VIRY.CZ

Ahoj. Bratrův stroj je pomalý při startu (černá obrazovka s kurzorem po uvítací obrazovce) navíc nechal avastem mazat nějaký rootkit

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 03
Ran by Pýcha (administrator) on LITE on 12-12-2014 20:07:26
Running from C:\Users\Pýcha\Desktop
Loaded Profile: Pýcha (Available profiles: Pýcha)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\ASTSRV.EXE
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Shadow for ReadyNAS\Shadow.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\Pýcha\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett Packard) C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(forum.viry.cz) C:\Users\Pýcha\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-21] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\...\Run: [Shadow] => C:\Program Files (x86)\NewTech Infosystems\NTI Shadow for ReadyNAS\Shadow.exe [678960 2008-07-30] (NewTech Infosystems, Inc.)
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\Users\Pýcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conect.bat ()
Startup: C:\Users\Pýcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pýcha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2537163052-3349632187-1356214863-1000] => :0
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 - Default Value = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
URLSearchHook: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 - (No Name) - {95289393-33EA-4F8D-B952-483415B9C955} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 -> {539574C9-D649-4802-BF52-86097079F374} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name -> {95289393-33EA-4F8D-B952-483415B9C955} -> No File
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
ShellExecuteHooks-x32: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Pýcha\AppData\Roaming\Mozilla\Firefox\Profiles\xpc7g35v.default
FF Homepage: seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-05-05]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-03-20]

Chrome:
=======
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR DefaultSearchKeyword: Default -> seznam
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?sourceid=quick ... earchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Profile: C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Email) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-11-07]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-11-07]
CHR Extension: (Avast Online Security) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-06]
CHR Extension: (Peněženka Google) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-11-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 astcc; C:\Windows\SysWOW64\astsrv.exe [57344 2008-05-07] (Nalpeiron Ltd.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-12] (Avast Software)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-06-19] (Macrovision Europe Ltd.) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2011-01-21] (HP) [File not signed]
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [124536 2012-12-25] (HP) [File not signed]
R2 MagicTuneEngine; C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe [45056 2007-08-23] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-12] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-12] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-12] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-25] (Disc Soft Ltd)
S3 leafnets; C:\Windows\System32\DRIVERS\leafnets.sys [29696 2013-02-05] (Leaf Networks)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-11-28] (Marvell Semiconductor, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [36456 2014-08-18] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-12] (Avast Software)
S3 cpuz137; \??\C:\Users\PCHA~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 Fwleaf; system32\DRIVERS\fwleaf.sys [X]
S3 getbus; \??\C:\Users\PCHA~1\AppData\Local\Temp\getbus.sys [X]
S3 WPRO_41_1742; system32\drivers\WPRO_41_1742.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-12 20:07 - 2014-12-12 20:08 - 00018942 _____ () C:\Users\Pýcha\Desktop\FRST.txt
2014-12-12 20:07 - 2014-12-12 20:07 - 00000000 ____D () C:\FRST
2014-12-12 20:06 - 2014-12-12 20:06 - 02119680 _____ (Farbar) C:\Users\Pýcha\Desktop\FRST64.exe
2014-12-12 20:06 - 2014-12-12 20:06 - 00112640 _____ (forum.viry.cz) C:\Users\Pýcha\Desktop\FRSTLauncher.exe
2014-12-12 20:05 - 2014-12-12 20:05 - 00001390 _____ () C:\Users\Pýcha\Desktop\AdwCleaner[S3].txt
2014-12-12 20:01 - 2014-12-12 20:01 - 00000197 _____ () C:\Windows\system32\2014-12-12-19-01-17.091-AvastVBoxSVC.exe-3204.log
2014-12-12 19:26 - 2014-12-12 19:26 - 02166272 _____ () C:\Users\Pýcha\Downloads\AdwCleaner (1).exe
2014-12-12 19:26 - 2014-12-12 19:26 - 02166272 _____ () C:\Users\Pýcha\Desktop\AdwCleaner (1).exe
2014-12-12 19:05 - 2014-12-12 19:05 - 00000197 _____ () C:\Windows\system32\2014-12-12-18-05-35.015-AvastVBoxSVC.exe-2820.log
2014-12-12 06:58 - 2014-12-12 06:58 - 00000197 _____ () C:\Windows\system32\2014-12-12-05-58-35.007-AvastVBoxSVC.exe-3196.log
2014-12-11 09:02 - 2014-12-11 09:02 - 00000197 _____ () C:\Windows\system32\2014-12-11-08-02-39.087-AvastVBoxSVC.exe-3176.log
2014-12-11 08:57 - 2014-12-11 08:57 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 08:22 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 08:22 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 08:22 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 08:22 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 08:22 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 08:22 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 08:22 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 08:22 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 08:22 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 08:22 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 08:11 - 2014-12-11 08:11 - 00000197 _____ () C:\Windows\system32\2014-12-11-07-11-00.085-AvastVBoxSVC.exe-3548.log
2014-12-10 06:57 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 06:57 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 06:57 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 06:57 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 06:57 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 06:57 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 06:57 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 06:57 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 06:57 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 06:57 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 06:57 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 06:57 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 06:57 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 06:57 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 06:57 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 06:57 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 06:57 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 06:57 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 06:57 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 06:57 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 06:57 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 06:57 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 06:57 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 06:57 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 06:57 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 06:57 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 06:57 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 06:57 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 06:57 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 06:57 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 06:57 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 06:57 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 06:57 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 06:57 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 06:57 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 06:57 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 06:57 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 06:57 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 06:57 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 06:57 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 06:57 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 06:57 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 06:57 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 06:57 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 06:57 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 06:57 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 06:57 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 06:57 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 06:57 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 06:57 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 06:57 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 06:57 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 06:57 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 06:57 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 06:57 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 06:57 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 06:57 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 06:57 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 06:57 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 06:57 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 06:57 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 06:57 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 06:55 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 06:55 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 06:55 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 06:55 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 06:55 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 06:55 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 06:55 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 06:55 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 06:55 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 06:55 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 06:55 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 06:55 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 06:55 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 06:55 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 06:43 - 2014-12-10 06:43 - 00000197 _____ () C:\Windows\system32\2014-12-10-05-43-43.019-AvastVBoxSVC.exe-2972.log
2014-12-09 06:39 - 2014-12-09 06:39 - 00000197 _____ () C:\Windows\system32\2014-12-09-05-39-13.020-AvastVBoxSVC.exe-2236.log
2014-12-08 07:07 - 2014-12-08 07:07 - 00000197 _____ () C:\Windows\system32\2014-12-08-06-07-01.041-AvastVBoxSVC.exe-2352.log
2014-12-07 13:12 - 2014-12-07 13:12 - 00000197 _____ () C:\Windows\system32\2014-12-07-12-12-01.066-AvastVBoxSVC.exe-2040.log
2014-12-05 06:37 - 2014-12-05 06:38 - 00000197 _____ () C:\Windows\system32\2014-12-05-05-37-57.079-AvastVBoxSVC.exe-520.log
2014-12-04 07:07 - 2014-12-04 07:08 - 00000197 _____ () C:\Windows\system32\2014-12-04-06-07-47.019-AvastVBoxSVC.exe-3404.log
2014-12-03 06:53 - 2014-12-03 06:54 - 00000197 _____ () C:\Windows\system32\2014-12-03-05-53-39.011-AvastVBoxSVC.exe-3960.log
2014-12-02 09:07 - 2014-12-02 09:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-02 06:52 - 2014-12-02 06:52 - 00000197 _____ () C:\Windows\system32\2014-12-02-05-52-28.066-AvastVBoxSVC.exe-3236.log
2014-12-01 12:41 - 2014-12-01 12:41 - 00000197 _____ () C:\Windows\system32\2014-12-01-11-41-50.013-AvastVBoxSVC.exe-3584.log
2014-12-01 07:39 - 2014-12-01 07:39 - 00000197 _____ () C:\Windows\system32\2014-12-01-06-39-53.010-AvastVBoxSVC.exe-3568.log
2014-11-30 08:35 - 2014-11-30 08:35 - 00000197 _____ () C:\Windows\system32\2014-11-30-07-35-19.029-AvastVBoxSVC.exe-3912.log
2014-11-29 10:17 - 2014-11-29 10:17 - 00000197 _____ () C:\Windows\system32\2014-11-29-09-17-02.063-AvastVBoxSVC.exe-3864.log
2014-11-28 07:31 - 2014-11-28 07:31 - 00000197 _____ () C:\Windows\system32\2014-11-28-06-31-17.095-AvastVBoxSVC.exe-3892.log
2014-11-27 11:33 - 2014-11-27 11:34 - 00000197 _____ () C:\Windows\system32\2014-11-27-10-33-54.007-AvastVBoxSVC.exe-2316.log
2014-11-27 11:30 - 2014-11-27 11:31 - 00915704 _____ () C:\Windows\Minidump\112714-30139-01.dmp
2014-11-27 07:06 - 2014-11-27 07:07 - 00000197 _____ () C:\Windows\system32\2014-11-27-06-06-37.059-AvastVBoxSVC.exe-3892.log
2014-11-26 11:58 - 2014-11-26 11:58 - 00000197 _____ () C:\Windows\system32\2014-11-26-10-58-10.085-AvastVBoxSVC.exe-2692.log
2014-11-26 11:52 - 2014-11-26 11:52 - 00819528 _____ () C:\Windows\Minidump\112614-28173-01.dmp
2014-11-26 11:18 - 2014-11-26 11:18 - 00000197 _____ () C:\Windows\system32\2014-11-26-10-18-02.007-AvastVBoxSVC.exe-3860.log
2014-11-26 07:09 - 2014-11-26 07:09 - 00000197 _____ () C:\Windows\system32\2014-11-26-06-09-30.025-AvastVBoxSVC.exe-3264.log
2014-11-25 14:34 - 2014-11-25 15:16 - 741925885 _____ () C:\Users\Pýcha\Downloads\2.mp4
2014-11-25 10:33 - 2014-11-25 10:33 - 00000000 __SHD () C:\Users\Pýcha\AppData\Local\EmieBrowserModeList
2014-11-25 07:34 - 2014-11-25 07:34 - 00000197 _____ () C:\Windows\system32\2014-11-25-06-34-37.046-AvastVBoxSVC.exe-3680.log
2014-11-24 07:31 - 2014-11-24 07:31 - 00000197 _____ () C:\Windows\system32\2014-11-24-06-31-15.057-AvastVBoxSVC.exe-3704.log
2014-11-23 16:57 - 2014-11-23 16:57 - 00000197 _____ () C:\Windows\system32\2014-11-23-15-57-48.002-AvastVBoxSVC.exe-3856.log
2014-11-22 10:32 - 2014-11-22 10:32 - 00000197 _____ () C:\Windows\system32\2014-11-22-09-32-20.018-AvastVBoxSVC.exe-3572.log
2014-11-21 07:40 - 2014-11-21 07:40 - 00000197 _____ () C:\Windows\system32\2014-11-21-06-40-08.094-AvastVBoxSVC.exe-3384.log
2014-11-20 10:11 - 2014-11-20 10:11 - 07240988 _____ () C:\Users\Pýcha\Downloads\znacky_ai.zip
2014-11-20 07:12 - 2014-11-20 07:12 - 00000197 _____ () C:\Windows\system32\2014-11-20-06-12-29.000-AvastVBoxSVC.exe-2948.log
2014-11-19 07:37 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 07:37 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 07:37 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 07:37 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 07:27 - 2014-11-19 07:28 - 00000197 _____ () C:\Windows\system32\2014-11-19-06-27-59.092-AvastVBoxSVC.exe-3260.log
2014-11-18 07:59 - 2014-11-18 07:59 - 00000197 _____ () C:\Windows\system32\2014-11-18-06-59-12.012-AvastVBoxSVC.exe-460.log
2014-11-18 07:50 - 2014-11-18 07:50 - 00000197 _____ () C:\Windows\system32\2014-11-18-06-50-13.019-AvastVBoxSVC.exe-3152.log
2014-11-16 12:51 - 2014-11-16 12:51 - 00000197 _____ () C:\Windows\system32\2014-11-16-11-51-12.020-AvastVBoxSVC.exe-1296.log
2014-11-15 07:39 - 2014-11-15 07:39 - 00000197 _____ () C:\Windows\system32\2014-11-15-06-39-53.016-AvastVBoxSVC.exe-3168.log
2014-11-14 13:31 - 2014-11-14 13:31 - 00000197 _____ () C:\Windows\system32\2014-11-14-12-31-10.055-AvastVBoxSVC.exe-1984.log
2014-11-14 13:15 - 2014-11-14 13:15 - 00000197 _____ () C:\Windows\system32\2014-11-14-12-15-14.057-AvastVBoxSVC.exe-2320.log
2014-11-14 08:35 - 2014-11-14 08:35 - 00000197 _____ () C:\Windows\system32\2014-11-14-07-35-22.015-AvastVBoxSVC.exe-2764.log
2014-11-14 07:47 - 2014-11-14 07:47 - 00000197 _____ () C:\Windows\system32\2014-11-14-06-47-25.041-AvastVBoxSVC.exe-2508.log
2014-11-13 08:30 - 2014-11-13 08:31 - 00000247 _____ () C:\Windows\system32\2014-11-13-07-30-55.072-aswFe.exe-4660.log
2014-11-13 08:21 - 2014-11-13 08:30 - 00000247 _____ () C:\Windows\system32\2014-11-13-07-21-34.054-aswFe.exe-2956.log
2014-11-13 08:21 - 2014-11-13 08:21 - 00000197 _____ () C:\Windows\system32\2014-11-13-07-21-26.044-AvastVBoxSVC.exe-2932.log
2014-11-13 08:13 - 2014-11-13 08:13 - 00000247 _____ () C:\Windows\system32\2014-11-13-07-13-56.036-aswFe.exe-5044.log
2014-11-13 08:13 - 2014-11-13 08:13 - 00000197 _____ () C:\Windows\system32\2014-11-13-07-13-51.060-AvastVBoxSVC.exe-2932.log
2014-11-13 07:32 - 2014-11-13 07:32 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-13 07:32 - 2014-11-13 07:32 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-12 15:14 - 2014-11-12 15:14 - 00001961 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-12 15:13 - 2014-11-12 15:13 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-12 15:13 - 2014-11-12 15:13 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-12 07:19 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:19 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:19 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:19 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:19 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:19 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:19 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:19 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:19 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:17 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:17 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:17 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:17 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 07:17 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:17 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:17 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:17 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:17 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:17 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:17 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:17 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-12 20:05 - 2013-10-07 14:12 - 01582539 _____ () C:\Windows\WindowsUpdate.log
2014-12-12 20:03 - 2014-07-08 07:04 - 00000000 ___RD () C:\Users\Pýcha\Dropbox
2014-12-12 20:03 - 2014-07-08 06:45 - 00000000 ____D () C:\Users\Pýcha\AppData\Roaming\Dropbox
2014-12-12 20:02 - 2012-07-04 14:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-12 20:01 - 2011-05-05 06:44 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-12 20:00 - 2011-05-05 06:44 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-12 20:00 - 2010-06-11 11:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-12 20:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-12 19:58 - 2014-08-19 16:29 - 03986638 _____ () C:\Windows\setupact.log
2014-12-12 19:57 - 2014-08-19 16:29 - 00008286 _____ () C:\Windows\PFRO.log
2014-12-12 19:57 - 2013-10-12 09:50 - 00000000 ____D () C:\AdwCleaner
2014-12-12 19:17 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-12 19:17 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-12 07:45 - 2012-06-06 15:24 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-12 07:12 - 2010-06-19 14:04 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-12-12 07:10 - 2011-05-05 06:45 - 00002220 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 07:06 - 2013-10-12 11:17 - 00000000 ____D () C:\Users\Pýcha\AppData\Local\Adobe
2014-12-11 12:32 - 2011-04-04 06:32 - 00000848 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-12-11 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 09:45 - 2012-06-06 15:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 09:45 - 2012-06-06 15:24 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 09:45 - 2011-06-03 05:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 08:57 - 2014-05-06 15:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 08:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 08:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 08:41 - 2013-10-01 07:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 08:27 - 2010-06-11 12:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 12:29 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-03 06:51 - 2012-05-03 05:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-02 15:59 - 2014-06-11 07:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-02 13:25 - 2009-07-14 06:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-01 11:47 - 2014-08-18 17:22 - 00000000 ____D () C:\Users\Pýcha\AppData\Local\CrashDumps
2014-11-27 11:31 - 2009-07-14 06:08 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-27 11:30 - 2014-09-13 18:24 - 540368396 _____ () C:\Windows\MEMORY.DMP
2014-11-27 11:30 - 2013-10-04 18:00 - 00000000 ____D () C:\Windows\Minidump
2014-11-27 07:39 - 2010-07-07 11:42 - 00000000 ____D () C:\Users\Pýcha\AppData\Local\Thunderbird
2014-11-26 11:38 - 2011-08-29 13:53 - 00002139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-11-26 11:38 - 2010-07-07 11:42 - 00002127 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-11-26 07:11 - 2009-07-14 05:45 - 05539496 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 08:25 - 2010-06-14 12:26 - 00652272 _____ () C:\Users\Pýcha\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-22 10:36 - 2011-05-05 06:44 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-15 07:42 - 2014-07-08 07:04 - 00001016 _____ () C:\Users\Pýcha\Desktop\Dropbox.lnk
2014-11-15 07:42 - 2014-07-08 06:45 - 00000000 ____D () C:\Users\Pýcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 07:55 - 2011-05-05 06:44 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 07:55 - 2011-05-05 06:44 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 15:13 - 2014-04-21 08:47 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-12 15:13 - 2013-12-23 08:45 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-12 15:13 - 2013-03-04 07:52 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-12 15:13 - 2013-03-04 07:52 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-12 15:13 - 2012-02-24 06:52 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-12 15:13 - 2011-05-05 06:44 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-12 15:13 - 2011-05-05 06:44 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

