VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Poprosím o preventivku

https://forum.viry.cz:443/viewtopic.php?t=142424

Stránka 1 z 2

Poprosím o preventivku

Napsal: 14 led 2015 00:32
od JohnnieM
Ahoj, poprosil bych o preventivku dlouho běžícího pc, počítač je zpomalený a zátěž neklesne pod 60%. Díky

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-01-2015 02
Ran by Pavel Kratochvíl (administrator) on PAVELKRATOCH-PC on 14-01-2015 00:30:31
Running from C:\Users\Pavel Kratochvíl\Desktop
Loaded Profile: Pavel Kratochvíl (Available profiles: Pavel Kratochvíl & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Dritek System Inc.) C:\Program Files\KEMailKb\DsiMmKbd.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.191.2099.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(forum.viry.cz) C:\Users\Pavel Kratochvíl\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4349952 2007-01-18] (Realtek Semiconductor)
HKLM\...\Run: [WinSys2] => C:\Windows\system32\startup.exe [36864 2006-11-26] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [KEMailKb] => C:\Program Files\KEMailKb\DsiMmKbd.EXE [471040 2007-01-08] (Dritek System Inc.)
HKLM\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [90112 2007-12-21] (Leadtek Research Inc.)
HKLM\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2846720 2007-12-19] (Leadtek Research Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2009-04-02] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\MountPoints2: {8474314a-6211-11dc-8653-0019db674436} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2018361405-115618740-1659238763-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2018361405-115618740-1659238763-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Pavel Kratochvíl\AppData\Roaming\Mozilla\Firefox\Profiles\abo08x3e.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-23]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-03-31] (Teruten) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-01-19] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-01-19] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [20992 2008-01-19] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 MpKsl98513701; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7D3FEC61-F14C-4861-9208-B5B6D521365B}\MpKsl98513701.sys [39464 2015-01-14] (Microsoft Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R1 wfcxacap; C:\Windows\System32\DRIVERS\wfcxacap.sys [9856 2007-09-19] (Leadtek Research Inc.)
R2 wfcxatun; C:\Windows\System32\drivers\wfcxatun.sys [31744 2007-09-19] (Leadtek Research Inc.)
R3 wfcxdtun; C:\Windows\System32\drivers\wfcxdtun.sys [21248 2007-09-19] (Leadtek Research Inc.)
R3 wfcxtcap; C:\Windows\System32\drivers\wfcxtcap.sys [15872 2007-09-19] (Leadtek Research Inc.)
R2 WFCXVCAP; C:\Windows\System32\drivers\wfcxvcap.sys [167040 2007-09-19] (Leadtek Research Inc.)
R3 wfcxxbar; C:\Windows\System32\drivers\wfcxxbar.sys [10496 2007-09-19] (Leadtek Research Inc.)
R3 WFIOCTL; C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [9446 2005-01-06] (Leadtek Research Inc.) [File not signed]
U0 wvkmaj; C:\Windows\System32\drivers\qtpmhk.sys [52440 2015-01-14] (Malwarebytes Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 00:30 - 2015-01-14 00:30 - 00013647 _____ () C:\Users\Pavel Kratochvíl\Desktop\FRST.txt
2015-01-14 00:29 - 2015-01-14 00:30 - 00000000 ____D () C:\FRST
2015-01-14 00:29 - 2015-01-14 00:29 - 00052440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\qtpmhk.sys
2015-01-14 00:24 - 2015-01-14 00:24 - 01115648 _____ (Farbar) C:\Users\Pavel Kratochvíl\Desktop\FRST.exe
2015-01-14 00:23 - 2015-01-14 00:23 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel Kratochvíl\Desktop\FRSTLauncher.exe
2015-01-14 00:14 - 2015-01-14 00:14 - 00000852 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-14 00:14 - 2015-01-14 00:14 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Local\Mozilla
2015-01-14 00:14 - 2015-01-14 00:14 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-14 00:14 - 2015-01-14 00:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-14 00:14 - 2015-01-14 00:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-14 00:06 - 2015-01-14 00:07 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-14 00:03 - 2015-01-14 00:03 - 00001110 _____ () C:\Windows\PFRO.log
2015-01-13 12:47 - 2015-01-13 12:47 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-13 12:47 - 2015-01-13 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-13 12:47 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-13 12:46 - 2015-01-13 12:47 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-13 12:46 - 2015-01-13 12:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-13 12:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-13 12:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-13 12:34 - 2015-01-13 12:34 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-13 12:00 - 2015-01-13 12:08 - 00000000 ____D () C:\Users\Pavel Kratochvíl\Desktop\Nová složka

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 00:28 - 2013-12-27 20:37 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Local\genienext
2015-01-14 00:27 - 2006-11-02 13:52 - 01631106 _____ () C:\Windows\WindowsUpdate.log
2015-01-14 00:14 - 2009-11-03 10:53 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Roaming\Mozilla
2015-01-14 00:11 - 2006-11-02 11:33 - 08117706 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 00:05 - 2006-11-02 13:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-14 00:05 - 2006-11-02 13:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-14 00:04 - 2007-09-16 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-14 00:04 - 2007-08-29 06:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-14 00:04 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-14 00:04 - 2006-11-02 13:47 - 00412712 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 00:03 - 2007-10-30 23:57 - 00000000 ____D () C:\Program Files\Google
2015-01-14 00:03 - 2006-11-02 14:01 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-13 23:57 - 2007-08-30 21:28 - 00000000 ____D () C:\Windows\system32\QuickTime
2015-01-13 23:57 - 2007-08-28 19:53 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-13 23:55 - 2007-09-04 18:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-01-13 23:55 - 2007-08-28 20:34 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-01-13 23:53 - 2009-09-14 20:23 - 00054156 ____H () C:\Windows\QTFont.qfn
2015-01-13 23:53 - 2007-08-30 21:28 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-13 23:50 - 2011-03-02 15:10 - 00000000 ____D () C:\Program Files\LogMeIn
2015-01-13 23:47 - 2007-10-30 23:57 - 00000000 ____D () C:\ProgramData\Google
2015-01-13 23:45 - 2007-10-30 23:57 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Local\Google
2015-01-13 23:44 - 2013-12-27 20:36 - 00000000 ____D () C:\ProgramData\Freemake
2015-01-13 23:44 - 2013-12-27 20:35 - 00000000 ____D () C:\Program Files\Freemake
2015-01-13 12:53 - 2007-08-31 19:25 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Roaming\Skype
2015-01-13 12:51 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\tracing
2015-01-13 12:43 - 2008-11-26 17:19 - 00000000 ____D () C:\Windows\Minidump
2015-01-13 12:43 - 2007-08-28 20:30 - 00000000 ____D () C:\Windows\Panther
2015-01-13 12:15 - 2013-12-27 20:37 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Local\Mobogenie
2015-01-13 09:09 - 2013-12-27 20:37 - 00046327 _____ () C:\Users\Pavel Kratochvíl\daemonprocess.txt
2015-01-11 23:48 - 2007-11-03 19:03 - 00206336 _____ () C:\Users\Pavel Kratochvíl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-09 23:52 - 2007-09-05 14:45 - 00000095 _____ () C:\Users\Pavel Kratochvíl\AppData\default.pls
2015-01-09 17:17 - 2007-08-28 20:34 - 00000398 _____ () C:\Windows\Tasks\1-Click Maintenance.job
2014-12-31 12:13 - 2009-10-05 20:29 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-21 19:40 - 2007-09-05 15:12 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Local\Microsoft Games

Files to move or delete:
====================
C:\Users\Pavel Kratochvíl\setup_FOTOSVET_Schlecker_2.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2008\OneClick.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavel Kratochv�l\Desktop" je 1 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Poprosím o preventivku

Napsal: 14 led 2015 00:46
od altrok
Zdravim :bye:

:arrow: Odinstalujte Skype Click to Call

:arrow: Aktualizujte Adobe Reader na aktualni verzi XI - spustte jej -> nahore Napoveda -> Zkontrolovat aktualizace

:arrow: Otestujte na virustotal.com C:\Windows\system32\Drivers\qtpmhk.sys - pokud jiz byl testovan, zvolte moznost Reanalyse

:arrow: Provadel jste test pomoci MBAM? Dejte kdyztak log s nalezy.

:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Clean
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Re: Poprosím o preventivku

Napsal: 15 led 2015 09:17
od JohnnieM
Zdravím, tak skype click to call už byl odinstalovaný v době kdy jsem dělal scan v frst. Dál soubor který jste chtěl otestovat neexistuje, v dané cestě není, a jak s mbamu vyrazím log s naley? našel jsem jen log o programu s aktualizacemi. Díky za trpělivost.

Re: Poprosím o preventivku

Napsal: 15 led 2015 09:31
od JohnnieM
a zde je log z AdwCleaneru

# AdwCleaner v4.107 - Report created 15/01/2015 at 09:25:44
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Pavel Kratochvíl - PAVELKRATOCH-PC
# Running from : C:\Users\Pavel Kratochvíl\Downloads\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Pavel Kratochvíl\AppData\Local\genienext
Folder Deleted : C:\Users\Pavel Kratochvíl\AppData\Local\Mobogenie
Folder Deleted : D:\Dokumenty\Mobogenie
File Deleted : C:\Users\Pavel Kratochvíl\daemonprocess.txt

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599


-\\ Mozilla Firefox v35.0 (x86 cs)


*************************

AdwCleaner[R0].txt - [1531 octets] - [15/01/2015 09:23:42]
AdwCleaner[S0].txt - [1390 octets] - [15/01/2015 09:25:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1450 octets] ##########

Re: Poprosím o preventivku

Napsal: 15 led 2015 12:45
od altrok
:arrow: Spustte MBAM, nahore prejdete na zalozku History, vlevo Application Logs, vyberete posledni log oznaceny jako Scan Log (dvojklik), dole mate moznost Copy to Clipboard. Pak log vlozite do odpovedi pomoci Ctrl + V

:arrow: Dejte novy log FRST.txt, prilozte i Addition.txt. Pri druhem a dalsim spusteni musite explicitne vybrat moznost Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: Poprosím o preventivku

Napsal: 15 led 2015 23:41
od JohnnieM
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 14.1.2015 0:06:04, SYSTEM, PAVELKRATOCH-PC, Manual, Failed, Unable to access update server,
Update, 14.1.2015 0:07:05, SYSTEM, PAVELKRATOCH-PC, Manual, Failed, Unable to access update server,
Update, 14.1.2015 0:07:41, SYSTEM, PAVELKRATOCH-PC, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 14.1.2015 0:07:41, SYSTEM, PAVELKRATOCH-PC, Manual, Rootkit Database, 2014.11.18.1, 2015.1.7.1,
Update, 14.1.2015 0:07:48, SYSTEM, PAVELKRATOCH-PC, Manual, Malware Database, 2014.11.20.6, 2015.1.13.18,

(end)

tohle je jediné co s toho vzmáčknu. to nejspíš není to oč žádáte že?

Re: Poprosím o preventivku

Napsal: 15 led 2015 23:47
od JohnnieM
log z frst


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015 01
Ran by Pavel Kratochvíl (administrator) on PAVELKRATOCH-PC on 15-01-2015 23:46:12
Running from C:\Users\Pavel Kratochvíl\Desktop
Loaded Profiles: Pavel Kratochvíl (Available profiles: Pavel Kratochvíl & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Dritek System Inc.) C:\Program Files\KEMailKb\DsiMmKbd.EXE
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(forum.viry.cz) C:\Users\Pavel Kratochvíl\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4349952 2007-01-18] (Realtek Semiconductor)
HKLM\...\Run: [WinSys2] => C:\Windows\system32\startup.exe [36864 2006-11-26] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [KEMailKb] => C:\Program Files\KEMailKb\DsiMmKbd.EXE [471040 2007-01-08] (Dritek System Inc.)
HKLM\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [90112 2007-12-21] (Leadtek Research Inc.)
HKLM\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2846720 2007-12-19] (Leadtek Research Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2009-04-02] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\MountPoints2: {8474314a-6211-11dc-8653-0019db674436} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2018361405-115618740-1659238763-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Pavel Kratochvíl\AppData\Roaming\Mozilla\Firefox\Profiles\abo08x3e.default
FF Homepage: www.seznam.cz
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-23]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-03-31] (Teruten) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-01-19] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-01-19] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [20992 2008-01-19] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 MpKslb8b8a411; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DC8F90A7-21EF-444E-A2AB-A492DCBA31B8}\MpKslb8b8a411.sys [39464 2015-01-15] (Microsoft Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R1 wfcxacap; C:\Windows\System32\DRIVERS\wfcxacap.sys [9856 2007-09-19] (Leadtek Research Inc.)
R2 wfcxatun; C:\Windows\System32\drivers\wfcxatun.sys [31744 2007-09-19] (Leadtek Research Inc.)
R3 wfcxdtun; C:\Windows\System32\drivers\wfcxdtun.sys [21248 2007-09-19] (Leadtek Research Inc.)
R3 wfcxtcap; C:\Windows\System32\drivers\wfcxtcap.sys [15872 2007-09-19] (Leadtek Research Inc.)
R2 WFCXVCAP; C:\Windows\System32\drivers\wfcxvcap.sys [167040 2007-09-19] (Leadtek Research Inc.)
R3 wfcxxbar; C:\Windows\System32\drivers\wfcxxbar.sys [10496 2007-09-19] (Leadtek Research Inc.)
R3 WFIOCTL; C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [9446 2005-01-06] (Leadtek Research Inc.) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 23:46 - 2015-01-15 23:46 - 00012897 _____ () C:\Users\Pavel Kratochvíl\Desktop\FRST.txt
2015-01-15 23:45 - 2015-01-15 23:45 - 00000000 ____D () C:\Users\Pavel Kratochvíl\Desktop\FRST-OlderVersion
2015-01-15 09:41 - 2014-12-19 01:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 09:36 - 2014-12-06 04:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-15 09:36 - 2014-12-06 04:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 09:36 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-15 09:36 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-15 09:21 - 2015-01-15 09:25 - 00000000 ____D () C:\AdwCleaner
2015-01-15 09:20 - 2015-01-15 09:20 - 02191360 _____ () C:\Users\Pavel Kratochvíl\Downloads\adwcleaner_4.107.exe
2015-01-15 09:00 - 2015-01-15 09:00 - 00001804 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-01-15 09:00 - 2015-01-15 09:00 - 00000000 ____D () C:\Program Files\Adobe
2015-01-14 00:29 - 2015-01-15 23:46 - 00000000 ____D () C:\FRST
2015-01-14 00:24 - 2015-01-15 23:45 - 01116672 _____ (Farbar) C:\Users\Pavel Kratochvíl\Desktop\FRST.exe
2015-01-14 00:14 - 2015-01-14 00:14 - 00000852 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-14 00:14 - 2015-01-14 00:14 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Local\Mozilla
2015-01-14 00:14 - 2015-01-14 00:14 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-14 00:14 - 2015-01-14 00:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-14 00:14 - 2015-01-14 00:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-14 00:06 - 2015-01-15 23:37 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-14 00:03 - 2015-01-15 09:27 - 00004516 _____ () C:\Windows\PFRO.log
2015-01-13 12:47 - 2015-01-13 12:47 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-13 12:47 - 2015-01-13 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-13 12:47 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-13 12:46 - 2015-01-13 12:47 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-13 12:46 - 2015-01-13 12:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-13 12:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-13 12:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-13 12:34 - 2015-01-13 12:34 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-13 12:00 - 2015-01-15 09:02 - 00000000 ____D () C:\Users\Pavel Kratochvíl\Desktop\Nová složka

