
2014-12-28 22:30 - 2014-12-28 22:30 - 02173952 _____ () C:\Users\lst\Desktop\adwcleaner_4.106.exe
AlternateDataStreams: C:\ProgramData\TEMP:A29E7570

REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" /v "EnableFirewall" /t "REG_DWORD" /d "00000001"
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t "REG_DWORD" /d "00000001"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:A29E7570
Hosts:
EmptyTemp:
End

Re: Preventivka

Napsal: 29 pro 2014 12:25
od lastsaves
Log níže.
Během čištění (nebo spíš po jeho skončení) počítač zamrznul. Postupně povypínal všechny procesy, předpokládám, že chtěl provést restart, ale zamrznul. Musel jsem to řešit restartem.
Díky.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by lst at 2014-12-29 11:46:16 Run:1
Running from C:\Users\lst\Desktop
Loaded Profile: lst (Available profiles: lst & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems

Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [DAEMON Tools Lite] => C:\Apps\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft

Ltd)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [] => [X]
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10

-02] (Nokia)
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {52557e1b-9339-11e3-906d-0023ae73d3aa} - A:\setup.exe
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {c3982e40-933f-11e3-8176-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\...\MountPoints2: {ca61cac4-8f46-11e3-8682-806e6f6e6963} - "L:\WD SmartWare.exe" autoplay=true

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Apps\Foxit Reader Portable\App\Foxit Reader\plugins

\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

2014-12-28 23:33 - 2014-12-28 23:34 - 00030248 _____ () C:\Users\lst\Desktop\FRST.txt
2014-12-28 23:32 - 2014-12-28 23:32 - 00000000 ____D () C:\Users\lst\Desktop\FRST-OlderVersion
2014-12-28 23:28 - 2014-12-28 23:28 - 00000000 ____D () C:\Users\lst\Desktop\FRST OLD
2014-12-28 22:35 - 2014-12-28 22:45 - 00000000 ____D () C:\AdwCleaner
2014-12-28 22:30 - 2014-12-28 22:30 - 02173952 _____ () C:\Users\lst\Desktop\adwcleaner_4.106.exe
AlternateDataStreams: C:\ProgramData\TEMP:A29E7570

REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" /v "EnableFirewall" /t

"REG_DWORD" /d "00000001"
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t

"REG_DWORD" /d "00000001"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:A29E7570
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => value deleted successfully.
"HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52557e1b-9339-11e3-906d-

0023ae73d3aa}" => Key deleted successfully.
HKCR\CLSID\{52557e1b-9339-11e3-906d-0023ae73d3aa} => Key not found.
"HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3982e40-933f-11e3-8176-

806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{c3982e40-933f-11e3-8176-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-2534191315-2677609168-2277508931-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca61cac4-8f46-11e3-8682-

806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{ca61cac4-8f46-11e3-8682-806e6f6e6963} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"C:\Users\lst\Desktop\FRST.txt" => File/Directory not found.
"C:\Users\lst\Desktop\FRST-OlderVersion" => File/Directory not found.
"C:\Users\lst\Desktop\FRST OLD" => File/Directory not found.
C:\AdwCleaner => Moved successfully.
"C:\Users\lst\Desktop\adwcleaner_4.106.exe" => File/Directory not found.
C:\ProgramData\TEMP => ":A29E7570" ADS removed successfully.

========= reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" /v "EnableFirewall" /t

"REG_DWORD" /d "00000001" =========

Re: Preventivka

Napsal: 29 pro 2014 12:29
od altrok
Neprobehl konec fixlistu ->
  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:A29E7570
Hosts:
EmptyTemp:
End

Re: Preventivka

Napsal: 29 pro 2014 14:21
od lastsaves
Opět freeze a restart.
Logy níže.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by lst at 2014-12-29 14:03:59 Run:2
Running from C:\Users\lst\Desktop
Loaded Profile: lst (Available profiles: lst & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:A29E7570
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":A29E7570" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

----------------------------------------------------------------------------
CrystalDiskInfo 6.1.1 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2014/12/29 14:20:22