Some content of TEMP:
====================
C:\Users\Pýcha\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkur7qd.dll
C:\Users\Pýcha\AppData\Local\Temp\i4jdel0.exe
C:\Users\Pýcha\AppData\Local\Temp\Quarantine.exe
C:\Users\Pýcha\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 07:25




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:931.41 GB) (Free:577.69 GB) NTFS

Available physical RAM: 1976.49 MB
Total physical RAM: 4087.05 MB
Percentage of memory in use: 51%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8BD36E81)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:AstInfo

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\P�cha\Desktop" je 126 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EZEHM
C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppsHat
C:\Users\P�cha\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\P�cha\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\P�cha\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager
C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FontExpertType1Loader
C:\Program Files (x86)\FontExpert\Type1Loader.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiScreen
C:\Program Files (x86)\MultiScreen\MultiScreen.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shadow
C:\Program Files (x86)\NewTech Infosystems\NTI Shadow for ReadyNAS\Shadow.exe --minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk
C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk
C:\PROGRA~2\Adobe\ACROBA~1.0\Acrobat\ADOBEC~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk
C:\PROGRA~2\Adobe\READER~1.0\Reader\READER~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk
C:\PROGRA~2\Adobe\READER~1.0\Reader\ADOBEC~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk
C:\PROGRA~2\MAGICT~1\GAMMAT~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Register Mask Pro 3.0.lnk
C:\Users\PCHA~1\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^P�cha^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk



***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

# AdwCleaner v4.105 - Report created 12/12/2014 at 19:57:02
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Local]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Pýcha - LITE
# Running from : C:\Users\Pýcha\Desktop\AdwCleaner (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0 (x86 cs)


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [4466 octets] - [12/10/2013 11:20:08]
AdwCleaner[R1].txt - [5739 octets] - [18/08/2014 13:54:42]
AdwCleaner[R2].txt - [5600 octets] - [18/08/2014 16:58:38]
AdwCleaner[R3].txt - [2151 octets] - [12/12/2014 19:26:58]
AdwCleaner[R4].txt - [1327 octets] - [12/12/2014 19:55:28]
AdwCleaner[S0].txt - [341 octets] - [18/08/2014 13:58:07]
AdwCleaner[S1].txt - [5352 octets] - [18/08/2014 16:59:18]
AdwCleaner[S2].txt - [1538 octets] - [12/12/2014 19:28:44]
AdwCleaner[S3].txt - [1250 octets] - [12/12/2014 19:57:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1310 octets] ##########

Ahoj

AdwCleaner ma nejakou starsi databazi, zkus jej stahnout znouvu a spustit

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Opět jsem stáhl adwcleaner na bleepingcomputeru a je to bez nálezu

# AdwCleaner v4.105 - Report created 13/12/2014 at 08:51:26
# Updated 08/12/2014 by Xplode
# Database : 2014-12-12.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Pýcha - LITE
# Running from : C:\Users\Pýcha\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0 (x86 cs)


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [4466 octets] - [12/10/2013 11:20:08]
AdwCleaner[R1].txt - [5739 octets] - [18/08/2014 13:54:42]
AdwCleaner[R2].txt - [5600 octets] - [18/08/2014 16:58:38]
AdwCleaner[R3].txt - [2151 octets] - [12/12/2014 19:26:58]
AdwCleaner[R4].txt - [1327 octets] - [12/12/2014 19:55:28]
AdwCleaner[R5].txt - [1320 octets] - [13/12/2014 08:49:26]
AdwCleaner[S0].txt - [341 octets] - [18/08/2014 13:58:07]
AdwCleaner[S1].txt - [5352 octets] - [18/08/2014 16:59:18]
AdwCleaner[S2].txt - [1538 octets] - [12/12/2014 19:28:44]
AdwCleaner[S3].txt - [1390 octets] - [12/12/2014 19:57:02]
AdwCleaner[S4].txt - [1242 octets] - [13/12/2014 08:51:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1302 octets] ##########

Koukam, ale databaze je jiz aktualni

Jeste to protahni Zoek-em, asi bude treba vypnout Avast

Chvilku trvá, než zoek proběhne.. Tady je log



Zoek.exe v5.0.0.0 Updated 12-December-2014
Tool run by Pěcha on so 13.12.2014 at 9:01:58,54.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PCHA~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13.12.2014 9:07:22 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Redfield deleted successfully
C:\Users\Default\AppData\\LocalGoogle deleted successfully
C:\Users\PCHA~1\AppData\\LocalGoogle deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2537163052-3349632187-1356214863-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-2537163052-3349632187-1356214863-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\PCHA~1\AppData\Roaming\Mozilla\Firefox\Profiles\xpc7g35v.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006");
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("browser.search.order.1", "Google (avast)");
user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006");

Added to C:\Users\PCHA~1\AppData\Roaming\Mozilla\Firefox\Profiles\xpc7g35v.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\PCHA~1\AppData\Roaming\Thunderbird\Profiles\elsbm9sz.default\prefs.js:

Added to C:\Users\PCHA~1\AppData\Roaming\Thunderbird\Profiles\elsbm9sz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\PCHA~1\AppData\Roaming\Mozilla\Firefox\Profiles\xpc7g35v.default

user.js not found
---- Lines FFPDFArchitectConverter@pdfarchitect.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So
---- FireFox user.js and prefs.js backups ----

prefs_13.12.2014_0919_.backup

ProfilePath: C:\Users\PCHA~1\AppData\Roaming\Thunderbird\Profiles\elsbm9sz.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_13.12.2014_0919_.backup

==== Deleting Files \ Folders ======================

C:\Users\PCHA~1\.android deleted
C:\PROGRA~2\Wondershare deleted
C:\Users\PCHA~1\ContentaConverterPREMIUM.tmp deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\PCHA~1\Desktop\AppsHat.lnk deleted
"C:\Users\PCHA~1\AppData\Local\{3722024F-3033-4DC2-87EE-A94B7C379F5E}" deleted
"C:\Users\PCHA~1\AppData\Local\{895BC261-485F-4590-8EBA-ACA49F580E1E}" deleted
"C:\Users\PCHA~1\AppData\Local\{9E5F3F3B-20EE-444B-9286-4024DE64C491}" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []

==== Firefox Extensions ======================

ProfilePath: C:\Users\PCHA~1\AppData\Roaming\Thunderbird\Profiles\elsbm9sz.default
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12.11.2014 15:13]

Seznam Li\u0161ti\u010Dka - Email - PCHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - PCHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Avast Online Security - PCHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Seznam Lištička - Rychlá volba - PCHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Search Bar"="https://www.seznam.cz/?clid=22668"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} Seznam Url="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
{539574C9-D649-4802-BF52-86097079F374} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\PCHA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\PCHA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppsHat deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PCHA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\PCHA~1\AppData\Local\Mozilla\Firefox\Profiles\xpc7g35v.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\PCHA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=311 folders=68 46739111 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\PCHA~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PCHA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 13.12.2014 at 9:28:59,74 ======================

Supr, trochu to promaznul...

Hod po me novy log z FRST

Hned po zoeku jsem ho zapínal.. Jsi neuvěřitelně rychlej

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 03
Ran by Pýcha (administrator) on LITE on 13-12-2014 09:33:33
Running from C:\Users\Pýcha\Desktop
Loaded Profile: Pýcha (Available profiles: Pýcha)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\ASTSRV.EXE
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Shadow for ReadyNAS\Shadow.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Users\Pýcha\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(forum.viry.cz) C:\Users\Pýcha\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\...\Run: [Shadow] => C:\Program Files (x86)\NewTech Infosystems\NTI Shadow for ReadyNAS\Shadow.exe [678960 2008-07-30] (NewTech Infosystems, Inc.)
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\Users\Pýcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conect.bat ()
Startup: C:\Users\Pýcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pýcha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2537163052-3349632187-1356214863-1000] => :0
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 - Default Value = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 -> {539574C9-D649-4802-BF52-86097079F374} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Pýcha\AppData\Roaming\Mozilla\Firefox\Profiles\xpc7g35v.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Pýcha\AppData\Roaming\Mozilla\Firefox\Profiles\xpc7g35v.default\searchplugins\google-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-05-05]

Chrome:
=======
CHR Profile: C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Email) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-11-07]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-11-07]
CHR Extension: (Avast Online Security) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-06]
CHR Extension: (Peněženka Google) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Pýcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-11-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 astcc; C:\Windows\SysWOW64\astsrv.exe [57344 2008-05-07] (Nalpeiron Ltd.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-12] (Avast Software)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-06-19] (Macrovision Europe Ltd.) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2011-01-21] (HP) [File not signed]
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [124536 2012-12-25] (HP) [File not signed]
R2 MagicTuneEngine; C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe [45056 2007-08-23] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-12] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-12] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-12] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-25] (Disc Soft Ltd)
S3 leafnets; C:\Windows\System32\DRIVERS\leafnets.sys [29696 2013-02-05] (Leaf Networks)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-11-28] (Marvell Semiconductor, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [36456 2014-08-18] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-12] (Avast Software)
S3 cpuz137; \??\C:\Users\PCHA~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 Fwleaf; system32\DRIVERS\fwleaf.sys [X]
S3 getbus; \??\C:\Users\PCHA~1\AppData\Local\Temp\getbus.sys [X]
S3 WPRO_41_1742; system32\drivers\WPRO_41_1742.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 09:29 - 2014-12-13 09:29 - 00000197 _____ () C:\Windows\system32\2014-12-13-08-29-17.026-AvastVBoxSVC.exe-2128.log
2014-12-13 09:24 - 2014-12-13 09:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-13 09:06 - 2014-12-13 09:28 - 00014033 _____ () C:\zoek-results.log
2014-12-13 09:01 - 2014-12-13 09:20 - 00000000 ____D () C:\zoek_backup
2014-12-13 09:01 - 2014-12-13 09:01 - 01295360 _____ () C:\Users\Pýcha\Desktop\zoek.exe
2014-12-13 09:00 - 2014-12-13 09:01 - 04131546 _____ () C:\Users\Pýcha\Downloads\zoek.zip
2014-12-13 08:56 - 2014-12-13 08:57 - 00000197 _____ () C:\Windows\system32\2014-12-13-07-56-48.012-AvastVBoxSVC.exe-2124.log
2014-12-13 08:48 - 2014-12-13 08:48 - 02166272 _____ () C:\Users\Pýcha\Desktop\AdwCleaner.exe
2014-12-13 08:44 - 2014-12-13 08:44 - 00000197 _____ () C:\Windows\system32\2014-12-13-07-44-26.074-AvastVBoxSVC.exe-3192.log
2014-12-12 20:07 - 2014-12-13 09:35 - 00016569 _____ () C:\Users\Pýcha\Desktop\FRST.txt
2014-12-12 20:07 - 2014-12-13 09:33 - 00000000 ____D () C:\FRST
2014-12-12 20:06 - 2014-12-12 20:06 - 02119680 _____ (Farbar) C:\Users\Pýcha\Desktop\FRST64.exe
2014-12-12 20:06 - 2014-12-12 20:06 - 00112640 _____ (forum.viry.cz) C:\Users\Pýcha\Desktop\FRSTLauncher.exe
2014-12-12 20:05 - 2014-12-12 20:05 - 00001390 _____ () C:\Users\Pýcha\Desktop\AdwCleaner[S3].txt
2014-12-12 20:01 - 2014-12-12 20:01 - 00000197 _____ () C:\Windows\system32\2014-12-12-19-01-17.091-AvastVBoxSVC.exe-3204.log
2014-12-12 19:26 - 2014-12-12 19:26 - 02166272 _____ () C:\Users\Pýcha\Downloads\AdwCleaner (1).exe
2014-12-12 19:26 - 2014-12-12 19:26 - 02166272 _____ () C:\Users\Pýcha\Desktop\AdwCleaner (1).exe
2014-12-12 19:05 - 2014-12-12 19:05 - 00000197 _____ () C:\Windows\system32\2014-12-12-18-05-35.015-AvastVBoxSVC.exe-2820.log
2014-12-12 06:58 - 2014-12-12 06:58 - 00000197 _____ () C:\Windows\system32\2014-12-12-05-58-35.007-AvastVBoxSVC.exe-3196.log
2014-12-11 09:02 - 2014-12-11 09:02 - 00000197 _____ () C:\Windows\system32\2014-12-11-08-02-39.087-AvastVBoxSVC.exe-3176.log
2014-12-11 08:57 - 2014-12-11 08:57 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 08:22 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 08:22 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 08:22 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 08:22 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 08:22 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 08:22 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 08:22 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 08:22 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 08:22 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 08:22 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 08:11 - 2014-12-11 08:11 - 00000197 _____ () C:\Windows\system32\2014-12-11-07-11-00.085-AvastVBoxSVC.exe-3548.log
2014-12-10 06:57 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 06:57 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 06:57 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 06:57 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 06:57 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 06:57 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 06:57 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 06:57 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 06:57 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 06:57 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 06:57 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 06:57 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 06:57 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 06:57 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 06:57 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 06:57 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 06:57 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 06:57 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 06:57 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 06:57 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 06:57 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 06:57 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 06:57 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 06:57 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 06:57 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 06:57 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 06:57 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 06:57 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 06:57 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 06:57 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 06:57 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 06:57 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 06:57 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 06:57 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 06:57 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 06:57 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 06:57 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 06:57 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 06:57 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 06:57 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 06:57 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 06:57 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 06:57 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 06:57 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 06:57 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 06:57 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 06:57 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 06:57 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 06:57 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 06:57 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 06:57 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 06:57 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 06:57 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 06:57 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 06:57 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 06:57 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 06:57 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 06:57 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 06:57 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 06:57 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 06:57 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 06:57 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 06:57 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 06:55 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 06:55 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 06:55 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 06:55 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 06:55 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 06:55 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 06:55 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 06:55 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 06:55 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 06:55 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 06:55 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 06:55 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 06:55 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 06:55 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 06:43 - 2014-12-10 06:43 - 00000197 _____ () C:\Windows\system32\2014-12-10-05-43-43.019-AvastVBoxSVC.exe-2972.log
2014-12-09 06:39 - 2014-12-09 06:39 - 00000197 _____ () C:\Windows\system32\2014-12-09-05-39-13.020-AvastVBoxSVC.exe-2236.log
2014-12-08 07:07 - 2014-12-08 07:07 - 00000197 _____ () C:\Windows\system32\2014-12-08-06-07-01.041-AvastVBoxSVC.exe-2352.log
2014-12-07 13:12 - 2014-12-07 13:12 - 00000197 _____ () C:\Windows\system32\2014-12-07-12-12-01.066-AvastVBoxSVC.exe-2040.log
2014-12-05 06:37 - 2014-12-05 06:38 - 00000197 _____ () C:\Windows\system32\2014-12-05-05-37-57.079-AvastVBoxSVC.exe-520.log
2014-12-04 07:07 - 2014-12-04 07:08 - 00000197 _____ () C:\Windows\system32\2014-12-04-06-07-47.019-AvastVBoxSVC.exe-3404.log
2014-12-03 06:53 - 2014-12-03 06:54 - 00000197 _____ () C:\Windows\system32\2014-12-03-05-53-39.011-AvastVBoxSVC.exe-3960.log
2014-12-02 09:07 - 2014-12-02 09:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-02 06:52 - 2014-12-02 06:52 - 00000197 _____ () C:\Windows\system32\2014-12-02-05-52-28.066-AvastVBoxSVC.exe-3236.log
2014-12-01 12:41 - 2014-12-01 12:41 - 00000197 _____ () C:\Windows\system32\2014-12-01-11-41-50.013-AvastVBoxSVC.exe-3584.log
2014-12-01 07:39 - 2014-12-01 07:39 - 00000197 _____ () C:\Windows\system32\2014-12-01-06-39-53.010-AvastVBoxSVC.exe-3568.log
2014-11-30 08:35 - 2014-11-30 08:35 - 00000197 _____ () C:\Windows\system32\2014-11-30-07-35-19.029-AvastVBoxSVC.exe-3912.log
2014-11-29 10:17 - 2014-11-29 10:17 - 00000197 _____ () C:\Windows\system32\2014-11-29-09-17-02.063-AvastVBoxSVC.exe-3864.log
2014-11-28 07:31 - 2014-11-28 07:31 - 00000197 _____ () C:\Windows\system32\2014-11-28-06-31-17.095-AvastVBoxSVC.exe-3892.log
2014-11-27 11:33 - 2014-11-27 11:34 - 00000197 _____ () C:\Windows\system32\2014-11-27-10-33-54.007-AvastVBoxSVC.exe-2316.log
2014-11-27 11:30 - 2014-11-27 11:31 - 00915704 _____ () C:\Windows\Minidump\112714-30139-01.dmp
2014-11-27 07:06 - 2014-11-27 07:07 - 00000197 _____ () C:\Windows\system32\2014-11-27-06-06-37.059-AvastVBoxSVC.exe-3892.log
2014-11-26 11:58 - 2014-11-26 11:58 - 00000197 _____ () C:\Windows\system32\2014-11-26-10-58-10.085-AvastVBoxSVC.exe-2692.log
2014-11-26 11:52 - 2014-11-26 11:52 - 00819528 _____ () C:\Windows\Minidump\112614-28173-01.dmp
2014-11-26 11:18 - 2014-11-26 11:18 - 00000197 _____ () C:\Windows\system32\2014-11-26-10-18-02.007-AvastVBoxSVC.exe-3860.log
2014-11-26 07:09 - 2014-11-26 07:09 - 00000197 _____ () C:\Windows\system32\2014-11-26-06-09-30.025-AvastVBoxSVC.exe-3264.log
2014-11-25 14:34 - 2014-11-25 15:16 - 741925885 _____ () C:\Users\Pýcha\Downloads\2.mp4
2014-11-25 10:33 - 2014-11-25 10:33 - 00000000 __SHD () C:\Users\Pýcha\AppData\Local\EmieBrowserModeList
2014-11-25 07:34 - 2014-11-25 07:34 - 00000197 _____ () C:\Windows\system32\2014-11-25-06-34-37.046-AvastVBoxSVC.exe-3680.log
2014-11-24 07:31 - 2014-11-24 07:31 - 00000197 _____ () C:\Windows\system32\2014-11-24-06-31-15.057-AvastVBoxSVC.exe-3704.log
2014-11-23 16:57 - 2014-11-23 16:57 - 00000197 _____ () C:\Windows\system32\2014-11-23-15-57-48.002-AvastVBoxSVC.exe-3856.log
2014-11-22 10:32 - 2014-11-22 10:32 - 00000197 _____ () C:\Windows\system32\2014-11-22-09-32-20.018-AvastVBoxSVC.exe-3572.log
2014-11-21 07:40 - 2014-11-21 07:40 - 00000197 _____ () C:\Windows\system32\2014-11-21-06-40-08.094-AvastVBoxSVC.exe-3384.log
2014-11-20 10:11 - 2014-11-20 10:11 - 07240988 _____ () C:\Users\Pýcha\Downloads\znacky_ai.zip
2014-11-20 07:12 - 2014-11-20 07:12 - 00000197 _____ () C:\Windows\system32\2014-11-20-06-12-29.000-AvastVBoxSVC.exe-2948.log
2014-11-19 07:37 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 07:37 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 07:37 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 07:37 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 07:27 - 2014-11-19 07:28 - 00000197 _____ () C:\Windows\system32\2014-11-19-06-27-59.092-AvastVBoxSVC.exe-3260.log
2014-11-18 07:59 - 2014-11-18 07:59 - 00000197 _____ () C:\Windows\system32\2014-11-18-06-59-12.012-AvastVBoxSVC.exe-460.log
2014-11-18 07:50 - 2014-11-18 07:50 - 00000197 _____ () C:\Windows\system32\2014-11-18-06-50-13.019-AvastVBoxSVC.exe-3152.log
2014-11-16 12:51 - 2014-11-16 12:51 - 00000197 _____ () C:\Windows\system32\2014-11-16-11-51-12.020-AvastVBoxSVC.exe-1296.log
2014-11-15 07:39 - 2014-11-15 07:39 - 00000197 _____ () C:\Windows\system32\2014-11-15-06-39-53.016-AvastVBoxSVC.exe-3168.log
2014-11-14 13:31 - 2014-11-14 13:31 - 00000197 _____ () C:\Windows\system32\2014-11-14-12-31-10.055-AvastVBoxSVC.exe-1984.log
2014-11-14 13:15 - 2014-11-14 13:15 - 00000197 _____ () C:\Windows\system32\2014-11-14-12-15-14.057-AvastVBoxSVC.exe-2320.log
2014-11-14 08:35 - 2014-11-14 08:35 - 00000197 _____ () C:\Windows\system32\2014-11-14-07-35-22.015-AvastVBoxSVC.exe-2764.log
2014-11-14 07:47 - 2014-11-14 07:47 - 00000197 _____ () C:\Windows\system32\2014-11-14-06-47-25.041-AvastVBoxSVC.exe-2508.log
2014-11-13 08:30 - 2014-11-13 08:31 - 00000247 _____ () C:\Windows\system32\2014-11-13-07-30-55.072-aswFe.exe-4660.log
2014-11-13 08:21 - 2014-11-13 08:30 - 00000247 _____ () C:\Windows\system32\2014-11-13-07-21-34.054-aswFe.exe-2956.log
2014-11-13 08:21 - 2014-11-13 08:21 - 00000197 _____ () C:\Windows\system32\2014-11-13-07-21-26.044-AvastVBoxSVC.exe-2932.log
2014-11-13 08:13 - 2014-11-13 08:13 - 00000247 _____ () C:\Windows\system32\2014-11-13-07-13-56.036-aswFe.exe-5044.log
2014-11-13 08:13 - 2014-11-13 08:13 - 00000197 _____ () C:\Windows\system32\2014-11-13-07-13-51.060-AvastVBoxSVC.exe-2932.log
2014-11-13 07:32 - 2014-11-13 07:32 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-13 07:32 - 2014-11-13 07:32 - 00000000 ____D () C:\Windows\system32\vbox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 09:34 - 2013-10-07 14:12 - 01665001 _____ () C:\Windows\WindowsUpdate.log
2014-12-13 09:30 - 2014-07-08 07:04 - 00000000 ___RD () C:\Users\Pýcha\Dropbox
2014-12-13 09:30 - 2014-07-08 06:45 - 00000000 ____D () C:\Users\Pýcha\AppData\Roaming\Dropbox
2014-12-13 09:29 - 2012-07-04 14:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-13 09:26 - 2011-05-05 06:44 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-13 09:26 - 2010-06-11 11:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-13 09:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-13 09:25 - 2014-08-19 16:29 - 03986806 _____ () C:\Windows\setupact.log
2014-12-13 09:25 - 2014-08-19 16:29 - 00008934 _____ () C:\Windows\PFRO.log
2014-12-13 09:20 - 2010-06-11 11:22 - 00000000 ____D () C:\Users\Pýcha
2014-12-13 09:05 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 09:05 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 09:00 - 2011-05-05 06:44 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-13 08:51 - 2013-10-12 09:50 - 00000000 ____D () C:\AdwCleaner
2014-12-13 08:48 - 2011-11-09 14:59 - 00001126 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-13 08:45 - 2012-06-06 15:24 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-12 07:12 - 2010-06-19 14:04 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-12-12 07:10 - 2011-05-05 06:45 - 00002220 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 07:06 - 2013-10-12 11:17 - 00000000 ____D () C:\Users\Pýcha\AppData\Local\Adobe
2014-12-11 12:32 - 2011-04-04 06:32 - 00000848 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-12-11 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 09:45 - 2012-06-06 15:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 09:45 - 2012-06-06 15:24 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 09:45 - 2011-06-03 05:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 08:57 - 2014-05-06 15:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 08:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 08:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 08:41 - 2013-10-01 07:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 08:27 - 2010-06-11 12:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 12:29 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-03 06:51 - 2012-05-03 05:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-02 15:59 - 2014-06-11 07:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-02 13:25 - 2009-07-14 06:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-01 11:47 - 2014-08-18 17:22 - 00000000 ____D () C:\Users\Pýcha\AppData\Local\CrashDumps
2014-11-27 11:31 - 2009-07-14 06:08 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-27 11:30 - 2014-09-13 18:24 - 540368396 _____ () C:\Windows\MEMORY.DMP
2014-11-27 11:30 - 2013-10-04 18:00 - 00000000 ____D () C:\Windows\Minidump
2014-11-27 07:39 - 2010-07-07 11:42 - 00000000 ____D () C:\Users\Pýcha\AppData\Local\Thunderbird
2014-11-26 11:38 - 2011-08-29 13:53 - 00002139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-11-26 11:38 - 2010-07-07 11:42 - 00002127 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-11-26 07:11 - 2009-07-14 05:45 - 05539496 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 08:25 - 2010-06-14 12:26 - 00652272 _____ () C:\Users\Pýcha\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-22 10:36 - 2011-05-05 06:44 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-15 07:42 - 2014-07-08 07:04 - 00001016 _____ () C:\Users\Pýcha\Desktop\Dropbox.lnk
2014-11-15 07:42 - 2014-07-08 06:45 - 00000000 ____D () C:\Users\Pýcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 07:55 - 2011-05-05 06:44 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 07:55 - 2011-05-05 06:44 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Pýcha\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyhxqh_.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 07:25




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:931.41 GB) (Free:624.73 GB) NTFS

Available physical RAM: 2220.36 MB
Total physical RAM: 4087.05 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8BD36E81)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:AstInfo

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\P�cha\Desktop" je 129 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EZEHM
C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager
C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FontExpertType1Loader
C:\Program Files (x86)\FontExpert\Type1Loader.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiScreen
C:\Program Files (x86)\MultiScreen\MultiScreen.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shadow
C:\Program Files (x86)\NewTech Infosystems\NTI Shadow for ReadyNAS\Shadow.exe --minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk
C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk
C:\PROGRA~2\Adobe\ACROBA~1.0\Acrobat\ADOBEC~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk
C:\PROGRA~2\Adobe\READER~1.0\Reader\READER~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk
C:\PROGRA~2\Adobe\READER~1.0\Reader\ADOBEC~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk
C:\PROGRA~2\MAGICT~1\GAMMAT~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Register Mask Pro 3.0.lnk
C:\Users\PCHA~1\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^P�cha^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk



***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Kdyz jsem u PC, tak to jde rychle

Vytvor fixlist s obsahem nize, spust FRST a klik na FIX

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-12-2014 03
Ran by Pýcha at 2014-12-14 19:42:15 Run:2
Running from C:\Users\Pýcha\Desktop
Loaded Profile: Pýcha (Available profiles: Pýcha)
Boot Mode: Safe Mode (minimal)
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/ww.special-uninstall ... AEQAQwBMAA"&"inst=NwA2AC0ANQAwADkAMgA0ADgAMAA5ADIALQBYAE8AMwA2ACsAMQAtAE4AMQBEACsAMQAtAFAATAArADkALQBDAEkAQQA5ADAAKwAyAA"&"prod=92"&"ver=9.0.894
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\Users\Pýcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conect.bat ()

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2537163052-3349632187-1356214863-1000] => :0
earchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-2537163052-3349632187-1356214863-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

DisableService: Nero BackItUp Scheduler 3
DisableService: NMIndexingService

S3 cpuz137; \??\C:\Users\PCHA~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 Fwleaf; system32\DRIVERS\fwleaf.sys [X]
S3 getbus; \??\C:\Users\PCHA~1\AppData\Local\Temp\getbus.sys [X]
S3 WPRO_41_1742; system32\drivers\WPRO_41_1742.sys [X]

2014-12-13 09:29 - 2014-12-13 09:29 - 00000197 _____ () C:\Windows\system32\2014-12-13-08-29-17.026-AvastVBoxSVC.exe-2128.log
2014-12-13 09:24 - 2014-12-13 09:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-13 09:06 - 2014-12-13 09:28 - 00014033 _____ () C:\zoek-results.log
2014-12-13 09:01 - 2014-12-13 09:20 - 00000000 ____D () C:\zoek_backup
2014-12-13 09:01 - 2014-12-13 09:01 - 01295360 _____ () C:\Users\Pýcha\Desktop\zoek.exe
2014-12-13 09:00 - 2014-12-13 09:01 - 04131546 _____ () C:\Users\Pýcha\Downloads\zoek.zip
2014-12-13 08:56 - 2014-12-13 08:57 - 00000197 _____ () C:\Windows\system32\2014-12-13-07-56-48.012-AvastVBoxSVC.exe-2124.log
2014-12-13 08:48 - 2014-12-13 08:48 - 02166272 _____ () C:\Users\Pýcha\Desktop\AdwCleaner.exe
2014-12-13 08:44 - 2014-12-13 08:44 - 00000197 _____ () C:\Windows\system32\2014-12-13-07-44-26.074-AvastVBoxSVC.exe-3192.log
2014-12-12 20:07 - 2014-12-13 09:35 - 00016569 _____ () C:\Users\Pýcha\Desktop\FRST.txt
2014-12-12 20:06 - 2014-12-12 20:06 - 00112640 _____ (forum.viry.cz) C:\Users\Pýcha\Desktop\FRSTLauncher.exe
2014-12-12 20:05 - 2014-12-12 20:05 - 00001390 _____ () C:\Users\Pýcha\Desktop\AdwCleaner[S3].txt
2014-12-12 20:01 - 2014-12-12 20:01 - 00000197 _____ () C:\Windows\system32\2014-12-12-19-01-17.091-AvastVBoxSVC.exe-3204.log
2014-12-12 19:26 - 2014-12-12 19:26 - 02166272 _____ () C:\Users\Pýcha\Downloads\AdwCleaner (1).exe
2014-12-12 19:26 - 2014-12-12 19:26 - 02166272 _____ () C:\Users\Pýcha\Desktop\AdwCleaner (1).exe
2014-12-12 19:05 - 2014-12-12 19:05 - 00000197 _____ () C:\Windows\system32\2014-12-12-18-05-35.015-AvastVBoxSVC.exe-2820.log
2014-12-12 06:58 - 2014-12-12 06:58 - 00000197 _____ () C:\Windows\system32\2014-12-12-05-58-35.007-AvastVBoxSVC.exe-3196.log
2014-12-11 09:02 - 2014-12-11 09:02 - 00000197 _____ () C:\Windows\system32\2014-12-11-08-02-39.087-AvastVBoxSVC.exe-3176.log
2014-12-11 08:11 - 2014-12-11 08:11 - 00000197 _____ () C:\Windows\system32\2014-12-11-07-11-00.085-AvastVBoxSVC.exe-3548.log
2014-12-10 06:43 - 2014-12-10 06:43 - 00000197 _____ () C:\Windows\system32\2014-12-10-05-43-43.019-AvastVBoxSVC.exe-2972.log
2014-12-09 06:39 - 2014-12-09 06:39 - 00000197 _____ () C:\Windows\system32\2014-12-09-05-39-13.020-AvastVBoxSVC.exe-2236.log
2014-12-08 07:07 - 2014-12-08 07:07 - 00000197 _____ () C:\Windows\system32\2014-12-08-06-07-01.041-AvastVBoxSVC.exe-2352.log
2014-12-07 13:12 - 2014-12-07 13:12 - 00000197 _____ () C:\Windows\system32\2014-12-07-12-12-01.066-AvastVBoxSVC.exe-2040.log
2014-12-05 06:37 - 2014-12-05 06:38 - 00000197 _____ () C:\Windows\system32\2014-12-05-05-37-57.079-AvastVBoxSVC.exe-520.log
2014-12-04 07:07 - 2014-12-04 07:08 - 00000197 _____ () C:\Windows\system32\2014-12-04-06-07-47.019-AvastVBoxSVC.exe-3404.log
2014-12-03 06:53 - 2014-12-03 06:54 - 00000197 _____ () C:\Windows\system32\2014-12-03-05-53-39.011-AvastVBoxSVC.exe-3960.log
2014-12-02 06:52 - 2014-12-02 06:52 - 00000197 _____ () C:\Windows\system32\2014-12-02-05-52-28.066-AvastVBoxSVC.exe-3236.log
2014-12-01 12:41 - 2014-12-01 12:41 - 00000197 _____ () C:\Windows\system32\2014-12-01-11-41-50.013-AvastVBoxSVC.exe-3584.log
2014-12-01 07:39 - 2014-12-01 07:39 - 00000197 _____ () C:\Windows\system32\2014-12-01-06-39-53.010-AvastVBoxSVC.exe-3568.log
2014-11-30 08:35 - 2014-11-30 08:35 - 00000197 _____ () C:\Windows\system32\2014-11-30-07-35-19.029-AvastVBoxSVC.exe-3912.log
2014-11-29 10:17 - 2014-11-29 10:17 - 00000197 _____ () C:\Windows\system32\2014-11-29-09-17-02.063-AvastVBoxSVC.exe-3864.log
2014-11-28 07:31 - 2014-11-28 07:31 - 00000197 _____ () C:\Windows\system32\2014-11-28-06-31-17.095-AvastVBoxSVC.exe-3892.log
2014-11-27 11:33 - 2014-11-27 11:34 - 00000197 _____ () C:\Windows\system32\2014-11-27-10-33-54.007-AvastVBoxSVC.exe-2316.log
2014-11-27 07:06 - 2014-11-27 07:07 - 00000197 _____ () C:\Windows\system32\2014-11-27-06-06-37.059-AvastVBoxSVC.exe-3892.log
2014-11-26 11:58 - 2014-11-26 11:58 - 00000197 _____ () C:\Windows\system32\2014-11-26-10-58-10.085-AvastVBoxSVC.exe-2692.log
2014-11-26 11:18 - 2014-11-26 11:18 - 00000197 _____ () C:\Windows\system32\2014-11-26-10-18-02.007-AvastVBoxSVC.exe-3860.log
2014-11-26 07:09 - 2014-11-26 07:09 - 00000197 _____ () C:\Windows\system32\2014-11-26-06-09-30.025-AvastVBoxSVC.exe-3264.log
014-11-25 07:34 - 2014-11-25 07:34 - 00000197 _____ () C:\Windows\system32\2014-11-25-06-34-37.046-AvastVBoxSVC.exe-3680.log
2014-11-24 07:31 - 2014-11-24 07:31 - 00000197 _____ () C:\Windows\system32\2014-11-24-06-31-15.057-AvastVBoxSVC.exe-3704.log
2014-11-23 16:57 - 2014-11-23 16:57 - 00000197 _____ () C:\Windows\system32\2014-11-23-15-57-48.002-AvastVBoxSVC.exe-3856.log
2014-11-22 10:32 - 2014-11-22 10:32 - 00000197 _____ () C:\Windows\system32\2014-11-22-09-32-20.018-AvastVBoxSVC.exe-3572.log
2014-11-21 07:40 - 2014-11-21 07:40 - 00000197 _____ () C:\Windows\system32\2014-11-21-06-40-08.094-AvastVBoxSVC.exe-3384.log
2014-11-20 07:12 - 2014-11-20 07:12 - 00000197 _____ () C:\Windows\system32\2014-11-20-06-12-29.000-AvastVBoxSVC.exe-2948.log
2014-11-19 07:27 - 2014-11-19 07:28 - 00000197 _____ () C:\Windows\system32\2014-11-19-06-27-59.092-AvastVBoxSVC.exe-3260.log
2014-11-18 07:59 - 2014-11-18 07:59 - 00000197 _____ () C:\Windows\system32\2014-11-18-06-59-12.012-AvastVBoxSVC.exe-460.log
2014-11-18 07:50 - 2014-11-18 07:50 - 00000197 _____ () C:\Windows\system32\2014-11-18-06-50-13.019-AvastVBoxSVC.exe-3152.log
2014-11-16 12:51 - 2014-11-16 12:51 - 00000197 _____ () C:\Windows\system32\2014-11-16-11-51-12.020-AvastVBoxSVC.exe-1296.log
2014-11-15 07:39 - 2014-11-15 07:39 - 00000197 _____ () C:\Windows\system32\2014-11-15-06-39-53.016-AvastVBoxSVC.exe-3168.log
2014-11-14 13:31 - 2014-11-14 13:31 - 00000197 _____ () C:\Windows\system32\2014-11-14-12-31-10.055-AvastVBoxSVC.exe-1984.log
2014-11-14 13:15 - 2014-11-14 13:15 - 00000197 _____ () C:\Windows\system32\2014-11-14-12-15-14.057-AvastVBoxSVC.exe-2320.log
2014-11-14 08:35 - 2014-11-14 08:35 - 00000197 _____ () C:\Windows\system32\2014-11-14-07-35-22.015-AvastVBoxSVC.exe-2764.log
2014-11-14 07:47 - 2014-11-14 07:47 - 00000197 _____ () C:\Windows\system32\2014-11-14-06-47-25.041-AvastVBoxSVC.exe-2508.log
2014-11-13 08:30 - 2014-11-13 08:31 - 00000247 _____ () C:\Windows\system32\2014-11-13-07-30-55.072-aswFe.exe-4660.log
2014-11-13 08:21 - 2014-11-13 08:30 - 00000247 _____ () C:\Windows\system32\2014-11-13-07-21-34.054-aswFe.exe-2956.log
2014-11-13 08:21 - 2014-11-13 08:21 - 00000197 _____ () C:\Windows\system32\2014-11-13-07-21-26.044-AvastVBoxSVC.exe-2932.log
2014-11-13 08:13 - 2014-11-13 08:13 - 00000247 _____ () C:\Windows\system32\2014-11-13-07-13-56.036-aswFe.exe-5044.log
2014-11-13 08:13 - 2014-11-13 08:13 - 00000197 _____ () C:\Windows\system32\2014-11-13-07-13-51.060-AvastVBoxSVC.exe-2932.log

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Register Mask Pro 3.0.lnk" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\AvgUninstallURL => value deleted successfully.
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
C:\Users\Pýcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conect.bat not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
earchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
HKU\S-1-5-21-2537163052-3349632187-1356214863-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
"HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => Key not found.
Nero BackItUp Scheduler 3 service was disabled
NMIndexingService service was disabled
cpuz137 => Service deleted successfully.
Fwleaf => Service deleted successfully.
getbus => Service deleted successfully.
WPRO_41_1742 => Service deleted successfully.
C:\Windows\system32\2014-12-13-08-29-17.026-AvastVBoxSVC.exe-2128.log => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Pýcha\Desktop\zoek.exe => Moved successfully.
C:\Users\Pýcha\Downloads\zoek.zip => Moved successfully.
C:\Windows\system32\2014-12-13-07-56-48.012-AvastVBoxSVC.exe-2124.log => Moved successfully.
C:\Users\Pýcha\Desktop\AdwCleaner.exe => Moved successfully.
C:\Windows\system32\2014-12-13-07-44-26.074-AvastVBoxSVC.exe-3192.log => Moved successfully.
"C:\Users\Pýcha\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Pýcha\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Pýcha\Desktop\AdwCleaner[S3].txt => Moved successfully.
C:\Windows\system32\2014-12-12-19-01-17.091-AvastVBoxSVC.exe-3204.log => Moved successfully.
C:\Users\Pýcha\Downloads\AdwCleaner (1).exe => Moved successfully.
C:\Users\Pýcha\Desktop\AdwCleaner (1).exe => Moved successfully.
C:\Windows\system32\2014-12-12-18-05-35.015-AvastVBoxSVC.exe-2820.log => Moved successfully.
C:\Windows\system32\2014-12-12-05-58-35.007-AvastVBoxSVC.exe-3196.log => Moved successfully.
C:\Windows\system32\2014-12-11-08-02-39.087-AvastVBoxSVC.exe-3176.log => Moved successfully.
C:\Windows\system32\2014-12-11-07-11-00.085-AvastVBoxSVC.exe-3548.log => Moved successfully.
C:\Windows\system32\2014-12-10-05-43-43.019-AvastVBoxSVC.exe-2972.log => Moved successfully.
C:\Windows\system32\2014-12-09-05-39-13.020-AvastVBoxSVC.exe-2236.log => Moved successfully.
C:\Windows\system32\2014-12-08-06-07-01.041-AvastVBoxSVC.exe-2352.log => Moved successfully.
C:\Windows\system32\2014-12-07-12-12-01.066-AvastVBoxSVC.exe-2040.log => Moved successfully.
C:\Windows\system32\2014-12-05-05-37-57.079-AvastVBoxSVC.exe-520.log => Moved successfully.
C:\Windows\system32\2014-12-04-06-07-47.019-AvastVBoxSVC.exe-3404.log => Moved successfully.
C:\Windows\system32\2014-12-03-05-53-39.011-AvastVBoxSVC.exe-3960.log => Moved successfully.
C:\Windows\system32\2014-12-02-05-52-28.066-AvastVBoxSVC.exe-3236.log => Moved successfully.
C:\Windows\system32\2014-12-01-11-41-50.013-AvastVBoxSVC.exe-3584.log => Moved successfully.
C:\Windows\system32\2014-12-01-06-39-53.010-AvastVBoxSVC.exe-3568.log => Moved successfully.
C:\Windows\system32\2014-11-30-07-35-19.029-AvastVBoxSVC.exe-3912.log => Moved successfully.
C:\Windows\system32\2014-11-29-09-17-02.063-AvastVBoxSVC.exe-3864.log => Moved successfully.
C:\Windows\system32\2014-11-28-06-31-17.095-AvastVBoxSVC.exe-3892.log => Moved successfully.
C:\Windows\system32\2014-11-27-10-33-54.007-AvastVBoxSVC.exe-2316.log => Moved successfully.
C:\Windows\system32\2014-11-27-06-06-37.059-AvastVBoxSVC.exe-3892.log => Moved successfully.
C:\Windows\system32\2014-11-26-10-58-10.085-AvastVBoxSVC.exe-2692.log => Moved successfully.
C:\Windows\system32\2014-11-26-10-18-02.007-AvastVBoxSVC.exe-3860.log => Moved successfully.
C:\Windows\system32\2014-11-26-06-09-30.025-AvastVBoxSVC.exe-3264.log => Moved successfully.
014-11-25 07:34 - 2014-11-25 07:34 - 00000197 _____ () C:\Windows\system32\2014-11-25-06-34-37.046-AvastVBoxSVC.exe-3680.log => Error: No automatic fix found for this entry.
C:\Windows\system32\2014-11-24-06-31-15.057-AvastVBoxSVC.exe-3704.log => Moved successfully.
C:\Windows\system32\2014-11-23-15-57-48.002-AvastVBoxSVC.exe-3856.log => Moved successfully.
C:\Windows\system32\2014-11-22-09-32-20.018-AvastVBoxSVC.exe-3572.log => Moved successfully.
C:\Windows\system32\2014-11-21-06-40-08.094-AvastVBoxSVC.exe-3384.log => Moved successfully.
C:\Windows\system32\2014-11-20-06-12-29.000-AvastVBoxSVC.exe-2948.log => Moved successfully.
C:\Windows\system32\2014-11-19-06-27-59.092-AvastVBoxSVC.exe-3260.log => Moved successfully.
C:\Windows\system32\2014-11-18-06-59-12.012-AvastVBoxSVC.exe-460.log => Moved successfully.
C:\Windows\system32\2014-11-18-06-50-13.019-AvastVBoxSVC.exe-3152.log => Moved successfully.
C:\Windows\system32\2014-11-16-11-51-12.020-AvastVBoxSVC.exe-1296.log => Moved successfully.
C:\Windows\system32\2014-11-15-06-39-53.016-AvastVBoxSVC.exe-3168.log => Moved successfully.
C:\Windows\system32\2014-11-14-12-31-10.055-AvastVBoxSVC.exe-1984.log => Moved successfully.
C:\Windows\system32\2014-11-14-12-15-14.057-AvastVBoxSVC.exe-2320.log => Moved successfully.
C:\Windows\system32\2014-11-14-07-35-22.015-AvastVBoxSVC.exe-2764.log => Moved successfully.
C:\Windows\system32\2014-11-14-06-47-25.041-AvastVBoxSVC.exe-2508.log => Moved successfully.
C:\Windows\system32\2014-11-13-07-30-55.072-aswFe.exe-4660.log => Moved successfully.
C:\Windows\system32\2014-11-13-07-21-34.054-aswFe.exe-2956.log => Moved successfully.
C:\Windows\system32\2014-11-13-07-21-26.044-AvastVBoxSVC.exe-2932.log => Moved successfully.
C:\Windows\system32\2014-11-13-07-13-56.036-aswFe.exe-5044.log => Moved successfully.
C:\Windows\system32\2014-11-13-07-13-51.060-AvastVBoxSVC.exe-2932.log => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Register Mask Pro 3.0.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 41.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Jak se chova nas pacient

Počítač je stále hodně pomalej při startu. Po obrazovce vítejte se zobrazí černá obrazovka s kurzorem na 5 - 6 minut
Tady je ještě log z crystal disk info


----------------------------------------------------------------------------
CrystalDiskInfo 6.1.14 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2014/12/14 20:39:32

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- HL-DT-ST DVDRAM GH22NS40 ATA Device
+ ATA Channel 1 (1)
- SAMSUNG HD103UJ ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD103UJ : 1000,2 GB [0/3/0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD103UJ
----------------------------------------------------------------------------
Model : SAMSUNG HD103UJ
Firmware : 1AA01118
Serial Number : S13PJ90Z104145
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 10374 hod.
Power On Count : 1571 krát
Temperature : 30 C (86 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _71 _71 _11 00000000254E Čas na roztočení ploten
04 _98 _98 __0 000000000639 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 000000002886 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000005 Počet pokusů o překalibrování
0C _98 _98 __0 000000000623 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _77 _58 __0 0000170B0017 Teplota toku vzduchu
C2 _70 _57 __0 00001E0B001E Teplota
C3 100 100 __0 00000042D732 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 100 100 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5331 3350 4A39 305A 3130 3431 3435 2020 2020 2020
020: 0003 FFFF 0004 3141 4130 3131 3138 5341 4D53 554E
030: 4720 4844 3130 3355 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 7469 BC41 4123 20FF 0061
090: 0061 0000 FFFE 0000 FE00 0008 0005 005D 86A0 0001
100: 6DB0 7470 0000 0000 0064 0000 0000 0000 5002 4E92
110: 01AD 94E5 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 32A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 47 47 4E 25 00 00 00 00 00 04 32 00 62 62 39
020: 06 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 64 00 00 00 00 00 00 00 08 25
040: 00 64 64 00 00 00 00 00 00 00 09 32 00 62 62 86
050: 28 00 00 00 00 00 0A 33 00 64 64 00 00 00 00 00
060: 00 00 0B 12 00 64 64 05 00 00 00 00 00 00 0C 32
070: 00 62 62 23 06 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 4D 3A 17 00 0B 17 00
0C0: 00 00 C2 22 00 46 39 1E 00 0B 1E 00 00 00 C3 1A
0D0: 00 64 64 32 D7 42 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 01 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 7C 2E 00 7B
170: 03 00 01 00 02 C7 15 C7 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 62

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10

Ještě přidávám screen z hd tune.. Moc dobře to na něm asi nevypadá.. Jeho rychlost je dost nízko

Zkus ten HDTune jeste v nouzaku, tam jej neovlivnuji programy, ale ta minimalni rychlost je straaaasne mala

Výsledek dá se říct stejný.. Vrátil jsem mu to a prý je to kapku svižnější..
Mě se pomalý start a práce s tím zdá příšerná. Co se budu snažit, když to majiteli takto stačí Až disk umře úplně, bude

Za tvůj čas mockrát děkuju!!! a zase možná někdy