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 23:46 - 2006-11-02 13:52 - 01790709 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 23:43 - 2006-11-02 11:33 - 08132526 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 23:37 - 2007-08-29 06:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-15 23:37 - 2006-11-02 13:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 23:37 - 2006-11-02 13:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 23:36 - 2007-09-16 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-15 23:36 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 09:48 - 2006-11-02 14:01 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-15 09:41 - 2013-08-17 21:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 09:37 - 2006-11-02 11:24 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-01-15 09:25 - 2007-08-28 19:42 - 00000000 ____D () C:\Users\Pavel Kratochvíl
2015-01-15 09:01 - 2007-08-31 19:21 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Local\Adobe
2015-01-15 09:00 - 2007-08-31 19:20 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-15 09:00 - 2007-08-31 19:20 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-14 00:38 - 2007-08-31 19:25 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Roaming\Skype
2015-01-14 00:14 - 2009-11-03 10:53 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Roaming\Mozilla
2015-01-14 00:04 - 2006-11-02 13:47 - 00412712 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 00:03 - 2007-10-30 23:57 - 00000000 ____D () C:\Program Files\Google
2015-01-13 23:57 - 2007-08-30 21:28 - 00000000 ____D () C:\Windows\system32\QuickTime
2015-01-13 23:57 - 2007-08-28 19:53 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-13 23:55 - 2007-09-04 18:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-01-13 23:55 - 2007-08-28 20:34 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-01-13 23:53 - 2009-09-14 20:23 - 00054156 ____H () C:\Windows\QTFont.qfn
2015-01-13 23:53 - 2007-08-30 21:28 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-13 23:50 - 2011-03-02 15:10 - 00000000 ____D () C:\Program Files\LogMeIn
2015-01-13 23:47 - 2007-10-30 23:57 - 00000000 ____D () C:\ProgramData\Google
2015-01-13 23:45 - 2007-10-30 23:57 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Local\Google
2015-01-13 23:44 - 2013-12-27 20:36 - 00000000 ____D () C:\ProgramData\Freemake
2015-01-13 23:44 - 2013-12-27 20:35 - 00000000 ____D () C:\Program Files\Freemake
2015-01-13 12:51 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\tracing
2015-01-13 12:43 - 2008-11-26 17:19 - 00000000 ____D () C:\Windows\Minidump
2015-01-13 12:43 - 2007-08-28 20:30 - 00000000 ____D () C:\Windows\Panther
2015-01-11 23:48 - 2007-11-03 19:03 - 00206336 _____ () C:\Users\Pavel Kratochvíl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-09 23:52 - 2007-09-05 14:45 - 00000095 _____ () C:\Users\Pavel Kratochvíl\AppData\default.pls
2015-01-09 17:17 - 2007-08-28 20:34 - 00000398 _____ () C:\Windows\Tasks\1-Click Maintenance.job
2014-12-31 12:13 - 2009-10-05 20:29 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-21 19:40 - 2007-09-05 15:12 - 00000000 ____D () C:\Users\Pavel Kratochvíl\AppData\Local\Microsoft Games

Files to move or delete:
====================
C:\Users\Pavel Kratochvíl\setup_FOTOSVET_Schlecker_2.exe


Some content of TEMP:
====================
C:\Users\Pavel Kratochvíl\AppData\Local\Temp\Quarantine.exe
C:\Users\Pavel Kratochvíl\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2008\OneClick.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavel Kratochv�l\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Poprosím o preventivku

Napsal: 15 led 2015 23:48
od JohnnieM
additional data



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2015 01
Ran by Pavel Kratochvíl at 2015-01-15 23:47:07
Running from C:\Users\Pavel Kratochvíl\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
7-Zip 4.42 (HKLM\...\7-Zip) (Version: - )
7-Zip 4.53 (HKLM\...\{23170F69-40C1-2701-0453-030001000000}) (Version: 4.53.03.0 - Igor Pavlov)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
AIO_Scan (Version: 82.0.203.000 - Hewlett-Packard) Hidden
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
C4200 (Version: 82.0.203.000 - Hewlett-Packard) Hidden
c4200_Help (Version: 82.0.203.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Copy (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (Version: 8.1.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
E-Mail Multimedia Keyboard for PS2 (HKLM\...\KEMailKb) (Version: - )
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
FOTOSVET Schlecker 2 (HKLM\...\FOTOSVET Schlecker 2) (Version: - )
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP)
HP Photosmart All-In-One Software 8.0 (HKLM\...\{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}) (Version: 8.0 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
hppLaserJetService (Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (Version: 001.003.00073 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.172.000 - Hewlett-Packard) Hidden
Indeo® software (HKLM\...\Indeo® software) (Version: - )
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 cs) (HKLM\...\Mozilla Firefox 35.0 (x86 cs)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
Nero 7 Ultra Edition (HKLM\...\{DB4C031D-B2F8-47F1-A274-59A8F3B61029}) (Version: 7.02.9750 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA Ovladač 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PS_AIO_ProductContext (Version: 82.0.203.000 - Hewlett-Packard) Hidden
PS_AIO_Software (Version: 82.0.203.000 - Hewlett-Packard) Hidden
PS_AIO_Software_min (Version: 82.0.203.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5361 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Tarzan (HKLM\...\{68F423B1-B08A-4EFC-8414-408455443322}) (Version: - )
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Ulead VideoStudio 9.0 SE DVD (HKLM\...\{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}) (Version: 9.0 SE - Ulead System)
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
WinFast DTV2000 H Driver (HKLM\...\{05121C4B-19D3-4AB8-B275-FE4B60E0C4E1}) (Version: - Multimedia)
WinFast PVR2 (HKLM\...\{C92C584E-C781-475E-A8E2-C67D993A6B95}) (Version: 2.0.2.32 - Leadtek)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{0482DDE0-7817-11CF-8A03-00AA006ECB65}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{05589F80-C356-11CE-BF01-00AA0055595A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{17CCA71B-ECD7-11D0-B908-00A0C9223196}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{1A8766A0-62CE-11CF-A5D6-28DB04C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{1E651CC0-B199-11D0-8212-00C04FC32C45}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{266EEE40-6C63-11CF-8A03-00AA006ECB65}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{2BC0DA0E-F1BC-43AB-B4B5-738EB6B51E7E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33156164-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33156168-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{3315616E-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33D9A762-90C8-11D0-BD43-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4315D437-5B8C-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{505C2E67-8615-4CA9-9B57-48CF6EE696FD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{5BB4BE4A-09B3-4689-BB4B-6F33E1E82797}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{5D3B23E1-8235-4D54-9059-18C9F08242DB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{632B606A-BBC6-11D2-A329-006097C4E476}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{71F96460-78F3-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{71F96462-78F3-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{7D8AA343-6E63-4663-BE90-6B80F66540A3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{860BB310-5D01-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{8D52AA2E-40BE-46D7-8F36-DB7B0F636824}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{8E849609-C7E8-4EC7-8BD3-D55E871A340D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{A5AC04E7-3E13-48CE-A43F-9FBA59DB1544}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{AB37E6C0-194D-4C33-A924-5178414DEB98}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{AB406AAC-2B2B-11D3-B36B-00C04F6108FF}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B87BEB7B-8D29-423F-AE4D-6582C10175AC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{BF87B6E1-8C27-11D0-B3F0-00AA003761C5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C1AB3D89-6973-45A6-AA44-09CEBBF872E5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C3043B13-E649-436A-9CE7-8DA8CB0BF7C8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13344-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13350-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13360-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CC58E280-8AA1-11D1-B3F1-00AA003761C5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CDA42200-BD88-11D0-BD4E-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E0-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E1-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E3-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E05592E4-C0B5-11D0-A439-00A0C9223196}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E297AB5E-40B0-41BD-9E06-E4144084EE5F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E30629D2-27E5-11CE-875D-00608CB78066}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path

==================== Restore Points =========================

10-01-2015 18:50:45 Windows Update
13-01-2015 23:47:32 Removed Google Toolbar for Internet Explorer
13-01-2015 23:49:01 Removed Kryštofova dobrodružství
13-01-2015 23:50:35 Removed LogMeIn
13-01-2015 23:54:21 Removed Skype Click to Call
13-01-2015 23:55:01 Removed TuneUp Utilities 2008
13-01-2015 23:56:39 Configured SmartSound Quicktracks Plugin
14-01-2015 00:24:34 Windows Update
15-01-2015 08:48:50 Odebráno: Adobe Reader 8 - Czech
15-01-2015 09:35:48 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-19] (Společnost Microsoft)
Task: {129B9EDE-05D7-4829-810B-FD51DD561C63} - System32\Tasks\{3A8694C6-9361-4B7E-841A-7B334A00D37C} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.112/cs/eula
Task: {3EB67ECF-5249-4924-AD59-AA7F75EC2581} - System32\Tasks\{57C2CB00-8301-4FE2-9BF9-A62362E90426} => pcalua.exe -a C:\Windows\IsUninst.exe -c -f"C:\Program Files\MSI\Live Update 3\Uninst.isu"
Task: {40CCEB9B-55B5-4D22-A4CF-0F3CAFB45FCA} - System32\Tasks\{D3275056-6BA5-42B8-B883-3977B213608F} => Iexplore.exe http://ui.skype.com/ui/0/4.1.0.179/cs/a ... -installed
Task: {49396D88-8CCA-4A1D-9B5F-E3470595B6C3} - System32\Tasks\{0DBE2BFD-5C70-41ED-B32E-82159D164E20} => pcalua.exe -a E:\Install.exe -d E:\
Task: {6776D835-9225-43E6-B1DB-236780A228D0} - System32\Tasks\{DE788845-7548-457C-AE5E-13AC4AC7F6C9} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.104/cs/a ... adedefault
Task: {882B777D-8216-4FCD-8AFB-3235E905CE41} - System32\Tasks\{06FFE15E-274F-40FB-8C0E-E51AC175797B} => C:\Program Files\Skype\\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)
Task: {BE1078C2-C54A-4A79-8733-5E3B81732B59} - System32\Tasks\{C8C354D4-C529-4C14-9509-59B13503BD4C} => C:\Program Files\Skype\\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)
Task: {C288C472-D326-40CE-9E6C-367C61384BD3} - System32\Tasks\{BAF51858-F195-4F44-9568-18D3A6A14D47} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.112/cs/a ... adyoffered
Task: {D980C913-1EA9-46AE-A6AA-53C113EDD733} - System32\Tasks\{A7706347-BAE3-42C8-A40A-1F63F6DF1482} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.104/cs/a ... adyoffered
Task: {E3C11D82-3E41-432F-9727-1373C1F8322F} - System32\Tasks\1-Click Maintenance => C:\Program Files\TuneUp Utilities 2008\OneClick.exe
Task: {F23D75B0-BB65-421A-B4DA-BC4DF0B8FF32} - System32\Tasks\{CAA9F683-3D49-4898-9F94-08E3FEFB562F} => Iexplore.exe http://www.google.com/chrome/intl/cs/eula_text.html
Task: {F6BA35A2-FDAD-48AE-9523-782FAFDE9320} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2008\OneClick.exe

==================== Loaded Modules (whitelisted) =============

Re: Poprosím o preventivku

Napsal: 15 led 2015 23:58
od altrok
  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\MountPoints2: {8474314a-6211-11dc-8653-0019db674436} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

2015-01-15 23:46 - 2015-01-15 23:46 - 00012897 _____ () C:\Users\Pavel Kratochvíl\Desktop\FRST.txt
2015-01-15 09:21 - 2015-01-15 09:25 - 00000000 ____D () C:\AdwCleaner
2015-01-15 09:20 - 2015-01-15 09:20 - 02191360 _____ () C:\Users\Pavel Kratochvíl\Downloads\adwcleaner_4.107.exe

CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{0482DDE0-7817-11CF-8A03-00AA006ECB65}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{05589F80-C356-11CE-BF01-00AA0055595A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{17CCA71B-ECD7-11D0-B908-00A0C9223196}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{1A8766A0-62CE-11CF-A5D6-28DB04C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{1E651CC0-B199-11D0-8212-00C04FC32C45}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{266EEE40-6C63-11CF-8A03-00AA006ECB65}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{2BC0DA0E-F1BC-43AB-B4B5-738EB6B51E7E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33156164-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33156168-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{3315616E-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33D9A762-90C8-11D0-BD43-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4315D437-5B8C-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{505C2E67-8615-4CA9-9B57-48CF6EE696FD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{5BB4BE4A-09B3-4689-BB4B-6F33E1E82797}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{5D3B23E1-8235-4D54-9059-18C9F08242DB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{632B606A-BBC6-11D2-A329-006097C4E476}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{71F96460-78F3-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{71F96462-78F3-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{7D8AA343-6E63-4663-BE90-6B80F66540A3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{860BB310-5D01-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{8D52AA2E-40BE-46D7-8F36-DB7B0F636824}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{8E849609-C7E8-4EC7-8BD3-D55E871A340D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{A5AC04E7-3E13-48CE-A43F-9FBA59DB1544}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{AB37E6C0-194D-4C33-A924-5178414DEB98}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{AB406AAC-2B2B-11D3-B36B-00C04F6108FF}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B87BEB7B-8D29-423F-AE4D-6582C10175AC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{BF87B6E1-8C27-11D0-B3F0-00AA003761C5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C1AB3D89-6973-45A6-AA44-09CEBBF872E5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C3043B13-E649-436A-9CE7-8DA8CB0BF7C8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13344-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13350-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13360-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CC58E280-8AA1-11D1-B3F1-00AA003761C5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CDA42200-BD88-11D0-BD4E-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E0-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E1-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E3-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E05592E4-C0B5-11D0-A439-00A0C9223196}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E297AB5E-40B0-41BD-9E06-E4144084EE5F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E30629D2-27E5-11CE-875D-00608CB78066}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path

Task: {49396D88-8CCA-4A1D-9B5F-E3470595B6C3} - System32\Tasks\{0DBE2BFD-5C70-41ED-B32E-82159D164E20} => pcalua.exe -a E:\Install.exe -d E:\
Task: {E3C11D82-3E41-432F-9727-1373C1F8322F} - System32\Tasks\1-Click Maintenance => C:\Program Files\TuneUp Utilities 2008\OneClick.exe
Task: C:\Windows\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2008\OneClick.exe
Hosts:
EmptyTemp:
End

Re: Poprosím o preventivku

Napsal: 16 led 2015 00:22
od JohnnieM
Zde to je, spíte někdy?



Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-01-2015 01
Ran by Pavel Kratochvíl at 2015-01-16 00:20:55 Run:1
Running from C:\Users\Pavel Kratochvíl\Desktop
Loaded Profiles: Pavel Kratochvíl (Available profiles: Pavel Kratochvíl & UpdatusUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2018361405-115618740-1659238763-1000\...\MountPoints2: {8474314a-6211-11dc-8653-0019db674436} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

2015-01-15 23:46 - 2015-01-15 23:46 - 00012897 _____ () C:\Users\Pavel Kratochvíl\Desktop\FRST.txt
2015-01-15 09:21 - 2015-01-15 09:25 - 00000000 ____D () C:\AdwCleaner
2015-01-15 09:20 - 2015-01-15 09:20 - 02191360 _____ () C:\Users\Pavel Kratochvíl\Downloads\adwcleaner_4.107.exe

CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{0482DDE0-7817-11CF-8A03-00AA006ECB65}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{05589F80-C356-11CE-BF01-00AA0055595A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{17CCA71B-ECD7-11D0-B908-00A0C9223196}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{1A8766A0-62CE-11CF-A5D6-28DB04C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{1E651CC0-B199-11D0-8212-00C04FC32C45}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{266EEE40-6C63-11CF-8A03-00AA006ECB65}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{2BC0DA0E-F1BC-43AB-B4B5-738EB6B51E7E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33156164-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33156168-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{3315616E-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33D9A762-90C8-11D0-BD43-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4315D437-5B8C-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{505C2E67-8615-4CA9-9B57-48CF6EE696FD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{5BB4BE4A-09B3-4689-BB4B-6F33E1E82797}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{5D3B23E1-8235-4D54-9059-18C9F08242DB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{632B606A-BBC6-11D2-A329-006097C4E476}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{71F96460-78F3-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{71F96462-78F3-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{7D8AA343-6E63-4663-BE90-6B80F66540A3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{860BB310-5D01-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{8D52AA2E-40BE-46D7-8F36-DB7B0F636824}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{8E849609-C7E8-4EC7-8BD3-D55E871A340D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{A5AC04E7-3E13-48CE-A43F-9FBA59DB1544}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{AB37E6C0-194D-4C33-A924-5178414DEB98}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{AB406AAC-2B2B-11D3-B36B-00C04F6108FF}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B87BEB7B-8D29-423F-AE4D-6582C10175AC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{BF87B6E1-8C27-11D0-B3F0-00AA003761C5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C1AB3D89-6973-45A6-AA44-09CEBBF872E5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C3043B13-E649-436A-9CE7-8DA8CB0BF7C8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13344-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13350-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13360-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CC58E280-8AA1-11D1-B3F1-00AA003761C5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CDA42200-BD88-11D0-BD4E-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E0-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E1-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E3-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E05592E4-C0B5-11D0-A439-00A0C9223196}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E297AB5E-40B0-41BD-9E06-E4144084EE5F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E30629D2-27E5-11CE-875D-00608CB78066}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path

Task: {49396D88-8CCA-4A1D-9B5F-E3470595B6C3} - System32\Tasks\{0DBE2BFD-5C70-41ED-B32E-82159D164E20} => pcalua.exe -a E:\Install.exe -d E:\
Task: {E3C11D82-3E41-432F-9727-1373C1F8322F} - System32\Tasks\1-Click Maintenance => C:\Program Files\TuneUp Utilities 2008\OneClick.exe
Task: C:\Windows\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2008\OneClick.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8474314a-6211-11dc-8653-0019db674436}" => Key deleted successfully.
HKCR\CLSID\{8474314a-6211-11dc-8653-0019db674436} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
blbdrive => Service deleted successfully.
GMSIPCI => Service deleted successfully.
IpInIp => Service deleted successfully.
LMIInfo => Service deleted successfully.
LMIRfsClientNP => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
C:\Users\Pavel Kratochvíl\Desktop\FRST.txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Pavel Kratochvíl\Downloads\adwcleaner_4.107.exe => Moved successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{0482DDE0-7817-11CF-8A03-00AA006ECB65}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{05589F80-C356-11CE-BF01-00AA0055595A}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{17CCA71B-ECD7-11D0-B908-00A0C9223196}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{1A8766A0-62CE-11CF-A5D6-28DB04C10000}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{1E651CC0-B199-11D0-8212-00C04FC32C45}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{266EEE40-6C63-11CF-8A03-00AA006ECB65}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{2BC0DA0E-F1BC-43AB-B4B5-738EB6B51E7E}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33156164-81D6-11D3-8006-00C04FA30A73}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33156168-81D6-11D3-8006-00C04FA30A73}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{3315616E-81D6-11D3-8006-00C04FA30A73}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{33D9A762-90C8-11D0-BD43-00A0C911CE86}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4315D437-5B8C-11D0-BD3B-00A0C911CE86}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{505C2E67-8615-4CA9-9B57-48CF6EE696FD}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{5BB4BE4A-09B3-4689-BB4B-6F33E1E82797}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{5D3B23E1-8235-4D54-9059-18C9F08242DB}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{632B606A-BBC6-11D2-A329-006097C4E476}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{71F96460-78F3-11D0-A18C-00A0C9118956}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{71F96462-78F3-11D0-A18C-00A0C9118956}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{7D8AA343-6E63-4663-BE90-6B80F66540A3}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{860BB310-5D01-11D0-BD3B-00A0C911CE86}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{8D52AA2E-40BE-46D7-8F36-DB7B0F636824}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{8E849609-C7E8-4EC7-8BD3-D55E871A340D}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{A5AC04E7-3E13-48CE-A43F-9FBA59DB1544}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{AB37E6C0-194D-4C33-A924-5178414DEB98}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{AB406AAC-2B2B-11D3-B36B-00C04F6108FF}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B87BEB7B-8D29-423F-AE4D-6582C10175AC}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{BF87B6E1-8C27-11D0-B3F0-00AA003761C5}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C1AB3D89-6973-45A6-AA44-09CEBBF872E5}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C3043B13-E649-436A-9CE7-8DA8CB0BF7C8}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13344-30AC-11D0-A18C-00A0C9118956}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13350-30AC-11D0-A18C-00A0C9118956}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C6E13360-30AC-11D0-A18C-00A0C9118956}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CC58E280-8AA1-11D1-B3F1-00AA003761C5}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CDA42200-BD88-11D0-BD4E-00A0C911CE86}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E0-F91C-4109-AE46-1EAA5CD8AB08}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E1-F91C-4109-AE46-1EAA5CD8AB08}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{DF0AD8E3-F91C-4109-AE46-1EAA5CD8AB08}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E05592E4-C0B5-11D0-A439-00A0C9223196}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E297AB5E-40B0-41BD-9E06-E4144084EE5F}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E30629D2-27E5-11CE-875D-00608CB78066}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}" => Key deleted successfully.
"HKU\S-1-5-21-2018361405-115618740-1659238763-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49396D88-8CCA-4A1D-9B5F-E3470595B6C3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49396D88-8CCA-4A1D-9B5F-E3470595B6C3}" => Key deleted successfully.
C:\Windows\System32\Tasks\{0DBE2BFD-5C70-41ED-B32E-82159D164E20} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0DBE2BFD-5C70-41ED-B32E-82159D164E20}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3C11D82-3E41-432F-9727-1373C1F8322F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3C11D82-3E41-432F-9727-1373C1F8322F}" => Key deleted successfully.
C:\Windows\System32\Tasks\1-Click Maintenance => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1-Click Maintenance" => Key deleted successfully.
C:\Windows\Tasks\1-Click Maintenance.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 62.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog 00:21:13 ====

Re: Poprosím o preventivku

Napsal: 16 led 2015 00:36
od altrok
:arrow: Ve zkouskovem mene, ale jo... :D

:arrow: Jak se pocitac chova ted? Nastalo nejake zlepseni?

Re: Poprosím o preventivku

Napsal: 16 led 2015 00:49
od JohnnieM
Tak to vám přeju hodně zdaru, ať se vám vše vydaří, nicméně počítač v průběhu čištění začal být svižnější a nyní je to o dost lepší. Mockráte děkuji, klobouk dolů, rád bych se k vám připojil, ale nedávám tomu moc šance. Vám ve zkouškovém držím palce.

Re: Poprosím o preventivku

Napsal: 16 led 2015 01:01
od altrok
Nemate zac, rad jsem pomohl a za prani dekuju :worship:

Jeste uklidime pouzite nastroje.
A pokud tedy nejsou dotazy ci jine problemy, je to z hlediska cisteni vse.

Forum si vychovava sve vlastni radce a pomocniky - mistni skolka. Pokud splnujete podminky, pro prijeti, nic Vam nebrani v ceste zacit s haveti bojovat ;)
http://forum.viry.cz/viewtopic.php?f=12&t=43122
http://forum.viry.cz/viewtopic.php?f=12&t=116819

Re: Poprosím o preventivku

Napsal: 16 led 2015 01:43
od JohnnieM
Ano, ještě bych měl jeden log na kontrolu, jde o jiný stroj, s předchozím nesouvisí




Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Jirka (administrator) on JIRKA-PC on 16-01-2015 01:34:32
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available profiles: Jirka)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(BitTorrent Inc.) C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe
(QIP.ru) C:\Users\Jirka\AppData\Roaming\QipGuard\QipGuard.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(KYE) C:\Program Files (x86)\Genius\Manticore\MTHid.exe
() C:\Program Files (x86)\Genius\Maurus X\mousehid.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(APN LLC.) C:\Users\Jirka\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
(APN LLC.) C:\Users\Jirka\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
() C:\Program Files (x86)\Genius\Maurus X\trayicon.exe
(forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2763776 2009-10-28] (VIA)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-08] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Genius\Manticore\MThid.exe [293376 2013-10-29] (KYE)
HKLM-x32\...\Run: [Maurus X] => C:\Program Files (x86)\Genius\Maurus X\mousehid.exe [309248 2013-01-25] ()
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2039192 2014-11-21] (APN)
HKU\S-1-5-21-944241523-2248144938-686439-1001\...\Run: [uTorrent] => C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe [1331792 2014-07-11] (BitTorrent Inc.)
HKU\S-1-5-21-944241523-2248144938-686439-1001\...\Run: [QIP Internet Guardian] => C:\Users\Jirka\AppData\Roaming\QipGuard\QipGuard.exe [436720 2014-06-23] (QIP.ru)
HKU\S-1-5-21-944241523-2248144938-686439-1001\...\MountPoints2: {46db0fe8-24fe-11e4-9ad1-bcaec554d10e} - G:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-944241523-2248144938-686439-1001\...\MountPoints2: {aa38687b-9af2-11e4-b6ed-bcaec554d10e} - I:\LG_PC_Programs.exe
HKU\S-1-5-21-944241523-2248144938-686439-1001\...\MountPoints2: {dc32c87b-2cdc-11e4-bfac-bcaec554d10e} - H:\VZW_Software_upgrade_assistant.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-944241523-2248144938-686439-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=SGT-SP& ... psv=&pt=tb
SearchScopes: HKU\S-1-5-21-944241523-2248144938-686439-1001 -> {BBBAD530-6952-46D3-AAF2-7BDC9BE4577E} URL = http://www.search.ask.com/web?tpid=SGT- ... psv=&pt=tb
BHO: Search App by Ask -> {5347542D-5350-006A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-SP\Passport_x64.dll (APN LLC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Search App by Ask -> {5347542D-5350-006A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-SP\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Search App by Ask - {5347542D-5350-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-SP\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Search App by Ask - {5347542D-5350-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-SP\Passport.dll (APN LLC.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\zzyy9cfa.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Extension: Adblock Plus - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\zzyy9cfa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-13]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-11-21] (APN LLC.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-30] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-30] (Avast Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-06-08] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-30] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-30] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [114080 2009-07-06] (REALTEK SEMICONDUCTOR Corp.)
R3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [38944 2009-07-06] (REALTEK SEMICONDUCTOR Corp.)
R3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [42912 2009-07-13] (Realtek)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-30] (Avast Software)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 01:34 - 2015-01-16 01:34 - 00014269 _____ () C:\Users\Jirka\Desktop\FRST.txt
2015-01-16 01:34 - 2015-01-16 01:34 - 00000000 ____D () C:\FRST
2015-01-16 01:32 - 2015-01-16 01:32 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe
2015-01-16 01:30 - 2015-01-16 01:30 - 02125312 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2015-01-15 18:59 - 2015-01-15 18:59 - 00000197 _____ () C:\Windows\system32\2015-01-15-17-59-12.035-AvastVBoxSVC.exe-2376.log
2015-01-15 10:30 - 2015-01-15 10:30 - 00002126 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-01-15 10:30 - 2015-01-15 10:30 - 00002114 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-01-14 23:40 - 2015-01-14 23:40 - 00000197 _____ () C:\Windows\system32\2015-01-14-22-40-18.001-AvastVBoxSVC.exe-2612.log
2015-01-14 23:30 - 2014-12-19 04:30 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 23:30 - 2014-12-19 04:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
2015-01-14 23:30 - 2014-12-12 07:07 - 05553080 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 23:30 - 2014-12-12 07:07 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-01-14 23:30 - 2014-12-12 07:05 - 00617384 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-01-14 23:30 - 2014-12-12 06:45 - 03977656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 23:30 - 2014-12-12 06:45 - 03921848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 23:30 - 2014-12-06 05:31 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 23:30 - 2014-12-06 05:31 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 23:30 - 2014-12-06 05:18 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 23:30 - 2014-12-06 05:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 23:30 - 2014-10-29 03:16 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-01-14 23:29 - 2014-12-19 04:30 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-01-14 23:29 - 2014-12-19 04:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-01-14 23:29 - 2014-12-19 04:03 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-01-14 23:29 - 2014-12-19 04:03 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-01-14 23:29 - 2014-12-19 02:53 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 23:29 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:18 - 2015-01-14 16:18 - 00000197 _____ () C:\Windows\system32\2015-01-14-15-18-45.049-AvastVBoxSVC.exe-3348.log
2015-01-13 11:27 - 2015-01-13 11:27 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2015-01-13 11:21 - 2015-01-13 11:22 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jirka\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-13 10:38 - 2015-01-13 11:15 - 00000000 ____D () C:\Users\Jirka\Downloads\Knights_of_the_Old_Republic_v1.0_www.revdl.com
2015-01-13 08:09 - 2015-01-13 08:09 - 00000197 _____ () C:\Windows\system32\2015-01-13-07-09-36.037-AvastVBoxSVC.exe-3876.log
2015-01-12 17:52 - 2015-01-12 17:53 - 00000197 _____ () C:\Windows\system32\2015-01-12-16-52-58.082-AvastVBoxSVC.exe-5636.log
2015-01-12 17:07 - 2015-01-12 17:07 - 00000197 _____ () C:\Windows\system32\2015-01-12-16-07-08.097-AvastVBoxSVC.exe-2428.log
2015-01-12 08:19 - 2015-01-12 08:19 - 00000197 _____ () C:\Windows\system32\2015-01-12-07-19-32.082-AvastVBoxSVC.exe-4252.log
2015-01-11 08:55 - 2015-01-11 08:55 - 00000197 _____ () C:\Windows\system32\2015-01-11-07-55-20.090-AvastVBoxSVC.exe-2060.log
2015-01-10 15:49 - 2015-01-10 15:49 - 00000197 _____ () C:\Windows\system32\2015-01-10-14-49-48.029-AvastVBoxSVC.exe-3116.log
2015-01-10 08:23 - 2015-01-10 08:23 - 00000197 _____ () C:\Windows\system32\2015-01-10-07-23-05.001-AvastVBoxSVC.exe-3160.log
2015-01-08 18:11 - 2015-01-08 18:11 - 00000197 _____ () C:\Windows\system32\2015-01-08-17-11-12.034-AvastVBoxSVC.exe-3244.log
2015-01-04 10:53 - 2015-01-04 10:53 - 00000000 ____D () C:\Program Files\Recuva
2015-01-04 08:47 - 2015-01-04 08:47 - 00000197 _____ () C:\Windows\system32\2015-01-04-07-47-46.013-AvastVBoxSVC.exe-3044.log
2015-01-03 10:02 - 2015-01-03 10:02 - 00000197 _____ () C:\Windows\system32\2015-01-03-09-02-29.016-AvastVBoxSVC.exe-4564.log
2015-01-03 09:54 - 2015-01-16 01:18 - 00012612 _____ () C:\Windows\setupact.log
2015-01-03 09:54 - 2015-01-03 09:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-03 09:32 - 2015-01-03 09:32 - 00081148 _____ () C:\Users\Public\Documents\cc_20150103_093206.reg
2015-01-03 09:32 - 2015-01-03 09:32 - 00001814 _____ () C:\Users\Public\Documents\cc_20150103_093232_1.reg
2015-01-02 18:34 - 2015-01-02 18:34 - 00000197 _____ () C:\Windows\system32\2015-01-02-17-34-03.099-AvastVBoxSVC.exe-2396.log
2015-01-02 08:27 - 2015-01-02 08:27 - 00000197 _____ () C:\Windows\system32\2015-01-02-07-27-41.031-AvastVBoxSVC.exe-5616.log
2015-01-01 22:10 - 2015-01-11 17:09 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\TS3Client
2015-01-01 22:10 - 2015-01-01 22:10 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-01-01 14:19 - 2015-01-01 14:19 - 00000197 _____ () C:\Windows\system32\2015-01-01-13-19-56.070-AvastVBoxSVC.exe-4268.log
2014-12-30 07:55 - 2014-12-30 07:55 - 00000197 _____ () C:\Windows\system32\2014-12-30-06-55-35.087-AvastVBoxSVC.exe-3128.log
2014-12-29 20:21 - 2014-12-29 20:21 - 00000197 _____ () C:\Windows\system32\2014-12-29-19-21-30.020-AvastVBoxSVC.exe-3188.log
2014-12-29 14:06 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-29 14:04 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-29 14:04 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-29 14:04 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-29 14:04 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-29 14:04 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-29 14:04 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-12-29 12:07 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-29 12:07 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-29 09:05 - 2014-12-29 09:05 - 00000197 _____ () C:\Windows\system32\2014-12-29-08-05-10.084-AvastVBoxSVC.exe-4108.log
2014-12-28 18:32 - 2014-12-28 18:32 - 00000197 _____ () C:\Windows\system32\2014-12-28-17-32-48.070-AvastVBoxSVC.exe-3952.log
2014-12-26 22:01 - 2014-12-26 22:01 - 00000197 _____ () C:\Windows\system32\2014-12-26-21-01-48.028-AvastVBoxSVC.exe-5500.log
2014-12-26 09:27 - 2014-12-26 09:27 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\StarDrive
2014-12-26 09:25 - 2014-12-26 09:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-12-26 08:40 - 2014-12-26 08:40 - 00000197 _____ () C:\Windows\system32\2014-12-26-07-40-28.094-AvastVBoxSVC.exe-3108.log
2014-12-25 08:33 - 2014-12-25 08:33 - 00000197 _____ () C:\Windows\system32\2014-12-25-07-33-40.018-AvastVBoxSVC.exe-3312.log
2014-12-23 19:24 - 2014-12-23 19:24 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-24-40.078-AvastVBoxSVC.exe-2372.log
2014-12-23 19:03 - 2014-12-23 19:03 - 00001079 _____ () C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
2014-12-23 19:03 - 2014-12-23 19:03 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-23 09:28 - 2014-12-23 09:29 - 00000000 ____D () C:\Users\Jirka\AppData\Local\BladesOfTime
2014-12-23 08:44 - 2014-12-23 08:46 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Urban Trial Freestyle
2014-12-22 15:28 - 2014-12-22 15:28 - 00000000 ____D () C:\Users\Jirka\Documents\Gamepires
2014-12-22 08:13 - 2015-01-10 15:49 - 00000000 ____D () C:\Users\Jirka\Desktop\Systémové
2014-12-22 08:13 - 2015-01-02 14:36 - 00000000 ____D () C:\Users\Jirka\Desktop\Komunikace
2014-12-22 08:11 - 2014-12-22 08:13 - 00000000 ____D () C:\Users\Jirka\Desktop\AUDIO-VIDEO
2014-12-22 08:10 - 2014-12-22 08:16 - 00000000 ____D () C:\Users\Jirka\Desktop\HRY
2014-12-22 06:59 - 2014-12-22 06:59 - 00000197 _____ () C:\Windows\system32\2014-12-22-05-59-46.028-AvastVBoxSVC.exe-2436.log
2014-12-21 09:02 - 2014-12-21 09:02 - 00000197 _____ () C:\Windows\system32\2014-12-21-08-02-48.018-AvastVBoxSVC.exe-4220.log
2014-12-20 19:31 - 2014-12-20 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vietcong
2014-12-20 19:31 - 2014-12-20 19:31 - 00000000 ____D () C:\Program Files (x86)\Cenega Czech
2014-12-20 18:50 - 2015-01-10 20:51 - 00000000 ____D () C:\Users\Jirka\Documents\ManiaPlanet
2014-12-20 18:50 - 2015-01-10 20:27 - 00000000 ____D () C:\ProgramData\ManiaPlanet
2014-12-20 18:50 - 2014-12-20 18:50 - 00000000 ____D () C:\Program Files (x86)\ManiaPlanet
2014-12-20 16:15 - 2014-12-20 16:15 - 00000000 __SHD () C:\Windows\ftpcache
2014-12-20 12:24 - 2014-12-20 12:25 - 00000000 ____D () C:\Games
2014-12-20 10:05 - 2014-12-20 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament G.O.T.Y. Edition
2014-12-20 10:03 - 2014-12-20 10:28 - 00000000 ____D () C:\UnrealTournament
2014-12-20 09:20 - 2014-12-20 09:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-12-20 09:17 - 2014-12-20 09:17 - 00000197 _____ () C:\Windows\system32\2014-12-20-08-17-56.088-AvastVBoxSVC.exe-3412.log
2014-12-19 23:16 - 2014-12-19 23:16 - 00003234 _____ () C:\Windows\System32\Tasks\{4562DD8E-5AB1-4DBC-A76B-1A767D14A0D8}
2014-12-19 21:05 - 2014-12-22 15:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-19 20:00 - 2014-12-19 21:51 - 00000000 ____D () C:\Program Files (x86)\Warcraft3 Frozen trone
2014-12-19 19:54 - 2014-12-19 23:16 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-12-19 17:15 - 2014-12-19 17:15 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serious Sam 2 Patch 2.066.00
2014-12-19 17:14 - 2014-12-19 17:16 - 00000000 ____D () C:\Program Files (x86)\Serious Sam 2
2014-12-19 17:14 - 2014-12-19 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serious Sam 2
2014-12-19 17:14 - 2014-12-19 17:14 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serious Sam 2
2014-12-19 16:27 - 2014-12-20 18:50 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-19 16:25 - 2014-12-20 16:24 - 00000331 _____ () C:\Windows\game.ini
2014-12-19 16:25 - 2014-12-20 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2014-12-19 16:23 - 2014-12-20 16:17 - 00000000 ____D () C:\Program Files (x86)\Activision
2014-12-19 16:20 - 2014-12-19 16:20 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\PowerISO
2014-12-19 16:19 - 2014-12-19 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-12-19 16:19 - 2014-12-19 16:19 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-12-19 16:19 - 2013-10-23 15:11 - 00129944 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2014-12-19 14:55 - 2014-12-19 14:55 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-12-19 14:54 - 2014-12-20 10:05 - 00000000 ____D () C:\Counter-Strike 1.6
2014-12-19 08:11 - 2014-12-19 08:11 - 00000197 _____ () C:\Windows\system32\2014-12-19-07-11-29.004-AvastVBoxSVC.exe-3672.log
2014-12-18 17:48 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 17:48 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 08:11 - 2014-12-18 08:11 - 00000197 _____ () C:\Windows\system32\2014-12-18-07-11-04.048-AvastVBoxSVC.exe-3448.log
2014-12-17 18:36 - 2014-12-26 10:50 - 00000000 ____D () C:\Users\Jirka\Desktop\Steam
2014-12-17 18:05 - 2014-12-17 18:05 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Wooky_s.r.o
2014-12-17 17:57 - 2014-12-17 18:08 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Mobilbonus

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 01:34 - 2014-08-13 19:16 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\uTorrent
2015-01-16 01:17 - 2014-08-13 17:42 - 01349363 _____ () C:\Windows\WindowsUpdate.log
2015-01-16 00:47 - 2014-08-13 19:15 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 19:04 - 2009-07-14 05:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 19:04 - 2009-07-14 05:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 18:56 - 2014-10-07 18:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-15 18:56 - 2014-08-13 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 18:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 18:52 - 2014-09-10 17:05 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\ViberPC
2015-01-15 18:52 - 2014-09-10 17:03 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Viber
2015-01-15 10:30 - 2014-09-20 18:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-15 09:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-14 23:40 - 2014-09-26 17:03 - 00000000 ____D () C:\Users\Jirka\AppData\Local\CrashDumps
2015-01-14 23:34 - 2014-08-13 18:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 23:31 - 2014-08-13 18:52 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 16:17 - 2014-08-13 19:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-13 19:51 - 2014-08-13 19:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 19:51 - 2014-08-13 19:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 19:51 - 2014-08-13 19:15 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-13 11:26 - 2010-11-21 10:27 - 00668138 _____ () C:\Windows\system32\perfh005.dat
2015-01-13 11:26 - 2010-11-21 10:27 - 00140798 _____ () C:\Windows\system32\perfc005.dat
2015-01-13 11:26 - 2009-07-14 06:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-12 03:05 - 2014-08-14 19:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-10 17:39 - 2014-08-15 13:45 - 00000000 ____D () C:\Program Files (x86)\StepMania
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-03 10:02 - 2014-08-14 16:40 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Adobe
2015-01-03 09:31 - 2014-09-30 17:05 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Sony
2015-01-03 09:29 - 2014-08-13 19:05 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-02 18:21 - 2014-08-16 19:26 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Skype
2014-12-29 14:07 - 2014-08-13 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-25 15:01 - 2014-08-13 18:04 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Adobe
2014-12-23 19:04 - 2014-08-13 18:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-23 19:03 - 2014-08-13 18:32 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-12-23 19:03 - 2014-08-13 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-23 19:03 - 2014-08-13 18:22 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-20 19:33 - 2014-09-14 17:34 - 00000000 ____D () C:\Hry
2014-12-20 18:42 - 2014-10-18 15:54 - 00000000 ____D () C:\Program Files (x86)\DOSBox-0.74
2014-12-20 10:02 - 2014-10-26 08:11 - 00000000 ____D () C:\Users\Jirka\Documents\Euro Truck Simulator 2
2014-12-20 09:14 - 2009-07-14 06:08 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-19 23:51 - 2014-11-19 18:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-19 23:51 - 2014-08-16 19:26 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 23:16 - 2014-10-11 13:51 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Ubisoft Game Launcher
2014-12-19 23:16 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-19 21:05 - 2014-12-15 12:14 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Ubisoft
2014-12-17 20:29 - 2014-08-13 19:28 - 00000000 ____D () C:\Windows\SysWOW64\directx

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 09:04




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.76 GB) (Free:57.95 GB) NTFS
Drive d: () (Fixed) (Total:698.64 GB) (Free:209.4 GB) NTFS
Drive e: () (Fixed) (Total:297.99 GB) (Free:123.75 GB) NTFS

Available physical RAM: 6233.61 MB
Total physical RAM: 8191.18 MB
Percentage of memory in use: 23%

==================== MBR and Partition Table ==================

at System.Windows.Interop.HwndTarget.OnResize()
at System.Windows.Interop.HwndTarget.OnResize()
Disk: 0 (Size: 465.8 GB) (Disk ID: 27E06331)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 698.6 GB) (Disk ID: 41629760)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 572BA418)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jirka\Desktop" je 10 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Poprosím o preventivku

Napsal: 16 led 2015 01:51
od altrok
Tady se prvne zeptam, zda je OS legalni?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz