prosím o kontrolu logu frst
Napsal: 22 lis 2014 20:05
prosím o kontrolu, nemohu se zbavit omiga-plus. děkuji
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-11-2014 01
Ran by MilHan (administrator) on DRAXLERCOMP on 22-11-2014 19:55:45
Running from C:\Users\MilHan\Desktop
Loaded Profile: MilHan (Available profiles: MilHan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Klip Pal\bin\utilKlipPal.exe
() C:\Program Files (x86)\Klip Pal\bin\KlipPal.BrowserAdapter64.exe
() C:\Program Files (x86)\Klip Pal\bin\KlipPal.BrowserAdapter.exe
() C:\Program Files (x86)\Klip Pal\bin\KlipPal.PurBrowse64.exe
() C:\Program Files (x86)\Klip Pal\updateKlipPal.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\MilHan\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [4035152 2011-09-22] (ESET)
HKLM-x32\...\Run: [pdfSaver3] => [X]
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\Run: [] => [X]
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {0275c3cd-5b46-11e1-b0df-485b39953c39} - I:\setup.exe
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {1cf4f75f-3c0d-11e3-afcc-485b39953c39} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {6d499351-477b-11e2-bfb0-806e6f6e6963} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {9f5e7b79-28cf-11e1-8898-485b39953c39} - I:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {cb5e2836-33b7-11e0-8137-485b39953c39} - J:\Autorun.exe
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
URLSearchHook: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc& ... J9GZA04210
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2481032
SearchScopes: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2481032
SearchScopes: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> {D06527DF-59E0-4074-935C-CEEE83AAF66B} URL = http://websearch.ask.com/redirect?clien ... 0F65AB101E
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Klip Pal -> {a13d85a3-d31a-4f34-b4cd-fce576dc079e} -> C:\Program Files (x86)\Klip Pal\KlipPalbho.dll (Klip Pal)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
FireFox:
========
FF ProfilePath: C:\Users\MilHan\AppData\Roaming\Mozilla\Firefox\Profiles\upu7vk5j.default-1416680617122
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-01-27]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\MilHan\AppData\Roaming\Mozilla\Firefox\Profiles\wtukseka.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com/?type=sc& ... J9GZA04210
Chrome:
=======
CHR Profile: C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-18]
CHR Extension: (Google Search) - C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-18]
CHR Extension: (Skype Click to Call) - C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-31]
CHR Extension: (Gmail) - C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944 2011-09-22] (ESET)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (SEIKO EPSON CORPORATION) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [714208 2014-11-22] (Cherished Technololgy LIMITED)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2012-01-28] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Update Klip Pal; C:\Program Files (x86)\Klip Pal\updateKlipPal.exe [423152 2014-11-22] ()
R2 Util Klip Pal; C:\Program Files (x86)\Klip Pal\bin\utilKlipPal.exe [423152 2014-11-22] ()
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [490640 2014-11-22] (Fuyu LIMITED)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-04-03] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-19] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-04-03] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 {e0f11ce0-b988-4edf-90cb-37fdcbf046be}Gw64; C:\Windows\System32\drivers\{e0f11ce0-b988-4edf-90cb-37fdcbf046be}Gw64.sys [48784 2014-11-22] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-22 19:54 - 2014-11-22 19:56 - 00019656 _____ () C:\Users\MilHan\Desktop\FRST.txt
2014-11-22 19:54 - 2014-11-22 19:55 - 00000000 ____D () C:\FRST
2014-11-22 19:51 - 2014-11-22 19:52 - 00112640 _____ (forum.viry.cz) C:\Users\MilHan\Desktop\FRSTLauncher.exe
2014-11-22 19:51 - 2014-11-22 19:51 - 02118144 _____ (Farbar) C:\Users\MilHan\Desktop\FRST64.exe
2014-11-22 19:39 - 2014-11-22 19:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\MilHan\Downloads\HijackThis.exe
2014-11-22 19:39 - 2014-11-22 19:39 - 00012093 _____ () C:\Users\MilHan\Downloads\hijackthis.log
2014-11-22 19:23 - 2014-11-22 19:23 - 00000000 ____D () C:\Users\MilHan\Desktop\Původní data aplikace Firefox
2014-11-22 19:10 - 2014-11-22 19:10 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-11-22 18:23 - 2014-11-22 19:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-22 18:23 - 2014-11-22 18:23 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-22 18:23 - 2014-11-22 18:23 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-22 18:23 - 2014-11-22 18:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-11-22 18:23 - 2014-11-22 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-22 18:23 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-11-22 18:22 - 2014-11-22 18:28 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-22 18:21 - 2014-11-22 18:22 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\MilHan\Downloads\spybot-2.4.exe
2014-11-22 16:28 - 2014-11-22 16:28 - 00000000 _____ () C:\autoexec.bat
2014-11-22 16:27 - 2014-11-22 16:27 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\MilHan\Downloads\sh-remover.exe
2014-11-22 16:05 - 2014-11-22 16:05 - 00003158 _____ () C:\Windows\System32\Tasks\{86517214-3230-4808-A996-4D31D34F8C61}
2014-11-22 15:55 - 2014-11-22 04:38 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{e0f11ce0-b988-4edf-90cb-37fdcbf046be}Gw64.sys
2014-11-22 15:48 - 2014-11-22 15:48 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.11
2014-11-22 15:47 - 2014-11-22 16:04 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\omiga-plus
2014-11-22 15:47 - 2014-11-22 15:47 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-11-22 15:47 - 2014-11-22 15:47 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-11-22 15:47 - 2014-11-22 15:47 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-11-22 15:46 - 2014-11-22 19:14 - 00000000 ____D () C:\Program Files (x86)\Klip Pal
2014-11-22 15:46 - 2014-11-22 15:49 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
2014-11-22 15:45 - 2014-11-22 15:45 - 00391032 _____ (Software Installer ) C:\Users\MilHan\Downloads\StartDownload.exe
2014-11-19 20:17 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 20:17 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 20:17 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 20:17 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 21:54 - 2014-11-18 21:54 - 00298621 _____ () C:\Users\MilHan\Downloads\wnetwatcher.zip
2014-11-13 21:20 - 2014-11-13 21:20 - 00001860 _____ () C:\Users\MilHan\Desktop\Farming Simulator 15 Dedicated Server.lnk
2014-11-13 21:20 - 2014-11-13 21:20 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farming Simulator 15 v1.1.0.0
2014-11-13 21:20 - 2014-11-13 21:20 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-11-13 21:02 - 2014-11-13 21:02 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-11-13 20:59 - 2014-11-13 20:59 - 00002077 _____ () C:\Users\Public\Desktop\Farming Simulator 15.lnk
2014-11-13 20:41 - 2014-11-13 20:42 - 301115840 _____ (GIANTS Software ) C:\Users\MilHan\Downloads\FarmingSimulator2015Patch1.1.0.1INT.exe
2014-11-13 20:39 - 2014-11-13 20:39 - 00423384 _____ () C:\Users\MilHan\Downloads\giants_Full.exe
2014-11-13 20:27 - 2014-11-13 20:37 - 301603011 _____ () C:\Users\MilHan\Downloads\FarmingSimulator2015Patch1.1INT.rar
2014-11-13 19:44 - 2014-11-13 19:44 - 00000000 __SHD () C:\Users\MilHan\AppData\Local\EmieBrowserModeList
2014-11-13 19:22 - 2014-11-13 21:16 - 00000000 ____D () C:\2-click run
2014-11-13 18:58 - 2014-11-13 18:58 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\Steam
2014-11-13 18:48 - 2014-11-13 21:20 - 00001895 _____ () C:\Users\MilHan\Desktop\Farming Simulator 15.lnk
2014-11-13 18:48 - 2014-11-13 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 15
2014-11-13 18:45 - 2014-11-13 21:15 - 00000000 ____D () C:\Program Files (x86)\Farming Simulator 15
2014-11-13 18:31 - 2014-11-13 18:31 - 00423384 _____ () C:\Users\MilHan\Downloads\fs2015_Full.exe
2014-11-13 15:43 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 15:43 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 15:43 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 15:43 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 15:43 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 15:43 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 15:43 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 15:43 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 15:43 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 15:43 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 15:43 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 15:43 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 15:43 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 15:43 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 15:43 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 15:43 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 15:43 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 15:43 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 15:43 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 15:43 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 15:43 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 15:43 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 15:43 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 15:43 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 15:43 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 15:43 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 15:43 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 15:43 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 15:43 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 15:43 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 15:43 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 15:43 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 15:43 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 15:43 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 15:43 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 15:43 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 15:43 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 15:43 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 15:43 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 15:43 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 15:43 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 15:43 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 15:43 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 15:43 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 15:43 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 15:43 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 15:43 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 15:43 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 15:43 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 15:43 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 15:43 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 15:43 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 15:43 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 15:43 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 15:43 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 15:43 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 15:43 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 15:43 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 15:43 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 15:43 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 15:43 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 15:43 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 15:43 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 15:43 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 15:43 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 15:43 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 15:43 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 15:43 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 15:43 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 15:43 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 15:43 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 15:43 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 15:43 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 15:43 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 15:43 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 15:43 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 15:43 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 15:43 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 15:43 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 15:43 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 15:43 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 15:43 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-13 15:42 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 15:42 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 15:42 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 15:42 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 15:42 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 15:42 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 15:42 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 15:42 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 16:18 - 2014-11-22 19:10 - 00009138 _____ () C:\Windows\PFRO.log
2014-11-12 16:18 - 2014-11-22 19:10 - 00002076 _____ () C:\Windows\setupact.log
2014-11-12 16:18 - 2014-11-12 16:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-11 23:28 - 2014-11-22 16:23 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-11 23:27 - 2014-11-11 23:28 - 36294472 _____ () C:\Users\MilHan\Downloads\Firefox Setup 33.1.exe
2014-11-11 23:09 - 2014-11-11 23:09 - 00148334 _____ () C:\Users\MilHan\Documents\cc_20141111_230927.reg
2014-11-11 22:57 - 2014-11-11 22:58 - 04965896 _____ (Piriform Ltd) C:\Users\MilHan\Downloads\ccsetup418.exe
2014-11-10 17:33 - 2014-11-11 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 18:58 - 2014-11-09 18:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-09 18:58 - 2014-11-09 18:58 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-11-06 16:48 - 2014-11-06 16:48 - 00001874 _____ () C:\Users\MilHan\Downloads\smime.p7s
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-22 19:55 - 2012-01-02 20:50 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-22 19:33 - 2012-07-24 18:02 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-22 19:18 - 2009-07-14 05:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-22 19:18 - 2009-07-14 05:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-22 19:16 - 2009-07-14 16:18 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2014-11-22 19:16 - 2009-07-14 16:18 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2014-11-22 19:16 - 2009-07-14 06:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 19:15 - 2011-01-12 10:18 - 01750315 _____ () C:\Windows\WindowsUpdate.log
2014-11-22 19:14 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2014-11-22 19:11 - 2012-12-16 14:10 - 00000000 ____D () C:\Users\MilHan\AppData\Local\HTC MediaHub
2014-11-22 19:10 - 2012-01-02 20:50 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-22 19:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-22 16:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-11-22 16:28 - 2011-01-21 17:08 - 00000000 ____D () C:\Users\MilHan
2014-11-22 16:03 - 2011-12-02 18:41 - 00000000 ____D () C:\Users\MilHan\AppData\Local\Unity
2014-11-22 15:47 - 2011-03-22 15:02 - 00001355 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-22 15:43 - 2011-01-31 19:16 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\BitComet
2014-11-21 21:40 - 2011-04-03 12:17 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CC61E2C8-EA89-4AEF-AB7B-1AB38EBDD66A}
2014-11-19 20:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-18 13:22 - 2013-11-18 11:08 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-13 20:53 - 2011-06-22 20:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-13 20:50 - 2012-01-02 20:50 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:50 - 2012-01-02 20:50 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 20:11 - 2011-03-20 15:25 - 00000000 ____D () C:\Users\MilHan\Documents\My Games
2014-11-13 18:45 - 2011-02-08 20:21 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\DAEMON Tools Lite
2014-11-13 16:18 - 2009-07-14 05:45 - 00465672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 16:15 - 2014-05-06 20:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 15:47 - 2013-08-19 20:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 15:35 - 2010-10-29 10:39 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 19:33 - 2012-07-24 18:02 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 19:33 - 2012-07-24 18:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 19:33 - 2011-05-13 15:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 16:18 - 2012-06-03 22:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-09 18:58 - 2011-07-24 09:58 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-09 18:58 - 2011-01-22 21:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-04 14:30 - 2010-10-29 10:20 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 5.0 (Enabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.0 (Enabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\MilHan\Desktop" je 30158 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX410 Series
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Users\MilHan\AppData\Local\Temp\E_SD250.tmp" /EF "HKCU" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent
"C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfSaver3
"c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x1
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x1
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-11-2014 01
Ran by MilHan (administrator) on DRAXLERCOMP on 22-11-2014 19:55:45
Running from C:\Users\MilHan\Desktop
Loaded Profile: MilHan (Available profiles: MilHan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Klip Pal\bin\utilKlipPal.exe
() C:\Program Files (x86)\Klip Pal\bin\KlipPal.BrowserAdapter64.exe
() C:\Program Files (x86)\Klip Pal\bin\KlipPal.BrowserAdapter.exe
() C:\Program Files (x86)\Klip Pal\bin\KlipPal.PurBrowse64.exe
() C:\Program Files (x86)\Klip Pal\updateKlipPal.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\MilHan\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [4035152 2011-09-22] (ESET)
HKLM-x32\...\Run: [pdfSaver3] => [X]
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\Run: [] => [X]
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {0275c3cd-5b46-11e1-b0df-485b39953c39} - I:\setup.exe
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {1cf4f75f-3c0d-11e3-afcc-485b39953c39} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {6d499351-477b-11e2-bfb0-806e6f6e6963} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {9f5e7b79-28cf-11e1-8898-485b39953c39} - I:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\...\MountPoints2: {cb5e2836-33b7-11e0-8137-485b39953c39} - J:\Autorun.exe
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKU\S-1-5-21-601112270-1259180275-1720065752-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... J9GZA04210
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
URLSearchHook: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc& ... J9GZA04210
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2481032
SearchScopes: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2481032
SearchScopes: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> {D06527DF-59E0-4074-935C-CEEE83AAF66B} URL = http://websearch.ask.com/redirect?clien ... 0F65AB101E
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Klip Pal -> {a13d85a3-d31a-4f34-b4cd-fce576dc079e} -> C:\Program Files (x86)\Klip Pal\KlipPalbho.dll (Klip Pal)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-601112270-1259180275-1720065752-1000 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
FireFox:
========
FF ProfilePath: C:\Users\MilHan\AppData\Roaming\Mozilla\Firefox\Profiles\upu7vk5j.default-1416680617122
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-01-27]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\MilHan\AppData\Roaming\Mozilla\Firefox\Profiles\wtukseka.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com/?type=sc& ... J9GZA04210
Chrome:
=======
CHR Profile: C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-18]
CHR Extension: (Google Search) - C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-18]
CHR Extension: (Skype Click to Call) - C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-31]
CHR Extension: (Gmail) - C:\Users\MilHan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944 2011-09-22] (ESET)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (SEIKO EPSON CORPORATION) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [714208 2014-11-22] (Cherished Technololgy LIMITED)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2012-01-28] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Update Klip Pal; C:\Program Files (x86)\Klip Pal\updateKlipPal.exe [423152 2014-11-22] ()
R2 Util Klip Pal; C:\Program Files (x86)\Klip Pal\bin\utilKlipPal.exe [423152 2014-11-22] ()
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [490640 2014-11-22] (Fuyu LIMITED)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-04-03] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-19] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-04-03] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 {e0f11ce0-b988-4edf-90cb-37fdcbf046be}Gw64; C:\Windows\System32\drivers\{e0f11ce0-b988-4edf-90cb-37fdcbf046be}Gw64.sys [48784 2014-11-22] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-22 19:54 - 2014-11-22 19:56 - 00019656 _____ () C:\Users\MilHan\Desktop\FRST.txt
2014-11-22 19:54 - 2014-11-22 19:55 - 00000000 ____D () C:\FRST
2014-11-22 19:51 - 2014-11-22 19:52 - 00112640 _____ (forum.viry.cz) C:\Users\MilHan\Desktop\FRSTLauncher.exe
2014-11-22 19:51 - 2014-11-22 19:51 - 02118144 _____ (Farbar) C:\Users\MilHan\Desktop\FRST64.exe
2014-11-22 19:39 - 2014-11-22 19:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\MilHan\Downloads\HijackThis.exe
2014-11-22 19:39 - 2014-11-22 19:39 - 00012093 _____ () C:\Users\MilHan\Downloads\hijackthis.log
2014-11-22 19:23 - 2014-11-22 19:23 - 00000000 ____D () C:\Users\MilHan\Desktop\Původní data aplikace Firefox
2014-11-22 19:10 - 2014-11-22 19:10 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-11-22 18:23 - 2014-11-22 19:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-22 18:23 - 2014-11-22 18:23 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-22 18:23 - 2014-11-22 18:23 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-22 18:23 - 2014-11-22 18:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-11-22 18:23 - 2014-11-22 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-22 18:23 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-11-22 18:22 - 2014-11-22 18:28 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-22 18:21 - 2014-11-22 18:22 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\MilHan\Downloads\spybot-2.4.exe
2014-11-22 16:28 - 2014-11-22 16:28 - 00000000 _____ () C:\autoexec.bat
2014-11-22 16:27 - 2014-11-22 16:27 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\MilHan\Downloads\sh-remover.exe
2014-11-22 16:05 - 2014-11-22 16:05 - 00003158 _____ () C:\Windows\System32\Tasks\{86517214-3230-4808-A996-4D31D34F8C61}
2014-11-22 15:55 - 2014-11-22 04:38 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{e0f11ce0-b988-4edf-90cb-37fdcbf046be}Gw64.sys
2014-11-22 15:48 - 2014-11-22 15:48 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.11
2014-11-22 15:47 - 2014-11-22 16:04 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\omiga-plus
2014-11-22 15:47 - 2014-11-22 15:47 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-11-22 15:47 - 2014-11-22 15:47 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-11-22 15:47 - 2014-11-22 15:47 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-11-22 15:46 - 2014-11-22 19:14 - 00000000 ____D () C:\Program Files (x86)\Klip Pal
2014-11-22 15:46 - 2014-11-22 15:49 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
2014-11-22 15:45 - 2014-11-22 15:45 - 00391032 _____ (Software Installer ) C:\Users\MilHan\Downloads\StartDownload.exe
2014-11-19 20:17 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 20:17 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 20:17 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 20:17 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 21:54 - 2014-11-18 21:54 - 00298621 _____ () C:\Users\MilHan\Downloads\wnetwatcher.zip
2014-11-13 21:20 - 2014-11-13 21:20 - 00001860 _____ () C:\Users\MilHan\Desktop\Farming Simulator 15 Dedicated Server.lnk
2014-11-13 21:20 - 2014-11-13 21:20 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farming Simulator 15 v1.1.0.0
2014-11-13 21:20 - 2014-11-13 21:20 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-11-13 21:02 - 2014-11-13 21:02 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-11-13 20:59 - 2014-11-13 20:59 - 00002077 _____ () C:\Users\Public\Desktop\Farming Simulator 15.lnk
2014-11-13 20:41 - 2014-11-13 20:42 - 301115840 _____ (GIANTS Software ) C:\Users\MilHan\Downloads\FarmingSimulator2015Patch1.1.0.1INT.exe
2014-11-13 20:39 - 2014-11-13 20:39 - 00423384 _____ () C:\Users\MilHan\Downloads\giants_Full.exe
2014-11-13 20:27 - 2014-11-13 20:37 - 301603011 _____ () C:\Users\MilHan\Downloads\FarmingSimulator2015Patch1.1INT.rar
2014-11-13 19:44 - 2014-11-13 19:44 - 00000000 __SHD () C:\Users\MilHan\AppData\Local\EmieBrowserModeList
2014-11-13 19:22 - 2014-11-13 21:16 - 00000000 ____D () C:\2-click run
2014-11-13 18:58 - 2014-11-13 18:58 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\Steam
2014-11-13 18:48 - 2014-11-13 21:20 - 00001895 _____ () C:\Users\MilHan\Desktop\Farming Simulator 15.lnk
2014-11-13 18:48 - 2014-11-13 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 15
2014-11-13 18:45 - 2014-11-13 21:15 - 00000000 ____D () C:\Program Files (x86)\Farming Simulator 15
2014-11-13 18:31 - 2014-11-13 18:31 - 00423384 _____ () C:\Users\MilHan\Downloads\fs2015_Full.exe
2014-11-13 15:43 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 15:43 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 15:43 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 15:43 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 15:43 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 15:43 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 15:43 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 15:43 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 15:43 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 15:43 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 15:43 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 15:43 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 15:43 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 15:43 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 15:43 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 15:43 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 15:43 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 15:43 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 15:43 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 15:43 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 15:43 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 15:43 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 15:43 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 15:43 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 15:43 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 15:43 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 15:43 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 15:43 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 15:43 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 15:43 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 15:43 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 15:43 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 15:43 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 15:43 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 15:43 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 15:43 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 15:43 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 15:43 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 15:43 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 15:43 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 15:43 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 15:43 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 15:43 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 15:43 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 15:43 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 15:43 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 15:43 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 15:43 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 15:43 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 15:43 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 15:43 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 15:43 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 15:43 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 15:43 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 15:43 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 15:43 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 15:43 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 15:43 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 15:43 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 15:43 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 15:43 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 15:43 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 15:43 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 15:43 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 15:43 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 15:43 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 15:43 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 15:43 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 15:43 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 15:43 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 15:43 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 15:43 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 15:43 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 15:43 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 15:43 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 15:43 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 15:43 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 15:43 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 15:43 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 15:43 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 15:43 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 15:43 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-13 15:42 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 15:42 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 15:42 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 15:42 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 15:42 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 15:42 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 15:42 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 15:42 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 15:42 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 15:42 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 16:18 - 2014-11-22 19:10 - 00009138 _____ () C:\Windows\PFRO.log
2014-11-12 16:18 - 2014-11-22 19:10 - 00002076 _____ () C:\Windows\setupact.log
2014-11-12 16:18 - 2014-11-12 16:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-11 23:28 - 2014-11-22 16:23 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-11 23:27 - 2014-11-11 23:28 - 36294472 _____ () C:\Users\MilHan\Downloads\Firefox Setup 33.1.exe
2014-11-11 23:09 - 2014-11-11 23:09 - 00148334 _____ () C:\Users\MilHan\Documents\cc_20141111_230927.reg
2014-11-11 22:57 - 2014-11-11 22:58 - 04965896 _____ (Piriform Ltd) C:\Users\MilHan\Downloads\ccsetup418.exe
2014-11-10 17:33 - 2014-11-11 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 18:58 - 2014-11-09 18:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-09 18:58 - 2014-11-09 18:58 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-11-06 16:48 - 2014-11-06 16:48 - 00001874 _____ () C:\Users\MilHan\Downloads\smime.p7s
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-22 19:55 - 2012-01-02 20:50 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-22 19:33 - 2012-07-24 18:02 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-22 19:18 - 2009-07-14 05:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-22 19:18 - 2009-07-14 05:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-22 19:16 - 2009-07-14 16:18 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2014-11-22 19:16 - 2009-07-14 16:18 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2014-11-22 19:16 - 2009-07-14 06:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 19:15 - 2011-01-12 10:18 - 01750315 _____ () C:\Windows\WindowsUpdate.log
2014-11-22 19:14 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2014-11-22 19:11 - 2012-12-16 14:10 - 00000000 ____D () C:\Users\MilHan\AppData\Local\HTC MediaHub
2014-11-22 19:10 - 2012-01-02 20:50 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-22 19:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-22 16:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-11-22 16:28 - 2011-01-21 17:08 - 00000000 ____D () C:\Users\MilHan
2014-11-22 16:03 - 2011-12-02 18:41 - 00000000 ____D () C:\Users\MilHan\AppData\Local\Unity
2014-11-22 15:47 - 2011-03-22 15:02 - 00001355 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-22 15:43 - 2011-01-31 19:16 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\BitComet
2014-11-21 21:40 - 2011-04-03 12:17 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CC61E2C8-EA89-4AEF-AB7B-1AB38EBDD66A}
2014-11-19 20:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-18 13:22 - 2013-11-18 11:08 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-13 20:53 - 2011-06-22 20:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-13 20:50 - 2012-01-02 20:50 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:50 - 2012-01-02 20:50 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 20:11 - 2011-03-20 15:25 - 00000000 ____D () C:\Users\MilHan\Documents\My Games
2014-11-13 18:45 - 2011-02-08 20:21 - 00000000 ____D () C:\Users\MilHan\AppData\Roaming\DAEMON Tools Lite
2014-11-13 16:18 - 2009-07-14 05:45 - 00465672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 16:15 - 2014-05-06 20:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 15:47 - 2013-08-19 20:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 15:35 - 2010-10-29 10:39 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 19:33 - 2012-07-24 18:02 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 19:33 - 2012-07-24 18:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 19:33 - 2011-05-13 15:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 16:18 - 2012-06-03 22:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-09 18:58 - 2011-07-24 09:58 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-09 18:58 - 2011-01-22 21:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-04 14:30 - 2010-10-29 10:20 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 5.0 (Enabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.0 (Enabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\MilHan\Desktop" je 30158 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX410 Series
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Users\MilHan\AppData\Local\Temp\E_SD250.tmp" /EF "HKCU" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent
"C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfSaver3
"c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x1
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x1
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================