Zdravím, prosím o preventivní kontrolu. Nedávno jsem likvidoval Webssearches a myslím, že úspěšně. Přesto se poradím zde s Vámi.
Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-02-2015
Ran by Filip (administrator) on A*******8 on 14-02-2015 18:34:36
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available profiles: Filip & BawnJorno)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUS) D:\Programy\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) D:\Programy\AVAST Software\Avast\AvastSvc.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\HControl.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
() D:\Programy\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) D:\Programy\P4G\BatteryLife.exe
() C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) D:\Programy\VM Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\WDC.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) D:\Programy\ASUS\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) D:\Programy\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nullsoft, Inc.) D:\Programy\Winamp\winamp.exe
(ICQ, LLC.) D:\Programy\ICQ\ICQ7M\ICQ.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [498560 2012-10-18] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1474560 2009-07-13] (VIA)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [233472 2012-10-18] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [HControlUser] => D:\Programy\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ATKMEDIA] => D:\Programy\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [AvastUI.exe] => D:\Programy\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_235_ActiveX.exe [959152 2014-12-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\...\MountPoints2: {a4f5aeec-1bb9-11e2-89aa-000272a5055c} - F:\SETUP.EXE
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicyUsers\S-1-5-21-824961693-2448940056-4209506155-1117\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-824961693-2448940056-4209506155-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: No Name -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - No File
Winsock: Catalog9 12 C:\Windows\system32\vsocklib.dll [63128] (VMware, Inc.)
Winsock: Catalog9 13 C:\Windows\system32\vsocklib.dll [63128] (VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Programy\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Programy\AVAST Software\Avast\WebRep\FF [2012-10-20]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-18]
CHR Extension: (Adblock Plus) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-18]
CHR Extension: (Half-Techno) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpmnpmnlnodmclaalngaooeannghlnmh [2013-01-19]
CHR Extension: (AdBlock) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-28]
CHR Extension: (Avast Online Security) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-12]
CHR Extension: (Peněženka Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-18]
CHR HKLM\...\Chrome\Extension: [fjpdnoojnohifgekbkmnfbiobhcbedka] - C:\Program Files\outobox\fjpdnoojnohifgekbkmnfbiobhcbedka.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 ASLDRService; D:\Programy\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 avast! Antivirus; D:\Programy\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software)
R2 HPSLPSVC; C:\Users\Filip\AppData\Local\Temp\7zS219C\hpslpsvc32.dll [701288 2012-08-27] (Hewlett-Packard Co.)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-05-19] (Microsoft)
S3 Tenable Nessus; C:\Program Files\Tenable\Nessus\nessus-service.exe [17136 2014-06-11] (Tenable Network Security, Inc)
R2 VMAuthdService; D:\Programy\VM Player\vmware-authd.exe [87120 2013-02-26] (VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357456 2013-02-26] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [714832 2013-08-05] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [436304 2013-02-26] (VMware, Inc.)
R2 vmware-converter-agent; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479960 2014-10-03] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960 2014-10-03] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960 2014-10-03] (VMware, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2012-10-18] (Alcor Micro, Corp.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-12] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-11-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-12] ()
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
S3 bmdrvr; C:\Windows\System32\drivers\bmdrvr.sys [54992 2013-08-28] (VMware, Inc.)
S3 CV2K1; C:\Windows\System32\DRIVERS\cv2k1.sys [19560 2012-10-06] (TamoSoft)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-12-05] (DT Soft Ltd)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [94208 2012-10-18] (ELAN Microelectronic Corp.)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41936 2013-08-05] (VMware, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2012-10-18] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2013-09-06] ()
S3 TsVlb; C:\Windows\System32\DRIVERS\tsvlb.sys [20072 2012-10-06] (TamoSoft)
R1 TsVp; C:\Windows\System32\DRIVERS\tsvp.sys [23696 2012-10-06] (TamoSoft)
R3 TS_AR5416; C:\Windows\System32\DRIVERS\ts_athw.sys [1627496 2013-07-23] (TamoSoft)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1066496 2009-07-09] (VIA Technologies, Inc.)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [26064 2013-02-26] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2013-02-26] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2013-02-26] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-02-26] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-10-11] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [62416 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61464 2012-10-24] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-08-28] (VMware, Inc.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856 2009-06-10] (Microsoft Corporation)
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 PID_0928; system32\DRIVERS\LV561AV.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-14 18:34 - 2015-02-14 18:35 - 00017245 _____ () C:\Users\Filip\Desktop\FRST.txt
2015-02-14 18:34 - 2015-02-14 18:34 - 00000000 ____D () C:\FRST
2015-02-14 18:33 - 2015-02-14 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2015-02-14 18:25 - 2015-02-14 18:24 - 01125888 _____ (Farbar) C:\Users\Filip\Desktop\FRST.exe
2015-02-13 21:28 - 2012-08-23 15:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-13 21:28 - 2012-08-23 14:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-13 21:27 - 2012-08-23 15:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-13 21:27 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-02-13 21:27 - 2012-08-23 11:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-13 21:25 - 2013-10-02 01:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-02-13 21:25 - 2013-10-02 01:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-13 21:25 - 2013-10-02 01:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-13 21:25 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-02-13 21:25 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-02-13 21:25 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-02-13 21:25 - 2013-10-02 00:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-13 21:25 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-02-13 21:25 - 2013-10-02 00:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-13 21:25 - 2013-10-01 23:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-02-13 21:25 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-02-13 21:25 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-13 21:18 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-13 21:18 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-13 21:18 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-13 21:18 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-13 21:18 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-13 21:18 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-13 21:18 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-13 21:18 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-13 21:18 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-13 21:18 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-13 21:18 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 21:18 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-13 21:18 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-13 21:18 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-13 21:18 - 2015-01-12 02:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 21:18 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-13 21:18 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-13 21:18 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-13 21:18 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-13 21:18 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-13 21:18 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-13 21:18 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-13 21:18 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-13 21:18 - 2015-01-12 02:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 21:18 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-13 21:18 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-13 21:18 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-13 21:18 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-13 21:18 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-13 21:18 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 21:18 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 21:18 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-13 21:18 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 21:17 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-13 21:17 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-13 21:17 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-13 21:17 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-13 21:17 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-13 21:17 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-13 21:17 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-13 21:17 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-13 21:17 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-13 21:17 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-13 21:17 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-13 21:17 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-13 21:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-13 21:16 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-13 21:16 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-13 21:16 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-13 21:16 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 21:13 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-13 21:13 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 21:13 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-13 21:13 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-13 21:12 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 12:37 - 2012-09-18 15:26 - 00365568 _____ () C:\Windows\system32\ZSHP1020.EXE
2015-02-12 12:37 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\system32\ZLhp1020.DLL
2015-02-08 19:24 - 2015-02-14 18:03 - 00001008 _____ () C:\Windows\setupact.log
2015-02-08 19:24 - 2015-02-08 19:24 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-31 17:13 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-31 17:13 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-31 17:13 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-31 17:13 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-31 14:53 - 2015-01-31 14:53 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-25 14:53 - 2015-01-30 13:57 - 00000150 _____ () C:\Users\Filip\Desktop\wordpress.txt
2015-01-20 14:31 - 2015-01-20 14:36 - 00000000 ____D () C:\Users\Filip\Desktop\boty
2015-01-16 22:33 - 2015-01-16 22:42 - 00000205 _____ () C:\Users\Filip\Desktop\DPP.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-14 18:14 - 2012-10-18 17:51 - 00001413 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-14 18:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2015-02-14 17:58 - 2012-10-18 18:25 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-14 17:48 - 2014-12-22 22:23 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-14 17:20 - 2012-10-18 17:46 - 01189440 _____ () C:\Windows\WindowsUpdate.log
2015-02-14 15:59 - 2012-10-20 21:27 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\vlc
2015-02-14 14:00 - 2013-01-17 00:44 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\ICQ
2015-02-14 13:27 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-14 11:15 - 2012-10-18 18:02 - 01592672 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 09:35 - 2009-07-14 05:34 - 00016608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-14 09:35 - 2009-07-14 05:34 - 00016608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-14 09:28 - 2013-08-28 12:34 - 00000000 ____D () C:\ProgramData\VMware
2015-02-14 09:28 - 2012-10-18 18:25 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-14 09:27 - 2014-10-29 08:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-14 09:27 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 00:31 - 2009-07-14 05:33 - 00480552 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-14 00:31 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-13 21:35 - 2014-01-23 01:32 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 21:28 - 2013-01-26 17:55 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 09:53 - 2014-10-25 18:41 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\doublecmd
2015-02-10 19:50 - 2014-10-05 16:28 - 00000000 ____D () C:\Users\Filip\Desktop\bakalarky
2015-02-08 19:23 - 2014-11-01 22:52 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Free Download Manager
2015-02-07 23:12 - 2013-02-20 19:42 - 00000000 ____D () C:\Users\Filip\Documents\Visual Studio 2010
2015-02-07 22:28 - 2014-03-27 08:32 - 00001176 _____ () C:\Users\Filip\AppData\Local\MRDownloader.nast
2015-02-07 16:56 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-05 13:05 - 2013-07-02 18:28 - 00002048 ____H () C:\Users\Filip\Documents\Default.rdp
2015-02-03 22:01 - 2014-11-30 23:05 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\uTorrent
2015-02-03 14:03 - 2014-04-30 05:35 - 00009349 _____ () C:\Users\Filip\AppData\Local\MRDownloader.err
2015-02-02 12:41 - 2013-07-08 18:55 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Skype
2015-01-31 20:27 - 2014-10-30 09:58 - 00000000 ____D () C:\Users\Filip\Desktop\ostatní
2015-01-31 18:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-31 17:34 - 2012-10-24 15:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-31 17:20 - 2012-10-24 15:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-01-31 17:18 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-31 16:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2015-01-30 00:44 - 2015-01-14 20:36 - 00001043 _____ () C:\Users\Filip\Desktop\plank.txt
2015-01-28 15:52 - 2014-10-18 20:36 - 00000000 ____D () C:\Users\Filip\Desktop\stáž
2015-01-26 11:58 - 2013-02-15 23:41 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Orbit
2015-01-18 11:50 - 2013-08-28 12:37 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\VMware
2015-01-18 11:50 - 2013-08-28 12:37 - 00000000 ____D () C:\Users\Filip\AppData\Local\VMware
2015-01-16 16:24 - 2015-01-03 16:51 - 00000000 ____D () C:\Users\Filip\Desktop\moje fotky na vyvolani
==================== Files in the root of some directories =======
2014-11-13 09:20 - 2014-11-13 09:20 - 0000038 ___SH () C:\Users\Filip\AppData\Local\69ff07055291669bb2b218.72821112
2014-10-19 15:52 - 2014-10-19 15:52 - 0000001 _____ () C:\Users\Filip\AppData\Local\llftool.4.40.agreement
2014-04-30 05:35 - 2015-02-03 14:03 - 0009349 _____ () C:\Users\Filip\AppData\Local\MRDownloader.err
2014-11-23 01:36 - 2014-11-23 01:36 - 0000058 _____ () C:\Users\Filip\AppData\Local\MRDownloader.log
2014-03-27 08:32 - 2015-02-07 22:28 - 0001176 _____ () C:\Users\Filip\AppData\Local\MRDownloader.nast
2014-11-02 18:18 - 2014-11-12 01:41 - 0000600 _____ () C:\Users\Filip\AppData\Local\PUTTY.RND
2015-01-03 18:34 - 2015-01-03 18:34 - 0008761 _____ () C:\Users\Filip\AppData\Local\recently-used.xbel
2014-05-14 17:55 - 2014-10-18 23:53 - 0007604 _____ () C:\Users\Filip\AppData\Local\Resmon.ResmonCfg
2014-01-25 15:20 - 2014-04-01 09:01 - 0011598 _____ () C:\Users\Filip\AppData\Local\SRDownloader.err
2014-01-25 15:20 - 2014-04-01 09:01 - 0001088 _____ () C:\Users\Filip\AppData\Local\SRDownloader.nast
2013-06-16 11:42 - 2013-06-27 20:49 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\Filip\AppData\Local\Temp\Foxit Reader Updater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Filip\Desktop" je 472 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid
"D:\Programy\Logitech\Logitech Vid\vid.exe" -bootmode [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP
C:\Users\Filip\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Filip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Filip\AppData\Roaming\Dropbox\bin\Dropbox.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Filip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\Programy\\Orbitdownloader\\orbitdm.exe"="D:\\Programy\\Orbitdownloader\\orbitdm.exe:*:Enabled:Orbit"
"D:\\Programy\\Orbitdownloader\\orbitnet.exe"="D:\\Programy\\Orbitdownloader\\orbitnet.exe:*:Enabled:Orbit"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní - user: bawnjorno
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Preventivní - user: bawnjorno
- Přílohy
-
- logy-BawnJorno.zip
- (17.89 KiB) Staženo 40 x
Re: Preventivní - user: bawnjorno
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivní - user: bawnjorno
# AdwCleaner v4.110 - Logfile created 14/02/2015 at 19:25:07
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Filip - ANDROID-9305108
# Running from : C:\Users\Filip\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Filip\AppData\Local\apn
Folder Deleted : C:\Users\Filip\AppData\Local\Babylon
Folder Deleted : C:\Users\Filip\AppData\Roaming\ProgSense
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreshDevices\FreshDiagnose\Get Free Registration Code!!.lnk
Shortcut Disinfected : C:\Users\Filip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Orbit
Key Deleted : HKCU\Software\ProgSense
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Orbit
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Google Chrome v40.0.2214.111
*************************
AdwCleaner[R0].txt - [2202 bytes] - [14/02/2015 19:18:03]
AdwCleaner[S0].txt - [2552 bytes] - [14/02/2015 19:25:07]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2611 bytes] ##########
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Filip - ANDROID-9305108
# Running from : C:\Users\Filip\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Filip\AppData\Local\apn
Folder Deleted : C:\Users\Filip\AppData\Local\Babylon
Folder Deleted : C:\Users\Filip\AppData\Roaming\ProgSense
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreshDevices\FreshDiagnose\Get Free Registration Code!!.lnk
Shortcut Disinfected : C:\Users\Filip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Orbit
Key Deleted : HKCU\Software\ProgSense
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Orbit
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Google Chrome v40.0.2214.111
*************************
AdwCleaner[R0].txt - [2202 bytes] - [14/02/2015 19:18:03]
AdwCleaner[S0].txt - [2552 bytes] - [14/02/2015 19:25:07]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2611 bytes] ##########
Re: Preventivní - user: bawnjorno
Zoek.exe v5.0.0.0 Updated 13-February-2015
Tool run by Filip on so 14.02.2015 at 19:30:12,06.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Filip\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14.2.2015 19:32:03 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\chrome deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\Users\Filip\AppData\Roaming\Xilisoft deleted successfully
C:\Users\Filip\AppData\Local\CrashDumps deleted successfully
C:\Users\Filip\AppData\Local\ms-drivers deleted successfully
C:\Users\Filip\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\Splashtop deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Filip\AppData\Local\MRDownloader.log deleted
C:\Windows\wininit.ini deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Windows\System32\AI_RecycleBin deleted
C:\Users\Filip\Desktop\MRDownloader.exe deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="D:\Programy\AVAST Software\Avast\WebRep\FF" [30.01.2015 13:18]
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\BawnJorno\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Google Chrome Version: 40.0.2214.111 (Up to date, latest Stable version: 40.0.2214.111)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - D:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12.11.2014 09:52]
Half-Techno - Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpmnpmnlnodmclaalngaooeannghlnmh
AdBlock - Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Fix ======================
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.circuit-finder.com_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
==== Reset Google Chrome ======================
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray deleted successfully
==== Empty IE Cache ======================
C:\Users\BawnJorno\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=13 folders=22 31743058 bytes)
==== Empty Temp Folders ======================
C:\Users\BawnJorno\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Filip\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Filip\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 14.02.2015 at 20:02:50,87 ======================
Tool run by Filip on so 14.02.2015 at 19:30:12,06.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Filip\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14.2.2015 19:32:03 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\chrome deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\Users\Filip\AppData\Roaming\Xilisoft deleted successfully
C:\Users\Filip\AppData\Local\CrashDumps deleted successfully
C:\Users\Filip\AppData\Local\ms-drivers deleted successfully
C:\Users\Filip\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\Splashtop deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Filip\AppData\Local\MRDownloader.log deleted
C:\Windows\wininit.ini deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Windows\System32\AI_RecycleBin deleted
C:\Users\Filip\Desktop\MRDownloader.exe deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="D:\Programy\AVAST Software\Avast\WebRep\FF" [30.01.2015 13:18]
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\BawnJorno\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Google Chrome Version: 40.0.2214.111 (Up to date, latest Stable version: 40.0.2214.111)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - D:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12.11.2014 09:52]
Half-Techno - Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpmnpmnlnodmclaalngaooeannghlnmh
AdBlock - Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Fix ======================
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.circuit-finder.com_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
==== Reset Google Chrome ======================
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray deleted successfully
==== Empty IE Cache ======================
C:\Users\BawnJorno\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=13 folders=22 31743058 bytes)
==== Empty Temp Folders ======================
C:\Users\BawnJorno\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Filip\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Filip\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 14.02.2015 at 20:02:50,87 ======================
Re: Preventivní - user: bawnjorno
Dejte novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivní - user: bawnjorno
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-02-2015
Ran by Filip (administrator) on A*******8 on 14-02-2015 21:38:28
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available profiles: Filip & BawnJorno)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUS) D:\Programy\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) D:\Programy\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
() D:\Programy\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) D:\Programy\P4G\BatteryLife.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\HControl.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) D:\Programy\ASUS\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(AVAST Software) D:\Programy\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) D:\Programy\VM Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\ATKOSD.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Corporation) C:\Windows\System32\Dxpserver.exe
(ICQ) C:\Users\Filip\Downloads\icq_rfrset.exe
(forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [498560 2012-10-18] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1474560 2009-07-13] (VIA)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [233472 2012-10-18] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [HControlUser] => D:\Programy\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ATKMEDIA] => D:\Programy\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [AvastUI.exe] => D:\Programy\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\...\MountPoints2: {a4f5aeec-1bb9-11e2-89aa-000272a5055c} - F:\SETUP.EXE
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean.exeaswBoot.exe /M:4541ebbb3 /dir:"D:\Programy\AVAST Software\Avast"
GroupPolicyUsers\S-1-5-21-824961693-2448940056-4209506155-1117\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-824961693-2448940056-4209506155-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - No File
Winsock: Catalog9 12 C:\Windows\system32\vsocklib.dll [63128] (VMware, Inc.)
Winsock: Catalog9 13 C:\Windows\system32\vsocklib.dll [63128] (VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Programy\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Programy\AVAST Software\Avast\WebRep\FF [2012-10-20]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-14]
CHR Extension: (Dokumenty Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-14]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-18]
CHR Extension: (Adblock Plus) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-18]
CHR Extension: (Tabulky Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-14]
CHR Extension: (AdBlock) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-28]
CHR Extension: (Avast Online Security) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-12]
CHR Extension: (Peněženka Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-18]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 ASLDRService; D:\Programy\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 avast! Antivirus; D:\Programy\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software)
S2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-05-19] (Microsoft)
S3 Tenable Nessus; C:\Program Files\Tenable\Nessus\nessus-service.exe [17136 2014-06-11] (Tenable Network Security, Inc)
R2 VMAuthdService; D:\Programy\VM Player\vmware-authd.exe [87120 2013-02-26] (VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357456 2013-02-26] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [714832 2013-08-05] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [436304 2013-02-26] (VMware, Inc.)
R2 vmware-converter-agent; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479960 2014-10-03] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960 2014-10-03] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960 2014-10-03] (VMware, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\Filip\AppData\Local\Temp\7zS219C\hpslpsvc32.dll [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2012-10-18] (Alcor Micro, Corp.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-12] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-11-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-12] ()
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
S3 bmdrvr; C:\Windows\System32\drivers\bmdrvr.sys [54992 2013-08-28] (VMware, Inc.)
S3 CV2K1; C:\Windows\System32\DRIVERS\cv2k1.sys [19560 2012-10-06] (TamoSoft)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-12-05] (DT Soft Ltd)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [94208 2012-10-18] (ELAN Microelectronic Corp.)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41936 2013-08-05] (VMware, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2012-10-18] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2013-09-06] ()
S3 TsVlb; C:\Windows\System32\DRIVERS\tsvlb.sys [20072 2012-10-06] (TamoSoft)
R1 TsVp; C:\Windows\System32\DRIVERS\tsvp.sys [23696 2012-10-06] (TamoSoft)
S3 TS_AR5416; C:\Windows\System32\DRIVERS\ts_athw.sys [1627496 2013-07-23] (TamoSoft)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1066496 2009-07-09] (VIA Technologies, Inc.)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [26064 2013-02-26] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2013-02-26] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2013-02-26] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-02-26] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-10-11] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [62416 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61464 2012-10-24] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-08-28] (VMware, Inc.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856 2009-06-10] (Microsoft Corporation)
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 PID_0928; system32\DRIVERS\LV561AV.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-14 21:38 - 2015-02-14 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2015-02-14 20:44 - 2015-02-14 20:54 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\ICQM
2015-02-14 20:44 - 2015-02-14 20:47 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\ICQ-Profile
2015-02-14 20:44 - 2015-02-14 20:44 - 00001764 _____ () C:\Users\Filip\Desktop\ICQ.lnk
2015-02-14 20:44 - 2015-02-14 20:44 - 00001622 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2015-02-14 20:44 - 2015-02-14 20:44 - 00000000 ____D () C:\Users\Filip\voip
2015-02-14 20:44 - 2015-02-14 20:44 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-02-14 20:42 - 2015-02-14 20:43 - 37968904 _____ (ICQ) C:\Users\Filip\Downloads\icq_rfrset.exe
2015-02-14 20:14 - 2015-02-14 20:14 - 00008729 _____ () C:\Users\Filip\Desktop\zoek-results.txt
2015-02-14 20:00 - 2015-02-14 19:30 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-14 19:31 - 2015-02-14 20:02 - 00008729 _____ () C:\zoek-results.log
2015-02-14 19:30 - 2015-02-14 19:58 - 00000000 ____D () C:\zoek_backup
2015-02-14 19:30 - 2015-02-14 19:29 - 01304576 _____ () C:\Users\Filip\Desktop\zoek.exe
2015-02-14 19:28 - 2015-02-14 19:28 - 00002691 _____ () C:\Users\Filip\Desktop\AdwCleaner[S0].txt
2015-02-14 19:28 - 2015-02-14 19:28 - 00000428 _____ () C:\Users\Filip\Desktop\Bezdrátové připojení k síti – zástupce.lnk
2015-02-14 19:17 - 2015-02-14 19:25 - 00000000 ____D () C:\AdwCleaner
2015-02-14 19:17 - 2015-02-14 19:17 - 02112512 _____ () C:\Users\Filip\Desktop\adwcleaner_4.110.exe
2015-02-14 18:45 - 2015-02-14 18:45 - 00018321 _____ () C:\Users\Filip\Desktop\logy-BawnJorno.zip
2015-02-14 18:34 - 2015-02-14 21:38 - 00015985 _____ () C:\Users\Filip\Desktop\FRST.txt
2015-02-14 18:34 - 2015-02-14 21:38 - 00000000 ____D () C:\FRST
2015-02-14 18:25 - 2015-02-14 18:24 - 01125888 _____ (Farbar) C:\Users\Filip\Desktop\FRST.exe
2015-02-13 21:28 - 2012-08-23 15:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-13 21:28 - 2012-08-23 14:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-13 21:27 - 2012-08-23 15:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-13 21:27 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-02-13 21:27 - 2012-08-23 11:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-13 21:25 - 2013-10-02 01:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-02-13 21:25 - 2013-10-02 01:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-13 21:25 - 2013-10-02 01:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-13 21:25 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-02-13 21:25 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-02-13 21:25 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-02-13 21:25 - 2013-10-02 00:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-13 21:25 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-02-13 21:25 - 2013-10-02 00:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-13 21:25 - 2013-10-01 23:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-02-13 21:25 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-02-13 21:25 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-13 21:18 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-13 21:18 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-13 21:18 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-13 21:18 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-13 21:18 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-13 21:18 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-13 21:18 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-13 21:18 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-13 21:18 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-13 21:18 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-13 21:18 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 21:18 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-13 21:18 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-13 21:18 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-13 21:18 - 2015-01-12 02:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 21:18 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-13 21:18 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-13 21:18 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-13 21:18 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-13 21:18 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-13 21:18 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-13 21:18 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-13 21:18 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-13 21:18 - 2015-01-12 02:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 21:18 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-13 21:18 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-13 21:18 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-13 21:18 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-13 21:18 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-13 21:18 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 21:18 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 21:18 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-13 21:18 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 21:17 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-13 21:17 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-13 21:17 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-13 21:17 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-13 21:17 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-13 21:17 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-13 21:17 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-13 21:17 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-13 21:17 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-13 21:17 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-13 21:17 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-13 21:17 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-13 21:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-13 21:16 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-13 21:16 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-13 21:16 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-13 21:16 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 21:13 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-13 21:13 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 21:13 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-13 21:13 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-13 21:12 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 12:37 - 2012-09-18 15:26 - 00365568 _____ () C:\Windows\system32\ZSHP1020.EXE
2015-02-12 12:37 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\system32\ZLhp1020.DLL
2015-01-31 17:13 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-31 17:13 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-31 17:13 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-31 17:13 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-31 14:53 - 2015-01-31 14:53 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-25 14:53 - 2015-01-30 13:57 - 00000150 _____ () C:\Users\Filip\Desktop\wordpress.txt
2015-01-20 14:31 - 2015-01-20 14:36 - 00000000 ____D () C:\Users\Filip\Desktop\boty
2015-01-16 22:33 - 2015-01-16 22:42 - 00000205 _____ () C:\Users\Filip\Desktop\DPP.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-14 20:58 - 2012-10-18 18:25 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-14 20:48 - 2014-12-22 22:23 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-14 20:44 - 2013-01-17 00:44 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\ICQ
2015-02-14 20:44 - 2012-10-18 17:51 - 00000000 ____D () C:\Users\Filip
2015-02-14 20:10 - 2009-07-14 05:34 - 00016608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-14 20:10 - 2009-07-14 05:34 - 00016608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-14 20:06 - 2012-10-18 17:46 - 01196537 ____N () C:\Windows\WindowsUpdate.log
2015-02-14 20:03 - 2015-01-03 11:36 - 00000008 __RSH () C:\Users\Filip\ntuser.pol
2015-02-14 20:03 - 2013-08-28 12:34 - 00000000 ____D () C:\ProgramData\VMware
2015-02-14 20:02 - 2014-10-29 08:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-14 20:02 - 2012-10-18 18:25 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-14 20:02 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 19:58 - 2014-12-30 21:54 - 00000000 ____D () C:\Users\BawnJorno\AppData\Local\Google
2015-02-14 19:58 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-14 19:25 - 2012-10-18 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-14 18:14 - 2012-10-18 17:51 - 00001413 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-14 18:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2015-02-14 15:59 - 2012-10-20 21:27 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\vlc
2015-02-14 13:27 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-14 11:15 - 2012-10-18 18:02 - 01592672 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 00:31 - 2009-07-14 05:33 - 00480552 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-14 00:31 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-13 21:35 - 2014-01-23 01:32 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 21:28 - 2013-01-26 17:55 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 09:53 - 2014-10-25 18:41 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\doublecmd
2015-02-10 19:50 - 2014-10-05 16:28 - 00000000 ____D () C:\Users\Filip\Desktop\bakalarky
2015-02-08 19:23 - 2014-11-01 22:52 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Free Download Manager
2015-02-07 23:12 - 2013-02-20 19:42 - 00000000 ____D () C:\Users\Filip\Documents\Visual Studio 2010
2015-02-07 22:28 - 2014-03-27 08:32 - 00001176 _____ () C:\Users\Filip\AppData\Local\MRDownloader.nast
2015-02-07 16:56 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-05 13:05 - 2013-07-02 18:28 - 00002048 ____H () C:\Users\Filip\Documents\Default.rdp
2015-02-03 22:01 - 2014-11-30 23:05 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\uTorrent
2015-02-03 14:03 - 2014-04-30 05:35 - 00009349 _____ () C:\Users\Filip\AppData\Local\MRDownloader.err
2015-02-02 12:41 - 2013-07-08 18:55 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Skype
2015-01-31 20:27 - 2014-10-30 09:58 - 00000000 ____D () C:\Users\Filip\Desktop\ostatní
2015-01-31 18:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-31 17:34 - 2012-10-24 15:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-31 17:20 - 2012-10-24 15:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-01-31 17:18 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-31 16:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2015-01-30 00:44 - 2015-01-14 20:36 - 00001043 _____ () C:\Users\Filip\Desktop\plank.txt
2015-01-28 15:52 - 2014-10-18 20:36 - 00000000 ____D () C:\Users\Filip\Desktop\stáž
2015-01-26 11:58 - 2013-02-15 23:41 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Orbit
2015-01-18 11:50 - 2013-08-28 12:37 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\VMware
2015-01-18 11:50 - 2013-08-28 12:37 - 00000000 ____D () C:\Users\Filip\AppData\Local\VMware
2015-01-16 16:24 - 2015-01-03 16:51 - 00000000 ____D () C:\Users\Filip\Desktop\moje fotky na vyvolani
==================== Files in the root of some directories =======
2014-11-13 09:20 - 2014-11-13 09:20 - 0000038 ___SH () C:\Users\Filip\AppData\Local\69ff07055291669bb2b218.72821112
2014-10-19 15:52 - 2014-10-19 15:52 - 0000001 _____ () C:\Users\Filip\AppData\Local\llftool.4.40.agreement
2014-04-30 05:35 - 2015-02-03 14:03 - 0009349 _____ () C:\Users\Filip\AppData\Local\MRDownloader.err
2014-03-27 08:32 - 2015-02-07 22:28 - 0001176 _____ () C:\Users\Filip\AppData\Local\MRDownloader.nast
2014-11-02 18:18 - 2014-11-12 01:41 - 0000600 _____ () C:\Users\Filip\AppData\Local\PUTTY.RND
2015-01-03 18:34 - 2015-01-03 18:34 - 0008761 _____ () C:\Users\Filip\AppData\Local\recently-used.xbel
2014-05-14 17:55 - 2014-10-18 23:53 - 0007604 _____ () C:\Users\Filip\AppData\Local\Resmon.ResmonCfg
2014-01-25 15:20 - 2014-04-01 09:01 - 0011598 _____ () C:\Users\Filip\AppData\Local\SRDownloader.err
2014-01-25 15:20 - 2014-04-01 09:01 - 0001088 _____ () C:\Users\Filip\AppData\Local\SRDownloader.nast
2013-06-16 11:42 - 2013-06-27 20:49 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD}
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Filip\Desktop" je 474 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Filip\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Filip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Filip\AppData\Roaming\Dropbox\bin\Dropbox.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Filip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\Programy\\Orbitdownloader\\orbitdm.exe"="D:\\Programy\\Orbitdownloader\\orbitdm.exe:*:Enabled:Orbit"
"D:\\Programy\\Orbitdownloader\\orbitnet.exe"="D:\\Programy\\Orbitdownloader\\orbitnet.exe:*:Enabled:Orbit"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Filip (administrator) on A*******8 on 14-02-2015 21:38:28
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available profiles: Filip & BawnJorno)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUS) D:\Programy\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) D:\Programy\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
() D:\Programy\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) D:\Programy\P4G\BatteryLife.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\HControl.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) D:\Programy\ASUS\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(AVAST Software) D:\Programy\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) D:\Programy\VM Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\ATKOSD.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(ASUS) D:\Programy\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Corporation) C:\Windows\System32\Dxpserver.exe
(ICQ) C:\Users\Filip\Downloads\icq_rfrset.exe
(forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [498560 2012-10-18] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1474560 2009-07-13] (VIA)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [233472 2012-10-18] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [HControlUser] => D:\Programy\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ATKMEDIA] => D:\Programy\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [AvastUI.exe] => D:\Programy\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\...\MountPoints2: {a4f5aeec-1bb9-11e2-89aa-000272a5055c} - F:\SETUP.EXE
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean.exeaswBoot.exe /M:4541ebbb3 /dir:"D:\Programy\AVAST Software\Avast"
GroupPolicyUsers\S-1-5-21-824961693-2448940056-4209506155-1117\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-824961693-2448940056-4209506155-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - No File
Winsock: Catalog9 12 C:\Windows\system32\vsocklib.dll [63128] (VMware, Inc.)
Winsock: Catalog9 13 C:\Windows\system32\vsocklib.dll [63128] (VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Programy\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Programy\AVAST Software\Avast\WebRep\FF [2012-10-20]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-14]
CHR Extension: (Dokumenty Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-14]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-18]
CHR Extension: (Adblock Plus) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-18]
CHR Extension: (Tabulky Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-14]
CHR Extension: (AdBlock) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-28]
CHR Extension: (Avast Online Security) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-12]
CHR Extension: (Peněženka Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-18]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 ASLDRService; D:\Programy\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 avast! Antivirus; D:\Programy\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software)
S2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-05-19] (Microsoft)
S3 Tenable Nessus; C:\Program Files\Tenable\Nessus\nessus-service.exe [17136 2014-06-11] (Tenable Network Security, Inc)
R2 VMAuthdService; D:\Programy\VM Player\vmware-authd.exe [87120 2013-02-26] (VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357456 2013-02-26] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [714832 2013-08-05] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [436304 2013-02-26] (VMware, Inc.)
R2 vmware-converter-agent; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479960 2014-10-03] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960 2014-10-03] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960 2014-10-03] (VMware, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\Filip\AppData\Local\Temp\7zS219C\hpslpsvc32.dll [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2012-10-18] (Alcor Micro, Corp.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-12] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-11-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-12] ()
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
S3 bmdrvr; C:\Windows\System32\drivers\bmdrvr.sys [54992 2013-08-28] (VMware, Inc.)
S3 CV2K1; C:\Windows\System32\DRIVERS\cv2k1.sys [19560 2012-10-06] (TamoSoft)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-12-05] (DT Soft Ltd)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [94208 2012-10-18] (ELAN Microelectronic Corp.)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41936 2013-08-05] (VMware, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2012-10-18] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2013-09-06] ()
S3 TsVlb; C:\Windows\System32\DRIVERS\tsvlb.sys [20072 2012-10-06] (TamoSoft)
R1 TsVp; C:\Windows\System32\DRIVERS\tsvp.sys [23696 2012-10-06] (TamoSoft)
S3 TS_AR5416; C:\Windows\System32\DRIVERS\ts_athw.sys [1627496 2013-07-23] (TamoSoft)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1066496 2009-07-09] (VIA Technologies, Inc.)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [26064 2013-02-26] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2013-02-26] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2013-02-26] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-02-26] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-10-11] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [62416 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61464 2012-10-24] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-08-28] (VMware, Inc.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856 2009-06-10] (Microsoft Corporation)
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 PID_0928; system32\DRIVERS\LV561AV.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-14 21:38 - 2015-02-14 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2015-02-14 20:44 - 2015-02-14 20:54 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\ICQM
2015-02-14 20:44 - 2015-02-14 20:47 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\ICQ-Profile
2015-02-14 20:44 - 2015-02-14 20:44 - 00001764 _____ () C:\Users\Filip\Desktop\ICQ.lnk
2015-02-14 20:44 - 2015-02-14 20:44 - 00001622 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2015-02-14 20:44 - 2015-02-14 20:44 - 00000000 ____D () C:\Users\Filip\voip
2015-02-14 20:44 - 2015-02-14 20:44 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-02-14 20:42 - 2015-02-14 20:43 - 37968904 _____ (ICQ) C:\Users\Filip\Downloads\icq_rfrset.exe
2015-02-14 20:14 - 2015-02-14 20:14 - 00008729 _____ () C:\Users\Filip\Desktop\zoek-results.txt
2015-02-14 20:00 - 2015-02-14 19:30 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-14 19:31 - 2015-02-14 20:02 - 00008729 _____ () C:\zoek-results.log
2015-02-14 19:30 - 2015-02-14 19:58 - 00000000 ____D () C:\zoek_backup
2015-02-14 19:30 - 2015-02-14 19:29 - 01304576 _____ () C:\Users\Filip\Desktop\zoek.exe
2015-02-14 19:28 - 2015-02-14 19:28 - 00002691 _____ () C:\Users\Filip\Desktop\AdwCleaner[S0].txt
2015-02-14 19:28 - 2015-02-14 19:28 - 00000428 _____ () C:\Users\Filip\Desktop\Bezdrátové připojení k síti – zástupce.lnk
2015-02-14 19:17 - 2015-02-14 19:25 - 00000000 ____D () C:\AdwCleaner
2015-02-14 19:17 - 2015-02-14 19:17 - 02112512 _____ () C:\Users\Filip\Desktop\adwcleaner_4.110.exe
2015-02-14 18:45 - 2015-02-14 18:45 - 00018321 _____ () C:\Users\Filip\Desktop\logy-BawnJorno.zip
2015-02-14 18:34 - 2015-02-14 21:38 - 00015985 _____ () C:\Users\Filip\Desktop\FRST.txt
2015-02-14 18:34 - 2015-02-14 21:38 - 00000000 ____D () C:\FRST
2015-02-14 18:25 - 2015-02-14 18:24 - 01125888 _____ (Farbar) C:\Users\Filip\Desktop\FRST.exe
2015-02-13 21:28 - 2012-08-23 15:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-13 21:28 - 2012-08-23 14:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-13 21:27 - 2012-08-23 15:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-13 21:27 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-02-13 21:27 - 2012-08-23 11:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-13 21:25 - 2013-10-02 01:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-02-13 21:25 - 2013-10-02 01:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-13 21:25 - 2013-10-02 01:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-13 21:25 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-02-13 21:25 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-02-13 21:25 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-02-13 21:25 - 2013-10-02 00:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-13 21:25 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-02-13 21:25 - 2013-10-02 00:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-13 21:25 - 2013-10-01 23:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-02-13 21:25 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-02-13 21:25 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-13 21:18 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-13 21:18 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-13 21:18 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-13 21:18 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-13 21:18 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-13 21:18 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-13 21:18 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-13 21:18 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-13 21:18 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-13 21:18 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-13 21:18 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 21:18 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-13 21:18 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-13 21:18 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-13 21:18 - 2015-01-12 02:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 21:18 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-13 21:18 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-13 21:18 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-13 21:18 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-13 21:18 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-13 21:18 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-13 21:18 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-13 21:18 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-13 21:18 - 2015-01-12 02:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 21:18 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-13 21:18 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-13 21:18 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-13 21:18 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-13 21:18 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-13 21:18 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 21:18 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 21:18 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-13 21:18 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 21:17 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-13 21:17 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-13 21:17 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-13 21:17 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-13 21:17 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-13 21:17 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-13 21:17 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-13 21:17 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-13 21:17 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-13 21:17 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-13 21:17 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-13 21:17 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-13 21:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-13 21:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-13 21:16 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-13 21:16 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-13 21:16 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-13 21:16 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 21:13 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-13 21:13 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 21:13 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-13 21:13 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-13 21:12 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 12:37 - 2012-09-18 15:26 - 00365568 _____ () C:\Windows\system32\ZSHP1020.EXE
2015-02-12 12:37 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\system32\ZLhp1020.DLL
2015-01-31 17:13 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-31 17:13 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-31 17:13 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-31 17:13 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-31 17:13 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-31 14:53 - 2015-01-31 14:53 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-25 14:53 - 2015-01-30 13:57 - 00000150 _____ () C:\Users\Filip\Desktop\wordpress.txt
2015-01-20 14:31 - 2015-01-20 14:36 - 00000000 ____D () C:\Users\Filip\Desktop\boty
2015-01-16 22:33 - 2015-01-16 22:42 - 00000205 _____ () C:\Users\Filip\Desktop\DPP.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-14 20:58 - 2012-10-18 18:25 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-14 20:48 - 2014-12-22 22:23 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-14 20:44 - 2013-01-17 00:44 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\ICQ
2015-02-14 20:44 - 2012-10-18 17:51 - 00000000 ____D () C:\Users\Filip
2015-02-14 20:10 - 2009-07-14 05:34 - 00016608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-14 20:10 - 2009-07-14 05:34 - 00016608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-14 20:06 - 2012-10-18 17:46 - 01196537 ____N () C:\Windows\WindowsUpdate.log
2015-02-14 20:03 - 2015-01-03 11:36 - 00000008 __RSH () C:\Users\Filip\ntuser.pol
2015-02-14 20:03 - 2013-08-28 12:34 - 00000000 ____D () C:\ProgramData\VMware
2015-02-14 20:02 - 2014-10-29 08:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-14 20:02 - 2012-10-18 18:25 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-14 20:02 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 19:58 - 2014-12-30 21:54 - 00000000 ____D () C:\Users\BawnJorno\AppData\Local\Google
2015-02-14 19:58 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-14 19:25 - 2012-10-18 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-14 18:14 - 2012-10-18 17:51 - 00001413 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-14 18:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2015-02-14 15:59 - 2012-10-20 21:27 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\vlc
2015-02-14 13:27 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-14 11:15 - 2012-10-18 18:02 - 01592672 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 00:31 - 2009-07-14 05:33 - 00480552 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-14 00:31 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-13 21:35 - 2014-01-23 01:32 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 21:28 - 2013-01-26 17:55 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 09:53 - 2014-10-25 18:41 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\doublecmd
2015-02-10 19:50 - 2014-10-05 16:28 - 00000000 ____D () C:\Users\Filip\Desktop\bakalarky
2015-02-08 19:23 - 2014-11-01 22:52 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Free Download Manager
2015-02-07 23:12 - 2013-02-20 19:42 - 00000000 ____D () C:\Users\Filip\Documents\Visual Studio 2010
2015-02-07 22:28 - 2014-03-27 08:32 - 00001176 _____ () C:\Users\Filip\AppData\Local\MRDownloader.nast
2015-02-07 16:56 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-05 13:05 - 2013-07-02 18:28 - 00002048 ____H () C:\Users\Filip\Documents\Default.rdp
2015-02-03 22:01 - 2014-11-30 23:05 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\uTorrent
2015-02-03 14:03 - 2014-04-30 05:35 - 00009349 _____ () C:\Users\Filip\AppData\Local\MRDownloader.err
2015-02-02 12:41 - 2013-07-08 18:55 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Skype
2015-01-31 20:27 - 2014-10-30 09:58 - 00000000 ____D () C:\Users\Filip\Desktop\ostatní
2015-01-31 18:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-31 17:34 - 2012-10-24 15:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-31 17:20 - 2012-10-24 15:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-01-31 17:18 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-31 16:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2015-01-30 00:44 - 2015-01-14 20:36 - 00001043 _____ () C:\Users\Filip\Desktop\plank.txt
2015-01-28 15:52 - 2014-10-18 20:36 - 00000000 ____D () C:\Users\Filip\Desktop\stáž
2015-01-26 11:58 - 2013-02-15 23:41 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Orbit
2015-01-18 11:50 - 2013-08-28 12:37 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\VMware
2015-01-18 11:50 - 2013-08-28 12:37 - 00000000 ____D () C:\Users\Filip\AppData\Local\VMware
2015-01-16 16:24 - 2015-01-03 16:51 - 00000000 ____D () C:\Users\Filip\Desktop\moje fotky na vyvolani
==================== Files in the root of some directories =======
2014-11-13 09:20 - 2014-11-13 09:20 - 0000038 ___SH () C:\Users\Filip\AppData\Local\69ff07055291669bb2b218.72821112
2014-10-19 15:52 - 2014-10-19 15:52 - 0000001 _____ () C:\Users\Filip\AppData\Local\llftool.4.40.agreement
2014-04-30 05:35 - 2015-02-03 14:03 - 0009349 _____ () C:\Users\Filip\AppData\Local\MRDownloader.err
2014-03-27 08:32 - 2015-02-07 22:28 - 0001176 _____ () C:\Users\Filip\AppData\Local\MRDownloader.nast
2014-11-02 18:18 - 2014-11-12 01:41 - 0000600 _____ () C:\Users\Filip\AppData\Local\PUTTY.RND
2015-01-03 18:34 - 2015-01-03 18:34 - 0008761 _____ () C:\Users\Filip\AppData\Local\recently-used.xbel
2014-05-14 17:55 - 2014-10-18 23:53 - 0007604 _____ () C:\Users\Filip\AppData\Local\Resmon.ResmonCfg
2014-01-25 15:20 - 2014-04-01 09:01 - 0011598 _____ () C:\Users\Filip\AppData\Local\SRDownloader.err
2014-01-25 15:20 - 2014-04-01 09:01 - 0001088 _____ () C:\Users\Filip\AppData\Local\SRDownloader.nast
2013-06-16 11:42 - 2013-06-27 20:49 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD}
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Filip\Desktop" je 474 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Filip\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Filip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Filip\AppData\Roaming\Dropbox\bin\Dropbox.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Filip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\Programy\\Orbitdownloader\\orbitdm.exe"="D:\\Programy\\Orbitdownloader\\orbitdm.exe:*:Enabled:Orbit"
"D:\\Programy\\Orbitdownloader\\orbitnet.exe"="D:\\Programy\\Orbitdownloader\\orbitnet.exe:*:Enabled:Orbit"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: Preventivní - user: bawnjorno
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: GroupPolicyUsers\S-1-5-21-824961693-2448940056-4209506155-1117\User: Group Policy restriction detected <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Handler: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - No File S2 HPSLPSVC; C:\Users\Filip\AppData\Local\Temp\7zS219C\hpslpsvc32.dll [X] S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] 2015-02-14 21:38 - 2015-02-14 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe 2015-02-14 20:14 - 2015-02-14 20:14 - 00008729 _____ () C:\Users\Filip\Desktop\zoek-results.txt 2015-02-14 20:00 - 2015-02-14 19:30 - 00024064 _____ () C:\Windows\zoek-delete.exe 2015-02-14 19:31 - 2015-02-14 20:02 - 00008729 _____ () C:\zoek-results.log 2015-02-14 19:30 - 2015-02-14 19:58 - 00000000 ____D () C:\zoek_backup 2015-02-14 19:30 - 2015-02-14 19:29 - 01304576 _____ () C:\Users\Filip\Desktop\zoek.exe 2015-02-14 19:28 - 2015-02-14 19:28 - 00002691 _____ () C:\Users\Filip\Desktop\AdwCleaner[S0].txt 2015-02-14 19:17 - 2015-02-14 19:25 - 00000000 ____D () C:\AdwCleaner 2015-02-14 19:17 - 2015-02-14 19:17 - 02112512 _____ () C:\Users\Filip\Desktop\adwcleaner_4.110.exe 2015-02-14 18:45 - 2015-02-14 18:45 - 00018321 _____ () C:\Users\Filip\Desktop\logy-BawnJorno.zip 2015-02-14 18:34 - 2015-02-14 21:38 - 00015985 _____ () C:\Users\Filip\Desktop\FRST.txt Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD} DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivní - user: bawnjorno
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 14-02-2015
Ran by Filip at 2015-02-15 11:49:06 Run:1
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available profiles: Filip & BawnJorno)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
GroupPolicyUsers\S-1-5-21-824961693-2448940056-4209506155-1117\User: Group Policy restriction detected <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - No File
S2 HPSLPSVC; C:\Users\Filip\AppData\Local\Temp\7zS219C\hpslpsvc32.dll [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
2015-02-14 21:38 - 2015-02-14 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2015-02-14 20:14 - 2015-02-14 20:14 - 00008729 _____ () C:\Users\Filip\Desktop\zoek-results.txt
2015-02-14 20:00 - 2015-02-14 19:30 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-14 19:31 - 2015-02-14 20:02 - 00008729 _____ () C:\zoek-results.log
2015-02-14 19:30 - 2015-02-14 19:58 - 00000000 ____D () C:\zoek_backup
2015-02-14 19:30 - 2015-02-14 19:29 - 01304576 _____ () C:\Users\Filip\Desktop\zoek.exe
2015-02-14 19:28 - 2015-02-14 19:28 - 00002691 _____ () C:\Users\Filip\Desktop\AdwCleaner[S0].txt
2015-02-14 19:17 - 2015-02-14 19:25 - 00000000 ____D () C:\AdwCleaner
2015-02-14 19:17 - 2015-02-14 19:17 - 02112512 _____ () C:\Users\Filip\Desktop\adwcleaner_4.110.exe
2015-02-14 18:45 - 2015-02-14 18:45 - 00018321 _____ () C:\Users\Filip\Desktop\logy-BawnJorno.zip
2015-02-14 18:34 - 2015-02-14 21:38 - 00015985 _____ () C:\Users\Filip\Desktop\FRST.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD}
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-824961693-2448940056-4209506155-1117\User => Moved successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCR\PROTOCOLS\Handler\brx" => Key deleted successfully.
HKCR\CLSID\{9C160F90-74D1-11D3-AB60-0060977C1F29} => Key not found.
HPSLPSVC => Service deleted successfully.
rpcapd => Service deleted successfully.
C:\Users\Filip\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Filip\Desktop\zoek-results.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Filip\Desktop\zoek.exe => Moved successfully.
C:\Users\Filip\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Filip\Desktop\adwcleaner_4.110.exe => Moved successfully.
C:\Users\Filip\Desktop\logy-BawnJorno.zip => Moved successfully.
C:\Users\Filip\Desktop\FRST.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS removed successfully.
C:\Windows => ":{DA6227CB-326B-4B4D-9A81-04B61F1538DD}" ADS removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => Key Deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 253.9 MB temporary data.
The system needed a reboot.
==== End of Fixlog 11:50:06 ====
Ran by Filip at 2015-02-15 11:49:06 Run:1
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available profiles: Filip & BawnJorno)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
GroupPolicyUsers\S-1-5-21-824961693-2448940056-4209506155-1117\User: Group Policy restriction detected <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - No File
S2 HPSLPSVC; C:\Users\Filip\AppData\Local\Temp\7zS219C\hpslpsvc32.dll [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
2015-02-14 21:38 - 2015-02-14 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2015-02-14 20:14 - 2015-02-14 20:14 - 00008729 _____ () C:\Users\Filip\Desktop\zoek-results.txt
2015-02-14 20:00 - 2015-02-14 19:30 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-14 19:31 - 2015-02-14 20:02 - 00008729 _____ () C:\zoek-results.log
2015-02-14 19:30 - 2015-02-14 19:58 - 00000000 ____D () C:\zoek_backup
2015-02-14 19:30 - 2015-02-14 19:29 - 01304576 _____ () C:\Users\Filip\Desktop\zoek.exe
2015-02-14 19:28 - 2015-02-14 19:28 - 00002691 _____ () C:\Users\Filip\Desktop\AdwCleaner[S0].txt
2015-02-14 19:17 - 2015-02-14 19:25 - 00000000 ____D () C:\AdwCleaner
2015-02-14 19:17 - 2015-02-14 19:17 - 02112512 _____ () C:\Users\Filip\Desktop\adwcleaner_4.110.exe
2015-02-14 18:45 - 2015-02-14 18:45 - 00018321 _____ () C:\Users\Filip\Desktop\logy-BawnJorno.zip
2015-02-14 18:34 - 2015-02-14 21:38 - 00015985 _____ () C:\Users\Filip\Desktop\FRST.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD}
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-824961693-2448940056-4209506155-1117\User => Moved successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-824961693-2448940056-4209506155-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCR\PROTOCOLS\Handler\brx" => Key deleted successfully.
HKCR\CLSID\{9C160F90-74D1-11D3-AB60-0060977C1F29} => Key not found.
HPSLPSVC => Service deleted successfully.
rpcapd => Service deleted successfully.
C:\Users\Filip\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Filip\Desktop\zoek-results.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Filip\Desktop\zoek.exe => Moved successfully.
C:\Users\Filip\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Filip\Desktop\adwcleaner_4.110.exe => Moved successfully.
C:\Users\Filip\Desktop\logy-BawnJorno.zip => Moved successfully.
C:\Users\Filip\Desktop\FRST.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS removed successfully.
C:\Windows => ":{DA6227CB-326B-4B4D-9A81-04B61F1538DD}" ADS removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => Key Deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 253.9 MB temporary data.
The system needed a reboot.
==== End of Fixlog 11:50:06 ====
Re: Preventivní - user: bawnjorno
Jak se chova PC???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivní - user: bawnjorno
Běží v pohodě.
Re: Preventivní - user: bawnjorno
Tak jeste uklidime 
DelFix https://toolslib.net/downloads/finish/2/
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivní - user: bawnjorno
Hotovo, mockrát díky 
Re: Preventivní - user: bawnjorno
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?