-- Controller Map ----------------------------------------------------------
+ ATA Channel 1 (1) [ATA]
- WDC WD6400AAKS-00A7B2 ATA Device
+ Intel(R) ICH10 Family 6 Port SATA AHCI Controller - 3A02 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ ATA Channel 2 (2)
- ST3160815AS ATA Device
+ ATA Channel 3 (3)
- TSSTcorp DVD+-RW TS-H653A ATA Device
- ATA Channel 5 (5)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- ST1000DM003-1CH162 ATA Device
- ATA Channel 1 (1)
+ ACOBCFH3 IDE Controller [SCSI]
- MVKX S9MN0XQ7SL2 SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) ST3160815AS : 160,0 GB [0/4/0, pd1] - st
(2) WDC WD6400AAKS-00A7B2 : 640,1 GB [1/3/0, pd1] - wd
(3) ST1000DM003-1CH162 : 1000,2 GB [2/2/0, pd1] - st

----------------------------------------------------------------------------
(1) ST3160815AS
----------------------------------------------------------------------------
Model : ST3160815AS
Firmware : 4.ADA
Serial Number : 6RX92GE0
Disk Size : 160,0 GB (8,4/137,4/160,0/159,9)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312500000
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 24918 hours
Power On Count : 978 count
Temparature : 40 C (104 F)
Health Status : Good
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : D000h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Read Error Rate
03 _98 _97 _70 000000000000 Spin-Up Time
04 100 100 _20 0000000003D7 Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _87 _60 _30 00001ED2D717 Seek Error Rate
09 _72 _72 __0 000000006156 Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C 100 100 _20 0000000003D2 Power Cycle Count
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BD 100 100 __0 000000000000 High Fly Writes
BE _60 _54 _45 000028280028 Airflow Temperature
C2 _40 _46 __0 001300000028 Temperature
C3 _74 _63 __0 0000034E5D6E Hardware ECC recovered
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate
CA 100 253 __0 000000000000 Data Address Mark Error

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 3652 5839 3247 4530
020: 0000 4000 0004 342E 4144 4120 2020 5354 3331 3630
030: 3831 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0506 0000 0040 0040
080: 00FE 0000 346B 7701 4023 3469 3401 4023 207F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 5F20 12A0 0000 0000 0000 0000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 5F20
130: 12A0 5F20 12A0 2020 0002 02B6 8002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 1200 0002 0080 0000 0000
150: 0080 0202 0000 0404 0000 0000 0000 0000 1B00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C2A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 64 FD 00 00 00 00 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 64 64 D7
020: 03 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 57 3C 17 D7 D2 1E 00 00 00 09 32
040: 00 48 48 56 61 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 D2 03 00 00 00
060: 00 00 BB 32 00 64 64 00 00 00 00 00 00 00 BD 3A
070: 00 64 64 00 00 00 00 00 00 00 BE 22 00 3C 36 28
080: 00 28 28 00 00 00 C2 22 00 28 2E 28 00 00 00 13
090: 00 00 C3 1A 00 4A 3F 6E 5D 4E 03 00 00 00 C5 12
0A0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 02 36 03 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 07 03 03 03 03 03 03 03 02 00
190: 00 00 00 00 00 00 00 01 10 6C 32 00 00 00 00 00
1A0: 01 00 14 45 77 5A A8 0A 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 10 6C 32 00 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 AF 27 62 48 04 00
1D0: 00 00 16 37 00 00 00 00 00 00 56 61 00 00 00 00
1E0: 52 23 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6B

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 46
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00
070: 00 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E0

----------------------------------------------------------------------------
(2) WDC WD6400AAKS-00A7B2
----------------------------------------------------------------------------
Model : WDC WD6400AAKS-00A7B2
Firmware : 01.03B01
Serial Number : WD-WCASY6885750
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/150
Power On Hours : 16285 hours
Power On Count : 3115 count
Temparature : 41 C (105 F)
Health Status : Good
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 162 160 _21 00000000130B Spin-Up Time
04 _97 _97 __0 000000000C30 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 100 253 __0 000000000000 Seek Error Rate
09 _78 _78 __0 000000003F9D Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _97 _97 __0 000000000C2B Power Cycle Count
C0 199 199 __0 000000000510 Power-off Retract Count
C1 199 199 __0 000000000C30 Load/Unload Cycle Count
C2 106 _90 __0 000000000029 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 200 200 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 00000000000B UltraDMA CRC Error Count
C8 200 200 __0 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4153 5936 3838 3537 3530
020: 0000 8000 0032 3031 2E30 3342 3031 5744 4320 5744
030: 3634 3030 4141 4B53 2D30 3041 3742 3220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0702 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 207F 003B
090: 003B 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE1
110: 01EF 0347 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 03A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 A2 A0 0B 13 00 00 00 00 00 04 32 00 61 61 30
020: 0C 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 4E 4E 9D 3F 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 2B 0C 00 00 00 00 00 C0 32
070: 00 C7 C7 10 05 00 00 00 00 00 C1 32 00 C7 C7 30
080: 0C 00 00 00 00 00 C2 22 00 6A 5A 29 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 0B 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 3C 2D 01 7B
170: 03 00 01 00 02 88 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 76

