preventivní kontrola
Napsal: 08 led 2015 16:29
Dobrý den
Prosím o preventivní kontrolu logu.
děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by boys (administrator) on BOYS-PC on 08-01-2015 16:20:21
Running from C:\Users\boys\Desktop
Loaded Profile: boys (Available profiles: boys & Ondra & Guest)
Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2015-01-08] (AVAST Software)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [WindowsApp] => C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\WindowsApp-d.exe
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Run: [Microsoft-32] => C:\Windows\system32\wia-32.exe [155637 2014-05-19] (extractor )
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Run: [WindowsApp] => C:\Users\boys\AppData\Roaming\Microsoft\WindowsApp-d.exe
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-03-08] (Microsoft Corporation)
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Policies\Explorer\Run: [WindowsApp] => C:\Users\boys\AppData\Roaming\Microsoft\WindowsApp-d.exe
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\MountPoints2: {5b22d01d-35b9-11e4-a39b-0015f2162956} - G:\Autorun.exe
Startup: C:\Users\boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2744352073-1851344788-360937643-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-2744352073-1851344788-360937643-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\boys\AppData\Roaming\Mozilla\Firefox\Profiles\fz2h6j3e.default
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2744352073-1851344788-360937643-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\boys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-06]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-06]
CHR Extension: (Avast Online Security) - C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-06]
CHR Extension: (Skype Click to Call) - C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-20]
CHR Extension: (Peněženka Google) - C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1894736 2014-12-01] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2014-11-14] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2015-01-03] (Electronic Arts)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 senfilt; C:\Windows\System32\drivers\senfilt.sys [381056 2004-04-26] (Sensaura)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2014-09-06] () [File not signed]
U3 ajcf8o3i; C:\Windows\system32\Drivers\ajcf8o3i.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-08 16:20 - 2015-01-08 16:21 - 00011899 _____ () C:\Users\boys\Desktop\FRST.txt
2015-01-08 16:20 - 2015-01-08 16:20 - 00000000 ____D () C:\FRST
2015-01-08 16:18 - 2015-01-08 16:18 - 01115648 _____ (Farbar) C:\Users\boys\Desktop\FRST.exe
2015-01-08 15:20 - 2015-01-08 15:20 - 00002005 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-08 15:19 - 2015-01-08 15:19 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-08 15:19 - 2015-01-08 15:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-08 14:14 - 2015-01-08 14:14 - 00002126 _____ () C:\Users\Ondra.boys-PC\Desktop\Minecraft.lnk
2015-01-08 14:03 - 2015-01-08 14:03 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\Macromedia
2015-01-08 14:03 - 2015-01-08 14:03 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\Adobe
2015-01-08 14:03 - 2015-01-08 14:03 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\Macromedia
2015-01-08 13:57 - 2015-01-08 13:58 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\Mozilla
2015-01-08 13:57 - 2015-01-08 13:58 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\Mozilla
2015-01-06 19:51 - 2015-01-06 19:51 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\MinecraftServer
2015-01-06 19:47 - 2015-01-06 19:47 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\WinRAR
2015-01-06 18:53 - 2015-01-06 18:53 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-01-06 18:52 - 2015-01-08 14:14 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\.minecraft
2015-01-06 18:52 - 2015-01-08 13:50 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\LogMeIn Hamachi
2015-01-06 18:52 - 2015-01-06 18:52 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\AVAST Software
2015-01-06 18:52 - 2015-01-06 18:52 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\LogMeIn
2015-01-06 18:51 - 2015-01-06 18:51 - 00002161 _____ () C:\Users\Ondra.boys-PC\Desktop\Google Chrome.lnk
2015-01-06 18:51 - 2015-01-06 18:51 - 00001373 _____ () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-06 18:51 - 2015-01-06 18:51 - 00000020 ___SH () C:\Users\Ondra.boys-PC\ntuser.ini
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Šablony
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Soubory cookie
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Poslední
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Okolní tiskárny
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Okolní síť
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Nabídka Start
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Dokumenty
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Documents\Obrázky
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Documents\Hudba
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Documents\Filmy
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Data aplikací
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\AppData\Local\Data aplikací
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\Google
2015-01-06 18:50 - 2015-01-06 18:51 - 00000000 ____D () C:\Users\Ondra.boys-PC
2015-01-06 18:50 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-06 18:50 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-06 18:45 - 2015-01-06 18:45 - 00000000 ____D () C:\Users\boys\Desktop\Ondra
2015-01-02 10:53 - 2015-01-02 10:53 - 00002495 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2014-12-30 14:28 - 2014-12-30 14:28 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-30 14:28 - 2014-12-30 14:28 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-30 14:28 - 2014-12-30 14:28 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-30 09:30 - 2014-12-30 09:30 - 241176530 _____ () C:\Windows\MEMORY.DMP
2014-12-30 09:30 - 2014-12-30 09:30 - 00446504 _____ () C:\Windows\Minidump\123014-24156-01.dmp
2014-12-28 09:59 - 2014-12-28 09:59 - 00000000 ____D () C:\Users\boys\Desktop\Fotky
2014-12-22 14:20 - 2014-12-22 14:20 - 00000000 ____D () C:\Users\boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MineCraft
2014-12-22 14:20 - 2013-05-25 19:42 - 00000000 ____D () C:\Users\boys\Desktop\MINECRAFT 1.5.2 FULL
2014-12-22 11:19 - 2014-12-27 13:33 - 00000000 ____D () C:\Users\Sejmr
2014-12-22 11:19 - 2009-07-14 05:37 - 00000262 _____ () C:\Users\Ondra.boys-PC\Desktop\Run.lnk
2014-12-16 18:57 - 2014-12-16 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-16 18:44 - 2014-12-22 14:18 - 00000000 ____D () C:\Program Files\Opera
2014-12-15 20:18 - 2014-12-16 18:33 - 00002044 _____ () C:\Users\Guest\Desktop\Seznam.cz.lnk
2014-12-13 13:59 - 2014-12-13 13:59 - 00000000 ____D () C:\Users\boys\Desktop\Sims 3
2014-12-10 14:33 - 2014-12-30 14:28 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-09 14:51 - 2014-12-09 14:51 - 00000000 ____D () C:\Users\boys\AppData\Roaming\skyz
2014-12-09 14:08 - 2014-12-09 14:08 - 00594015 _____ () C:\Users\boys\Desktop\Smart Moving Mod Installer.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-08 16:16 - 2014-09-06 11:51 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 16:12 - 2014-11-11 13:14 - 00000000 ____D () C:\Users\boys\AppData\Local\LogMeIn Hamachi
2015-01-08 16:12 - 2014-09-06 11:51 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 15:54 - 2014-09-06 10:54 - 01856734 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 15:49 - 2014-10-30 23:42 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 15:30 - 2009-07-14 05:34 - 00019312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-08 15:30 - 2009-07-14 05:34 - 00019312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-08 15:22 - 2014-09-06 11:39 - 00035142 _____ () C:\Windows\PFRO.log
2015-01-08 15:22 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-08 15:22 - 2009-07-14 05:39 - 00040676 _____ () C:\Windows\setupact.log
2015-01-08 15:20 - 2014-09-06 11:51 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-06 18:51 - 2009-07-14 05:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-04 19:22 - 2014-09-07 06:30 - 00000000 ____D () C:\ProgramData\Origin
2015-01-04 10:00 - 2014-09-07 06:29 - 00000000 ____D () C:\Program Files\Origin
2015-01-02 14:00 - 2014-09-20 07:41 - 00000000 ___RD () C:\Program Files\Skype
2015-01-02 14:00 - 2014-09-20 07:25 - 00000000 ____D () C:\ProgramData\Skype
2015-01-02 10:53 - 2014-11-11 19:42 - 00000000 ____D () C:\Program Files\Movie Maker 2.6
2015-01-01 22:12 - 2014-09-06 11:13 - 01585238 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-01 18:26 - 2014-09-20 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-01 01:01 - 2014-12-08 19:35 - 00000000 ____D () C:\Users\boys\Desktop\Složka_1
2014-12-31 20:06 - 2014-11-30 17:12 - 00000000 ____D () C:\Minecraft_Backup
2014-12-30 11:04 - 2014-09-14 11:39 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-12-30 11:04 - 2014-09-06 11:15 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-30 11:02 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-30 09:30 - 2014-09-14 12:23 - 00000000 ____D () C:\Windows\Minidump
2014-12-28 14:42 - 2014-10-05 18:02 - 00000000 ____D () C:\Users\boys\AppData\Roaming\.minecraft
2014-12-27 18:36 - 2014-09-20 07:41 - 00000000 ____D () C:\Users\boys\AppData\Roaming\Skype
2014-12-27 13:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-22 20:21 - 2014-11-11 15:23 - 00000000 ____D () C:\Fraps
2014-12-22 14:25 - 2014-12-05 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi
2014-12-13 10:15 - 2014-09-07 08:51 - 00000000 ____D () C:\Users\boys\Documents\Electronic Arts
2014-12-11 15:27 - 2014-09-07 08:19 - 00000000 ____D () C:\Program Files\Origin Games
2014-12-11 15:22 - 2014-12-05 21:45 - 00000000 ____D () C:\Program Files\Pivot Animator
2014-12-10 13:50 - 2014-10-30 23:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 13:50 - 2014-10-30 23:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\boys\AppData\Local\Temp\certutil.exe
C:\Users\boys\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\boys\AppData\Local\Temp\msvcr71.dll
C:\Users\boys\AppData\Local\Temp\nspr4.dll
C:\Users\boys\AppData\Local\Temp\nss3.dll
C:\Users\boys\AppData\Local\Temp\plc4.dll
C:\Users\boys\AppData\Local\Temp\plds4.dll
C:\Users\boys\AppData\Local\Temp\smime3.dll
C:\Users\boys\AppData\Local\Temp\softokn3.dll
C:\Users\boys\AppData\Local\Temp\Uninstall.exe
C:\Users\boys\AppData\Local\Temp\_is6E17.exe
C:\Users\boys\AppData\Local\Temp\_isD4AB.exe
C:\Users\Guest\AppData\Local\Temp\i4jdel0.exe
C:\Users\Ondra\AppData\Local\Temp\i4jdel0.exe
C:\Users\Ondra\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 13:00
==================== End Of Log ============================
Prosím o preventivní kontrolu logu.
děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by boys (administrator) on BOYS-PC on 08-01-2015 16:20:21
Running from C:\Users\boys\Desktop
Loaded Profile: boys (Available profiles: boys & Ondra & Guest)
Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2015-01-08] (AVAST Software)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [WindowsApp] => C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\WindowsApp-d.exe
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Run: [Microsoft-32] => C:\Windows\system32\wia-32.exe [155637 2014-05-19] (extractor )
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Run: [WindowsApp] => C:\Users\boys\AppData\Roaming\Microsoft\WindowsApp-d.exe
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-03-08] (Microsoft Corporation)
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\Policies\Explorer\Run: [WindowsApp] => C:\Users\boys\AppData\Roaming\Microsoft\WindowsApp-d.exe
HKU\S-1-5-21-2744352073-1851344788-360937643-1000\...\MountPoints2: {5b22d01d-35b9-11e4-a39b-0015f2162956} - G:\Autorun.exe
Startup: C:\Users\boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2744352073-1851344788-360937643-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-2744352073-1851344788-360937643-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\boys\AppData\Roaming\Mozilla\Firefox\Profiles\fz2h6j3e.default
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2744352073-1851344788-360937643-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\boys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-06]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-06]
CHR Extension: (Avast Online Security) - C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-06]
CHR Extension: (Skype Click to Call) - C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-20]
CHR Extension: (Peněženka Google) - C:\Users\boys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1894736 2014-12-01] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2014-11-14] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2015-01-03] (Electronic Arts)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 senfilt; C:\Windows\System32\drivers\senfilt.sys [381056 2004-04-26] (Sensaura)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2014-09-06] () [File not signed]
U3 ajcf8o3i; C:\Windows\system32\Drivers\ajcf8o3i.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-08 16:20 - 2015-01-08 16:21 - 00011899 _____ () C:\Users\boys\Desktop\FRST.txt
2015-01-08 16:20 - 2015-01-08 16:20 - 00000000 ____D () C:\FRST
2015-01-08 16:18 - 2015-01-08 16:18 - 01115648 _____ (Farbar) C:\Users\boys\Desktop\FRST.exe
2015-01-08 15:20 - 2015-01-08 15:20 - 00002005 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-08 15:19 - 2015-01-08 15:19 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-08 15:19 - 2015-01-08 15:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-08 14:14 - 2015-01-08 14:14 - 00002126 _____ () C:\Users\Ondra.boys-PC\Desktop\Minecraft.lnk
2015-01-08 14:03 - 2015-01-08 14:03 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\Macromedia
2015-01-08 14:03 - 2015-01-08 14:03 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\Adobe
2015-01-08 14:03 - 2015-01-08 14:03 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\Macromedia
2015-01-08 13:57 - 2015-01-08 13:58 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\Mozilla
2015-01-08 13:57 - 2015-01-08 13:58 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\Mozilla
2015-01-06 19:51 - 2015-01-06 19:51 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\MinecraftServer
2015-01-06 19:47 - 2015-01-06 19:47 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\WinRAR
2015-01-06 18:53 - 2015-01-06 18:53 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-01-06 18:52 - 2015-01-08 14:14 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\.minecraft
2015-01-06 18:52 - 2015-01-08 13:50 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\LogMeIn Hamachi
2015-01-06 18:52 - 2015-01-06 18:52 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Roaming\AVAST Software
2015-01-06 18:52 - 2015-01-06 18:52 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\LogMeIn
2015-01-06 18:51 - 2015-01-06 18:51 - 00002161 _____ () C:\Users\Ondra.boys-PC\Desktop\Google Chrome.lnk
2015-01-06 18:51 - 2015-01-06 18:51 - 00001373 _____ () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-06 18:51 - 2015-01-06 18:51 - 00000020 ___SH () C:\Users\Ondra.boys-PC\ntuser.ini
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Šablony
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Soubory cookie
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Poslední
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Okolní tiskárny
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Okolní síť
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Nabídka Start
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Dokumenty
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Documents\Obrázky
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Documents\Hudba
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Documents\Filmy
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\Data aplikací
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 _SHDL () C:\Users\Ondra.boys-PC\AppData\Local\Data aplikací
2015-01-06 18:51 - 2015-01-06 18:51 - 00000000 ____D () C:\Users\Ondra.boys-PC\AppData\Local\Google
2015-01-06 18:50 - 2015-01-06 18:51 - 00000000 ____D () C:\Users\Ondra.boys-PC
2015-01-06 18:50 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-06 18:50 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Ondra.boys-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-06 18:45 - 2015-01-06 18:45 - 00000000 ____D () C:\Users\boys\Desktop\Ondra
2015-01-02 10:53 - 2015-01-02 10:53 - 00002495 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2014-12-30 14:28 - 2014-12-30 14:28 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-30 14:28 - 2014-12-30 14:28 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-30 14:28 - 2014-12-30 14:28 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-30 09:30 - 2014-12-30 09:30 - 241176530 _____ () C:\Windows\MEMORY.DMP
2014-12-30 09:30 - 2014-12-30 09:30 - 00446504 _____ () C:\Windows\Minidump\123014-24156-01.dmp
2014-12-28 09:59 - 2014-12-28 09:59 - 00000000 ____D () C:\Users\boys\Desktop\Fotky
2014-12-22 14:20 - 2014-12-22 14:20 - 00000000 ____D () C:\Users\boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MineCraft
2014-12-22 14:20 - 2013-05-25 19:42 - 00000000 ____D () C:\Users\boys\Desktop\MINECRAFT 1.5.2 FULL
2014-12-22 11:19 - 2014-12-27 13:33 - 00000000 ____D () C:\Users\Sejmr
2014-12-22 11:19 - 2009-07-14 05:37 - 00000262 _____ () C:\Users\Ondra.boys-PC\Desktop\Run.lnk
2014-12-16 18:57 - 2014-12-16 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-16 18:44 - 2014-12-22 14:18 - 00000000 ____D () C:\Program Files\Opera
2014-12-15 20:18 - 2014-12-16 18:33 - 00002044 _____ () C:\Users\Guest\Desktop\Seznam.cz.lnk
2014-12-13 13:59 - 2014-12-13 13:59 - 00000000 ____D () C:\Users\boys\Desktop\Sims 3
2014-12-10 14:33 - 2014-12-30 14:28 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-09 14:51 - 2014-12-09 14:51 - 00000000 ____D () C:\Users\boys\AppData\Roaming\skyz
2014-12-09 14:08 - 2014-12-09 14:08 - 00594015 _____ () C:\Users\boys\Desktop\Smart Moving Mod Installer.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-08 16:16 - 2014-09-06 11:51 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 16:12 - 2014-11-11 13:14 - 00000000 ____D () C:\Users\boys\AppData\Local\LogMeIn Hamachi
2015-01-08 16:12 - 2014-09-06 11:51 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 15:54 - 2014-09-06 10:54 - 01856734 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 15:49 - 2014-10-30 23:42 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 15:30 - 2009-07-14 05:34 - 00019312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-08 15:30 - 2009-07-14 05:34 - 00019312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-08 15:22 - 2014-09-06 11:39 - 00035142 _____ () C:\Windows\PFRO.log
2015-01-08 15:22 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-08 15:22 - 2009-07-14 05:39 - 00040676 _____ () C:\Windows\setupact.log
2015-01-08 15:20 - 2014-09-06 11:51 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-08 15:19 - 2014-09-06 11:51 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-06 18:51 - 2009-07-14 05:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-04 19:22 - 2014-09-07 06:30 - 00000000 ____D () C:\ProgramData\Origin
2015-01-04 10:00 - 2014-09-07 06:29 - 00000000 ____D () C:\Program Files\Origin
2015-01-02 14:00 - 2014-09-20 07:41 - 00000000 ___RD () C:\Program Files\Skype
2015-01-02 14:00 - 2014-09-20 07:25 - 00000000 ____D () C:\ProgramData\Skype
2015-01-02 10:53 - 2014-11-11 19:42 - 00000000 ____D () C:\Program Files\Movie Maker 2.6
2015-01-01 22:12 - 2014-09-06 11:13 - 01585238 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-01 18:26 - 2014-09-20 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-01 01:01 - 2014-12-08 19:35 - 00000000 ____D () C:\Users\boys\Desktop\Složka_1
2014-12-31 20:06 - 2014-11-30 17:12 - 00000000 ____D () C:\Minecraft_Backup
2014-12-30 11:04 - 2014-09-14 11:39 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-12-30 11:04 - 2014-09-06 11:15 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-30 11:02 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-30 09:30 - 2014-09-14 12:23 - 00000000 ____D () C:\Windows\Minidump
2014-12-28 14:42 - 2014-10-05 18:02 - 00000000 ____D () C:\Users\boys\AppData\Roaming\.minecraft
2014-12-27 18:36 - 2014-09-20 07:41 - 00000000 ____D () C:\Users\boys\AppData\Roaming\Skype
2014-12-27 13:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-22 20:21 - 2014-11-11 15:23 - 00000000 ____D () C:\Fraps
2014-12-22 14:25 - 2014-12-05 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi
2014-12-13 10:15 - 2014-09-07 08:51 - 00000000 ____D () C:\Users\boys\Documents\Electronic Arts
2014-12-11 15:27 - 2014-09-07 08:19 - 00000000 ____D () C:\Program Files\Origin Games
2014-12-11 15:22 - 2014-12-05 21:45 - 00000000 ____D () C:\Program Files\Pivot Animator
2014-12-10 13:50 - 2014-10-30 23:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 13:50 - 2014-10-30 23:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\boys\AppData\Local\Temp\certutil.exe
C:\Users\boys\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\boys\AppData\Local\Temp\msvcr71.dll
C:\Users\boys\AppData\Local\Temp\nspr4.dll
C:\Users\boys\AppData\Local\Temp\nss3.dll
C:\Users\boys\AppData\Local\Temp\plc4.dll
C:\Users\boys\AppData\Local\Temp\plds4.dll
C:\Users\boys\AppData\Local\Temp\smime3.dll
C:\Users\boys\AppData\Local\Temp\softokn3.dll
C:\Users\boys\AppData\Local\Temp\Uninstall.exe
C:\Users\boys\AppData\Local\Temp\_is6E17.exe
C:\Users\boys\AppData\Local\Temp\_isD4AB.exe
C:\Users\Guest\AppData\Local\Temp\i4jdel0.exe
C:\Users\Ondra\AppData\Local\Temp\i4jdel0.exe
C:\Users\Ondra\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 13:00
==================== End Of Log ============================