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ED

----------------------------------------------------------------------------
(3) ST1000DM003-1CH162
----------------------------------------------------------------------------
Model : ST1000DM003-1CH162
Firmware : CC49
Serial Number : Z1D9LR3J
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Unknown
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 2320 hours
Power On Count : 416 count
Temparature : 35 C (95 F)
Health Status : Good
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 109 _99 __6 00000173C698 Read Error Rate
03 _97 _97 __0 000000000000 Spin-Up Time
04 100 100 _20 0000000001A1 Start/Stop Count
05 100 100 _10 000000000000 Reallocated Sectors Count
07 _81 _60 _30 000008B93390 Seek Error Rate
09 _98 _98 __0 000000000910 Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C 100 100 _20 0000000001A0 Power Cycle Count
B7 100 100 __0 000000000000 Vendor Specific
B8 100 100 _99 000000000000 End-to-End Error
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BC 100 100 __0 000000000000 Command Timeout
BD _93 _93 __0 000000000007 High Fly Writes
BE _65 _58 _45 000123230023 Airflow Temperature
BF 100 100 __0 000000000000 G-Sense Error Rate
C0 100 100 __0 000000000010 Power-off Retract Count
C1 _98 _98 __0 000000001209 Load/Unload Cycle Count
C2 _35 _42 __0 800000000023 Temperature
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
F0 100 253 __0 438900000913 Head Flying Hours
F1 100 253 __0 0001BA9B9C09 Total Host Writes
F2 100 253 __0 0002784EDF27 Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5A31 4439 4C52 334A
020: 0000 0000 0004 4343 3439 2020 2020 5354 3130 3030
030: 444D 3030 332D 3143 4831 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 004C 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 207F 0032
090: 0032 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 6603 A785 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 8800
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 45A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 6D 63 98 C6 73 01 00 00 00 03 03
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 64 64 A1
020: 01 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 51 3C 90 33 B9 08 00 00 00 09 32
040: 00 62 62 10 09 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 A0 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 5D 5D 07 00 00 00 00 00 00 BE 22
0A0: 00 41 3A 23 00 23 23 01 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 10 00 00 00 00
0C0: 00 00 C1 32 00 62 62 09 12 00 00 00 00 00 C2 22
0D0: 00 23 2A 23 00 00 00 00 80 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 13 09 00 00 89 43 32 F1 00 00 64 FD 09
110: 9C 9B BA 01 00 00 F2 00 00 64 FD 27 DF 4E 78 02
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 48 02 00 73
170: 03 00 01 00 01 69 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 53 16 00 00 01 03 03 03 04 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 23 DF F7 F0 A6 07 00 00
1B0: 00 00 00 00 01 00 53 0A 09 9C 9B BA 01 00 00 00
1C0: 27 DF 4E 78 02 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 D8 10 00 00 33 00 10 00
1E0: 00 00 00 00 70 04 01 00 00 00 00 00 00 00 00 16
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CE

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

Re: Preventivka

Napsal: 29 pro 2014 14:41
od altrok
:arrow: Pouzijte http://oldtimer.geekstogo.com/TFC.exe . Pak by se hodilo (ja to poustim pres noc) pouzit chkdsk

:arrow: Start -> Spustit -> cmd
  • vepiste chkdsk /r
  • enter a restartujte PC
  • tato kontrola a opravovani probihaji pred nactenim OS a trvaji az nekolik hodin

Re: Preventivka

Napsal: 29 pro 2014 15:14
od lastsaves
Pravidelně čistím CCleanerem, ale uvidím, co TFC dokáže ;)
Checkdisk přes noc proženu.
Díky za pomoc.

Re: Preventivka

Napsal: 31 pro 2014 02:54
od altrok
Nemate zac.

Pak dejte vedet, jestli to pocitaci pomohlo.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz