Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Prosím o kontrolu

#1 Příspěvek od PredyP »

Dobrý den,
neteř mi přinesla notebook a říká že se to chová nějak divně, hlavně si stěžovala že ji nejdou přehrávat filmy, když nějaký spustí tak se nespustí a ve správci úloh přitom je vidět že WMP běží. Prý se to někdy i tak sekne že to musí násilně restartovat.
Moc tedy prosím o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Predecká at 2015-02-20 10:48:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 154 GB (33%) free of 459 GB
Total RAM: 2972 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:48:59, on 20.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\AVAST Software\Avast\avastUi.exe
C:\Users\Predecká\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Predecká\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Predecká\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\RSIT.exe
C:\Program Files\trend micro\Predecká.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [20150107] C:\Program Files\AVAST Software\Avast\setup\emupdate\1576c071-ad9f-4208-91ee-00f31150d22e.exe /check
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3832DA06-64DB-4473-9E87-BFA11F36C287}: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{3832DA06-64DB-4473-9E87-BFA11F36C287}: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{3832DA06-64DB-4473-9E87-BFA11F36C287}: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Nero 9\InCD\InCDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero 9\InCD\NBHRegInCDSrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe

--
End of file - 8504 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job - C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job - C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job - C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job - C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\bin\core.4.dll [2011-12-07 1151520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-03-24 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-03-24 175640]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-03-24 166936]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-01-28 495708]
""= []
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-01-30 1243864]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-20 5225064]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"=C:\Program Files\AVAST Software\Avast\setup\emupdate\1576c071-ad9f-4208-91ee-00f31150d22e.exe [2015-02-20 183232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-01-20 5496600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-10-01 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-09-05 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanSetup]
cmd /C rmdir /S /Q C:\Users\Predecká\AppData\Local\Temp\nro.tmp\ []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-20 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.6\ICQ.exe [2011-10-10 127040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero 9\InCD\InCD.exe [2009-05-08 1116696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBHGui]
C:\Program Files\Nero\Nero 9\InCD\NBHGui.exe [2009-05-08 1593880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-12-22 6699800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2012-10-08 752736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Predecká^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~4\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-01-25 225792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"VIDC.MKVC"=KMVIDC32.DLL

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-20 10:42:48 ----D---- C:\Program Files\trend micro
2015-02-20 10:42:47 ----D---- C:\rsit
2015-02-20 10:41:18 ----A---- C:\RSIT.exe
2015-02-20 10:21:12 ----D---- C:\Users\Predecká\AppData\Roaming\AVAST Software
2015-02-20 10:20:13 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-02-20 10:20:12 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-02-20 10:20:12 ----A---- C:\Windows\system32\drivers\aswsp.sys
2015-02-20 10:20:11 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-02-20 10:20:11 ----A---- C:\Windows\system32\drivers\aswmonflt.sys
2015-02-20 10:20:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-02-20 10:20:07 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-02-20 10:20:05 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-02-20 10:20:04 ----A---- C:\Windows\system32\aswBoot.exe
2015-02-20 10:19:59 ----A---- C:\Windows\avastSS.scr
2015-02-20 10:19:37 ----D---- C:\Program Files\AVAST Software
2015-02-20 09:55:41 ----D---- C:\Windows\system32\appraiser
2015-02-19 22:13:57 ----A---- C:\Windows\system32\rrinstaller.exe
2015-02-19 22:13:57 ----A---- C:\Windows\system32\mfps.dll
2015-02-19 22:13:57 ----A---- C:\Windows\system32\mfpmp.exe
2015-02-19 22:13:57 ----A---- C:\Windows\system32\mferror.dll
2015-02-19 22:13:57 ----A---- C:\Windows\system32\mf.dll
2015-02-19 22:12:41 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-02-19 21:47:05 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-02-19 21:47:04 ----A---- C:\Windows\system32\EncDump.dll
2015-02-19 21:47:04 ----A---- C:\Windows\system32\audiosrv.dll
2015-02-19 21:47:04 ----A---- C:\Windows\system32\AudioSes.dll
2015-02-19 21:47:04 ----A---- C:\Windows\system32\AudioEng.dll
2015-02-19 21:46:02 ----A---- C:\Windows\system32\tzres.dll
2015-02-19 21:45:19 ----A---- C:\Windows\system32\qdvd.dll
2015-02-19 21:44:51 ----A---- C:\Windows\system32\d3d10warp.dll
2015-02-19 21:44:27 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-02-19 21:43:57 ----A---- C:\Windows\system32\mscorier.dll
2015-02-19 21:43:56 ----A---- C:\Windows\system32\mscories.dll
2015-02-19 21:43:56 ----A---- C:\Windows\system32\dfshim.dll
2015-02-19 21:43:26 ----A---- C:\Windows\system32\packager.dll
2015-02-19 21:42:58 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-19 21:42:31 ----A---- C:\Windows\system32\profsvc.dll
2015-02-19 21:42:23 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-19 21:42:07 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-19 21:42:06 ----A---- C:\Windows\system32\invagent.dll
2015-02-19 21:42:06 ----A---- C:\Windows\system32\generaltel.dll
2015-02-19 21:42:06 ----A---- C:\Windows\system32\devinv.dll
2015-02-19 21:42:06 ----A---- C:\Windows\system32\appraiser.dll
2015-02-19 21:42:06 ----A---- C:\Windows\system32\aepic.dll
2015-02-19 21:42:05 ----A---- C:\Windows\system32\aeinv.dll
2015-02-19 21:42:03 ----A---- C:\Windows\system32\aepdu.dll
2015-02-19 21:37:12 ----A---- C:\Windows\system32\charmap.exe
2015-02-19 21:36:57 ----A---- C:\Windows\system32\mstscax.dll
2015-02-19 21:36:57 ----A---- C:\Windows\system32\mstsc.exe
2015-02-19 21:36:56 ----A---- C:\Windows\system32\winsta.dll
2015-02-19 21:36:55 ----A---- C:\Windows\system32\winlogon.exe
2015-02-19 21:36:55 ----A---- C:\Windows\system32\rdpcorekmts.dll
2015-02-19 21:36:55 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2015-02-19 21:36:55 ----A---- C:\Windows\system32\aaclient.dll
2015-02-19 21:36:54 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2015-02-19 21:36:24 ----A---- C:\Windows\system32\schannel.dll
2015-02-19 21:36:24 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-19 21:36:24 ----A---- C:\Windows\system32\kerberos.dll
2015-02-19 21:36:23 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-19 21:36:23 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-19 21:36:23 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-19 21:36:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-19 21:36:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-19 21:36:23 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-19 21:36:23 ----A---- C:\Windows\system32\adtschema.dll
2015-02-19 21:36:22 ----A---- C:\Windows\system32\wdigest.dll
2015-02-19 21:36:22 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-19 21:36:22 ----A---- C:\Windows\system32\sspicli.dll
2015-02-19 21:36:22 ----A---- C:\Windows\system32\secur32.dll
2015-02-19 21:36:22 ----A---- C:\Windows\system32\msobjs.dll
2015-02-19 21:36:22 ----A---- C:\Windows\system32\msaudite.dll
2015-02-19 21:36:22 ----A---- C:\Windows\system32\lsass.exe
2015-02-19 21:36:22 ----A---- C:\Windows\system32\credssp.dll
2015-02-19 21:36:22 ----A---- C:\Windows\system32\auditpol.exe
2015-02-19 21:36:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-19 21:36:04 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-19 21:36:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-19 21:36:04 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-19 21:36:03 ----A---- C:\Windows\system32\urlmon.dll
2015-02-19 21:36:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-19 21:36:03 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-19 21:36:03 ----A---- C:\Windows\system32\iernonce.dll
2015-02-19 21:36:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-19 21:36:02 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-19 21:36:02 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-19 21:36:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-19 21:36:02 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-19 21:36:02 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-19 21:36:00 ----A---- C:\Windows\system32\msrating.dll
2015-02-19 21:36:00 ----A---- C:\Windows\system32\iesetup.dll
2015-02-19 21:35:59 ----A---- C:\Windows\system32\wininet.dll
2015-02-19 21:35:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-19 21:35:58 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-19 21:35:57 ----A---- C:\Windows\system32\ieui.dll
2015-02-19 21:35:56 ----A---- C:\Windows\system32\ieframe.dll
2015-02-19 21:35:55 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-19 21:35:55 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-19 21:35:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-19 21:35:54 ----A---- C:\Windows\system32\iertutil.dll
2015-02-19 21:35:52 ----A---- C:\Windows\system32\mshtml.dll
2015-02-19 21:35:51 ----A---- C:\Windows\system32\vbscript.dll
2015-02-19 21:35:51 ----A---- C:\Windows\system32\jscript9.dll
2015-02-19 21:34:56 ----A---- C:\Windows\system32\nlasvc.dll
2015-02-19 21:34:28 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-02-19 21:34:11 ----A---- C:\Windows\system32\wintrust.dll
2015-02-19 21:34:11 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-19 21:34:11 ----A---- C:\Windows\system32\crypt32.dll
2015-02-19 21:33:30 ----A---- C:\Windows\system32\scesrv.dll
2015-02-19 21:33:14 ----A---- C:\Windows\system32\termsrv.dll
2015-02-19 21:32:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-19 21:32:21 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-02-19 21:32:21 ----A---- C:\Windows\system32\WsmSvc.dll
2015-02-19 21:32:21 ----A---- C:\Windows\system32\WsmAuto.dll
2015-02-19 21:32:21 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-02-19 21:32:21 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-02-19 21:13:37 ----D---- C:\ProgramData\Shared Space
2015-02-19 21:10:51 ----D---- C:\ProgramData\Comodo Downloader
2015-02-19 20:55:25 ----D---- C:\ProgramData\Comodo
2015-01-30 12:27:58 ----A---- C:\Windows\system32\drivers\inspect.sys
2015-01-30 12:27:58 ----A---- C:\Windows\system32\drivers\cmdhlp.sys
2015-01-30 12:27:58 ----A---- C:\Windows\system32\drivers\cmdguard.sys
2015-01-30 12:27:56 ----A---- C:\Windows\system32\drivers\cmderd.sys
2015-01-30 12:27:48 ----A---- C:\Windows\system32\cmdcsr.dll
2015-01-30 12:27:46 ----A---- C:\Windows\system32\guard32.dll
2015-01-30 12:27:36 ----A---- C:\Windows\system32\cmdvrt32.dll
2015-01-30 12:27:36 ----A---- C:\Windows\system32\cmdkbd32.dll

======List of files/folders modified in the last 1 month======

2015-02-20 10:48:58 ----D---- C:\Windows\Temp
2015-02-20 10:42:48 ----D---- C:\Program Files
2015-02-20 10:20:56 ----D---- C:\Windows\system32\drivers
2015-02-20 10:20:33 ----D---- C:\Windows\system32\Tasks
2015-02-20 10:20:04 ----D---- C:\Windows\System32
2015-02-20 10:20:02 ----D---- C:\Windows
2015-02-20 10:19:34 ----SHD---- C:\System Volume Information
2015-02-20 10:16:06 ----D---- C:\Windows\system32\config
2015-02-20 10:11:17 ----D---- C:\Windows\Microsoft.NET
2015-02-20 10:08:48 ----RSD---- C:\Windows\assembly
2015-02-20 10:06:07 ----D---- C:\Windows\inf
2015-02-20 10:06:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-20 10:02:41 ----D---- C:\Windows\winsxs
2015-02-20 10:01:59 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-20 09:59:52 ----D---- C:\Windows\system32\catroot2
2015-02-20 09:55:44 ----D---- C:\Windows\system32\cs-CZ
2015-02-20 09:55:43 ----D---- C:\Windows\AppCompat
2015-02-20 09:55:42 ----SD---- C:\Windows\system32\CompatTel
2015-02-20 09:55:41 ----SD---- C:\ProgramData\Microsoft
2015-02-20 09:55:39 ----D---- C:\Windows\system32\en-US
2015-02-20 09:55:39 ----D---- C:\Windows\PolicyDefinitions
2015-02-20 09:55:37 ----D---- C:\Program Files\Internet Explorer
2015-02-19 22:14:04 ----D---- C:\Windows\system32\catroot
2015-02-19 22:11:41 ----SHD---- C:\Windows\Installer
2015-02-19 21:16:38 ----D---- C:\Windows\Prefetch
2015-02-19 21:14:54 ----D---- C:\Windows\system32\DriverStore
2015-02-19 21:13:37 ----HD---- C:\ProgramData
2015-02-19 21:12:56 ----D---- C:\Program Files\COMODO
2015-02-19 20:48:00 ----D---- C:\Program Files\CCleaner
2015-02-19 20:36:11 ----D---- C:\Windows\pss
2015-02-19 20:32:36 ----D---- C:\Windows\SoftwareDistribution
2015-02-19 20:29:33 ----SD---- C:\Windows\system32\Microsoft
2015-02-18 19:37:16 ----RD---- C:\OBLÍBENÉ
2015-02-18 19:36:12 ----D---- C:\Škola
2015-02-06 21:46:45 ----D---- C:\Windows\Tasks
2015-02-04 23:33:08 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-20 206248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-02-05 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-20 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-02-20 787800]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-01-30 17088]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2015-01-30 618072]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-01-30 41248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-24 218688]
R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-05-08 19096]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-01-30 91200]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-20 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-20 73480]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-20 91496]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-01-25 6282240]
R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-05-08 129944]
R3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-05-08 48280]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-02-04 1000992]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-01-28 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-20 49944]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-20 423784]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-09-03 142648]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe [2009-03-03 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-20 50344]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1052472]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-01-30 5868440]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-10-07 126008]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-20 92216]
R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Nero 9\InCD\InCDSrv.exe [2009-05-08 1493528]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 9\InCD\NBHRegInCDSrv.exe [2009-05-08 109080]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [2010-01-28 229458]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-01-30 1664216]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2010-08-20 707128]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-19 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-05 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#2 Příspěvek od altrok »

Zdravim :bye:

:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Start -> spustit -> eventvwr, vlevo rozkliknete Protokoly systemu Windows, pravej klik na System, vyberte Ulozit vsechny udalosti jako, vysledny soubor zabalte a upnete na leteckou postu - link (odkaz na stazeni) dejte do pristi odpovedi.

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prosím o kontrolu

#3 Příspěvek od PredyP »

http://leteckaposta.cz/290719368

# AdwCleaner v4.111 - Logfile created 20/02/2015 at 13:06:50
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Predecká - PREDECKA-23
# Running from : C:\Users\Predecká\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [1153 bytes] - [20/02/2015 13:02:41]
AdwCleaner[S0].txt - [1022 bytes] - [20/02/2015 13:06:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1081 bytes] ##########

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#4 Příspěvek od altrok »

:arrow: Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prosím o kontrolu

#5 Příspěvek od PredyP »

Při dokončení skenování došlo k této chybě-viz příloha.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by Predecká (administrator) on PREDECKA-23 on 20-02-2015 13:39:53
Running from C:\Users\Predecká\Desktop
Loaded Profiles: Predecká (Available profiles: Predecká)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\stacsv.exe
(Nero AG) C:\Program Files\Nero\Nero 9\InCD\InCDSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Nero AG) C:\Program Files\Nero\Nero 9\InCD\NBHRegInCDSrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(forum.viry.cz) C:\Users\Predecká\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-01-28] (IDT, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1243864 2015-01-30] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-20] (AVAST Software)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\MountPoints2: {564ee737-ce17-11e0-8c54-d8d3853e814a} - E:\Autorun.exe
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\MountPoints2: {f1c8cc99-ff1a-11e0-8c2e-d8d3853e814a} - F:\HPLauncher.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Nero 9\InCD\NBHshx.dll (Nero AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {138e0c76-0650-4c4c-8a15-1498084da2eb} URL = http://www.firmy.cz/phr/{searchTerms}?s ... ckSearch_5
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {2bda40c6-2544-424d-bb5d-c737925aaf6d} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_5
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {3059775f-454e-4f21-ba2d-509087afc200} URL = http://www.mapy.cz/?query={searchTerms} ... ckSearch_5
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {8b075dac-ee10-401b-a56e-5764276df88f} URL = http://search.seznam.cz/?q={searchTerms ... ckSearch_5
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Ukazatel S-Rank -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files\Seznam.cz\bin\core.4.dll ()
Toolbar: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.2
Tcpip\..\Interfaces\{3832DA06-64DB-4473-9E87-BFA11F36C287}: [NameServer] 8.8.8.8,8.8.8.4

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1011354896-3533526268-1818183625-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Predecká\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1011354896-3533526268-1818183625-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1011354896-3533526268-1818183625-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> https://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-18]
CHR Extension: (Google Drive) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-18]
CHR Extension: (YouTube) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Google Search) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (Google Wallet) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-14]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-11-16]
CHR Extension: (Gmail) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
StartMenuInternet: Google Chrome - C:\Users\Predecká\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-09-03] (SUPERAntiSpyware.com)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-20] (AVAST Software)
R2 CLPSLS; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [1052472 2011-11-23] (COMODO)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5868440 2015-01-30] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664216 2015-01-30] (COMODO)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126008 2010-10-07] (Hewlett-Packard Company)
R2 InCDSrv; C:\Program Files\Nero\Nero 9\InCD\InCDSrv.exe [1493528 2009-05-08] (Nero AG)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 NeroRegInCDSrv; C:\Program Files\Nero\Nero 9\InCD\NBHRegInCDSrv.exe [109080 2009-05-08] (Nero AG)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-28] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-02-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73480 2015-02-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-02-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-02-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-02-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-02-20] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-02-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-02-20] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17088 2015-01-30] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [618072 2015-01-30] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41248 2015-01-30] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-08-24] (DT Soft Ltd)
R3 InCDFs; C:\Windows\System32\DRIVERS\InCDFs.sys [129944 2009-05-08] (Nero AG)
R3 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [48280 2009-05-08] (Nero AG)
R1 InCDRec; C:\Windows\System32\DRIVERS\InCDRec.sys [19096 2009-05-08] (Nero AG)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91200 2015-01-30] (COMODO)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-02-05] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 13:39 - 2015-02-20 13:40 - 00014819 _____ () C:\Users\Predecká\Desktop\FRST.txt
2015-02-20 13:38 - 2015-02-20 13:39 - 00000000 ____D () C:\FRST
2015-02-20 13:37 - 2015-02-20 13:37 - 00112640 _____ (forum.viry.cz) C:\Users\Predecká\Desktop\FRSTLauncher.exe
2015-02-20 13:36 - 2015-02-20 13:36 - 01126400 _____ (Farbar) C:\Users\Predecká\Desktop\FRST.exe
2015-02-20 13:02 - 2015-02-20 13:06 - 00000000 ____D () C:\AdwCleaner
2015-02-20 13:01 - 2015-02-20 13:01 - 02126848 _____ () C:\Users\Predecká\Desktop\adwcleaner_4.111.exe
2015-02-20 12:59 - 2015-02-20 12:59 - 01391136 _____ () C:\Users\Predecká\Desktop\Protokol.rar
2015-02-20 12:58 - 2015-02-20 12:58 - 21041152 _____ () C:\Users\Predecká\Desktop\Protokol.evtx
2015-02-20 10:53 - 2015-02-20 10:53 - 00000000 __SHD () C:\Users\Predecká\AppData\Local\EmieBrowserModeList
2015-02-20 10:42 - 2015-02-20 10:48 - 00000000 ____D () C:\Program Files\trend micro
2015-02-20 10:42 - 2015-02-20 10:43 - 00000000 ____D () C:\rsit
2015-02-20 10:41 - 2015-02-20 10:41 - 01107968 _____ () C:\RSIT.exe
2015-02-20 10:21 - 2015-02-20 10:21 - 00000000 ____D () C:\Users\Predecká\AppData\Roaming\AVAST Software
2015-02-20 10:21 - 2015-02-20 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-20 10:20 - 2015-02-20 10:20 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-20 10:20 - 2015-02-20 10:20 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00073480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-20 10:20 - 2015-02-20 10:19 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-02-20 10:19 - 2015-02-20 10:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-20 10:19 - 2015-02-20 10:19 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-20 10:07 - 2015-02-20 10:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-20 10:07 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-20 10:07 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-20 09:55 - 2015-02-20 09:55 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-19 22:13 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-19 22:13 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-02-19 22:13 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-02-19 22:13 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-02-19 22:13 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-02-19 22:13 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-19 22:12 - 2015-02-19 22:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-19 22:12 - 2015-02-19 22:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-19 22:12 - 2015-02-19 22:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-19 22:12 - 2015-02-19 22:12 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-19 22:12 - 2015-02-19 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-19 22:12 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-02-19 22:11 - 2015-02-19 22:11 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-02-19 22:10 - 2015-02-19 22:10 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-19 22:10 - 2015-02-19 22:10 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-02-19 22:09 - 2015-02-19 22:10 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-19 22:09 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-02-19 22:06 - 2015-02-19 22:06 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-02-19 22:06 - 2015-02-19 22:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-02-19 22:05 - 2015-02-19 22:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-02-19 22:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-02-19 22:01 - 2015-02-19 22:01 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-19 22:01 - 2015-02-19 22:01 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-19 22:00 - 2015-02-19 22:00 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-02-19 21:46 - 2015-02-19 21:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-02-19 21:45 - 2015-02-19 21:45 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-02-19 21:44 - 2015-02-19 21:44 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-02-19 21:44 - 2015-02-19 21:44 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-02-19 21:43 - 2015-02-19 21:43 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-02-19 21:43 - 2015-02-19 21:43 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-02-19 21:43 - 2015-02-19 21:43 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-02-19 21:43 - 2015-02-19 21:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-19 21:42 - 2015-02-19 21:42 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-19 21:37 - 2015-02-19 21:37 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-19 21:36 - 2015-02-19 21:36 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-02-19 21:36 - 2015-02-19 21:36 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-02-19 21:36 - 2015-02-19 21:36 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-19 21:36 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-19 21:35 - 2015-02-19 21:35 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-19 21:33 - 2015-02-19 21:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-02-19 21:33 - 2015-02-19 21:33 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-02-19 21:32 - 2015-02-19 21:32 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-02-19 21:13 - 2015-02-19 21:13 - 00000000 ____D () C:\ProgramData\Shared Space
2015-02-19 21:10 - 2015-02-19 21:10 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2015-02-19 20:55 - 2015-02-19 21:15 - 00000000 ____D () C:\ProgramData\Comodo
2015-02-19 20:53 - 2015-02-20 13:32 - 00000392 _____ () C:\Windows\setupact.log
2015-02-19 20:53 - 2015-02-20 12:47 - 00316372 _____ () C:\Windows\PFRO.log
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-15 09:51 - 2015-02-15 09:51 - 00000000 ____D () C:\Users\Predecká\AppData\Local\{F712AA13-5CE0-44EA-8B78-153007BAB565}
2015-01-30 12:27 - 2015-01-30 12:27 - 00618072 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-01-30 12:27 - 2015-01-30 12:27 - 00386768 _____ (COMODO) C:\Windows\system32\guard32.dll
2015-01-30 12:27 - 2015-01-30 12:27 - 00286424 _____ (COMODO) C:\Windows\system32\cmdvrt32.dll
2015-01-30 12:27 - 2015-01-30 12:27 - 00091200 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-01-30 12:27 - 2015-01-30 12:27 - 00041248 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-01-30 12:27 - 2015-01-30 12:27 - 00040664 _____ (COMODO) C:\Windows\system32\cmdkbd32.dll
2015-01-30 12:27 - 2015-01-30 12:27 - 00033520 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-01-30 12:27 - 2015-01-30 12:27 - 00017088 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-01-25 21:13 - 2015-01-25 21:14 - 00000000 ____D () C:\Users\Predecká\Downloads\9.serie

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 13:40 - 2009-07-14 05:34 - 00025872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-20 13:40 - 2009-07-14 05:34 - 00025872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-20 13:38 - 2011-02-05 18:12 - 01732304 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 13:36 - 2011-02-05 18:06 - 01189779 _____ () C:\Windows\WindowsUpdate.log
2015-02-20 13:33 - 2013-03-06 14:37 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-20 13:32 - 2011-02-05 21:57 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 13:32 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-20 13:06 - 2011-04-15 11:23 - 00000000 ____D () C:\ProgramData\ICQ
2015-02-20 12:54 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-20 12:51 - 2011-02-05 19:40 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job
2015-02-20 12:50 - 2009-07-14 05:33 - 00418304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-20 12:47 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2015-02-20 11:41 - 2013-10-12 08:31 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-20 11:35 - 2013-02-20 14:30 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job
2015-02-20 11:17 - 2011-02-05 21:57 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-20 10:01 - 2011-02-05 19:30 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-20 09:55 - 2014-04-30 09:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-20 09:55 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-02-19 21:51 - 2011-02-05 19:40 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job
2015-02-19 21:15 - 2011-02-06 01:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-02-19 21:12 - 2011-02-06 01:07 - 00000000 ____D () C:\Program Files\COMODO
2015-02-19 20:54 - 2014-07-14 08:52 - 00809984 ___SH () C:\Users\Predecká\Desktop\Thumbs.db
2015-02-19 20:48 - 2011-02-05 22:20 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-19 20:36 - 2011-07-05 13:49 - 00000000 ____D () C:\Windows\pss
2015-02-18 19:37 - 2012-01-15 11:48 - 00000000 ___RD () C:\OBLÍBENÉ
2015-02-18 19:36 - 2011-08-23 11:02 - 00000000 ____D () C:\Škola
2015-02-18 18:48 - 2013-02-20 14:30 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job
2015-02-04 23:33 - 2013-03-06 14:37 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-04 23:33 - 2011-07-05 21:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-29 17:49 - 2011-02-05 19:36 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-21 01:06 - 2015-01-20 20:33 - 602576390 _____ () C:\Users\Predecká\Downloads\Jak.jsem.poznal.vaši.matku.9.serie.COMPLETE.DUBING.CZ.rar

==================== Files in the root of some directories =======

2011-02-17 20:30 - 2014-10-14 19:42 - 0000147 _____ () C:\Users\Predecká\AppData\Roaming\default.rss
2012-12-05 13:58 - 2012-12-05 13:58 - 0000017 _____ () C:\Users\Predecká\AppData\Local\resmon.resmoncfg
2011-08-09 12:23 - 2011-08-09 12:23 - 0000000 _____ () C:\Users\Predecká\AppData\Local\{B1AE5B7A-A80D-46D7-8DE3-162D260CB2CC}
2011-08-09 12:15 - 2011-08-09 12:15 - 0000000 _____ () C:\Users\Predecká\AppData\Local\{EAA66C59-0AD1-4596-8485-1B0CB4009601}
2011-02-06 01:02 - 2011-02-06 01:02 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some content of TEMP:
====================
C:\Users\Predecká\AppData\Local\Temp\Quarantine.exe
C:\Users\Predecká\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\RSIT.exe:$CmdTcID
AlternateDataStreams: C:\RSIT.exe:$CmdZnID
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aswBoot.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\charmap.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dfshim.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mscorier.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mscories.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\packager.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pku2u.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rastls.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorekmts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\termsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWorkspace.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsta.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswHwid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswRdr2.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswRvrt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswStm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswVmm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\rdpwd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID
AlternateDataStreams: C:\Users\Predecká\Desktop\adwcleaner_4.111.exe:$CmdTcID
AlternateDataStreams: C:\Users\Predecká\Desktop\FRST.exe:$CmdTcID
AlternateDataStreams: C:\Users\Predecká\Desktop\FRSTLauncher.exe:$CmdTcID
AlternateDataStreams: C:\Users\Predecká\Desktop\FRSTLauncher.exe:$CmdZnID

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Predeck�\Desktop" je 5754 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanSetup
cmd /C rmdir /S /Q "C:\Users\Predeck�\AppData\Local\Temp\nro.tmp\" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core
"C:\Program Files\Electronic Arts\EADM\Core.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Predeck�\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Predeck�\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
"C:\Program Files\ICQ7.6\ICQ.exe" silent loginmode=4 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD
"C:\Program Files\Nero\Nero 9\InCD\InCD.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBHGui
"C:\Program Files\Nero\Nero 9\InCD\NBHGui.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Predeck�^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~1\MICROS~4\Office12\ONENOTEM.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2015 01
Ran by Predecká at 2015-02-20 13:40:50
Running from C:\Users\Predecká\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
COMODO Firewall (HKLM\...\{68BE8BAB-5375-4C99-9116-1808F5968D40}) (Version: 8.1.0.4426 - COMODO Security Solutions Inc.)
Google Chrome (HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
HPAsset component for HP Active Support Library (HKLM\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
rustina-nejen-pro-samouky version for Windows (HKLM\...\{BFAFDC92-CA00-4799-422A- 4A3CD2A22A2}_is1) (Version: for Windows - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Worms2 (HKLM\...\InstallShield_{69403657-0D76-41F9-97B3-BF243F023A4E}) (Version: 1.00.0000 - Team17 Ltd)
Worms2 (Version: 1.00.0000 - Team17 Ltd) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{0CFA3FB2-47F4-4157-A162-648CAA980DE2}\InprocServer32 -> C:\Program Files\Common Files\SpeechEngines\Microsoft\SR\spsrx.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{19EFC4D2-5251-4EB5-84C8-5A970FF8F5E0}\InprocServer32 -> C:\Program Files\Common Files\SpeechEngines\Microsoft\SR\spsreng.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{1A6F5C32-45F4-11D3-9A67-00C04F8EF48F}\InprocServer32 -> C:\Program Files\Common Files\SpeechEngines\Microsoft\SR\spsrx.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{42E0F145-11FD-11D3-BB97-00C04F8EE6C0}\InprocServer32 -> C:\Program Files\Common Files\SpeechEngines\Microsoft\SR\1033\itngram.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Predecká\AppData\Local\Google\Chrome\Application\40.0.2214.111\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Predecká\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Predecká\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{93520E48-87DA-11D3-9517-00C04F604FF2}\InprocServer32 -> C:\Program Files\Common Files\SpeechEngines\Microsoft\SR\spsreng.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{93520E49-87DA-11D3-9517-00C04F604FF2}\InprocServer32 -> C:\Program Files\Common Files\SpeechEngines\Microsoft\SR\spsreng.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{cb4c77f0-ab2a-407c-93ac-963769824b18}\localserver32 -> C:\Users\PREDEC~1\AppData\Local\Temp\{b3ede298-ae75-4a1c-ab7e-1b9229b77bbe}\IDriver.NonElevated.exe (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Predecká\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000_Classes\CLSID\{EC468149-6916-11D2-9427-00C04F8EF48F}\InprocServer32 -> C:\Program Files\Common Files\SpeechEngines\Microsoft\SR\spsreng.dll (Microsoft Corporation)

==================== Restore Points =========================

28-01-2015 16:11:16 Windows Update
02-02-2015 09:27:06 Windows Update
06-02-2015 12:49:06 Windows Update
15-02-2015 10:27:46 Naplánovaný kontrolní bod
19-02-2015 20:38:35 Removed Skype Click to Call
19-02-2015 20:50:13 Removed COMODO Internet Security
19-02-2015 21:11:32 Installing COMODO Firewall
19-02-2015 21:14:17 Instalace balíčku ovladače zařízení: COMODO Síťová služba
19-02-2015 21:45:36 avast! antivirus system restore point
19-02-2015 21:52:04 Windows Update
20-02-2015 10:19:14 avast! antivirus system restore point
20-02-2015 11:29:17 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B7EBD79-CB94-4B6D-8552-C381E0FA1594} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {18F75BD1-5EA0-4BFB-A74B-D7F0817D7211} - System32\Tasks\{96D7601C-C338-4394-ADDD-072EC3C7E237} => pcalua.exe -a C:\Users\Predecká\Desktop\Vista_Win7_R251.exe -d C:\Users\Predecká\Desktop
Task: {18FBAC51-DA88-4EB6-89F6-2439EBC9D48C} - System32\Tasks\{BBA1D70C-56C3-4073-9797-A234C71F8D99} => pcalua.exe -a "C:\Users\Predecká\Desktop\Nová složka\sp49404.exe" -d "C:\Users\Predecká\Desktop\Nová složka"
Task: {26348EB4-382C-4260-BC1C-F87AF45CD93D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-20] (Facebook Inc.)
Task: {28649DCE-F13F-4C07-8394-6139A56A86F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {695C913E-249A-478C-AA6F-2176967116BC} - System32\Tasks\{1C227080-0D05-4C8A-8E5E-2F812A7044FF} => pcalua.exe -a "C:\Program Files\Seznam.cz\sznpkg.exe" -d C:\Users\Predecká\Desktop -c -D http://download.seznam.cz/listicka/list ... 2.5.10.exe
Task: {6CB4821B-1326-448E-B37D-71C6E6C50925} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {73CA1E89-B202-4CEF-9B68-60FA159DADDA} - System32\Tasks\{17B84A53-3292-4F84-B033-5BCB6ADEE768} => pcalua.exe -a "C:\Users\Predecká\Saved Games\nfs\auta\eauninstall.exe" -d "C:\Users\Predecká\Saved Games\nfs\auta"
Task: {8BB5C815-32B2-4453-A505-32EF6DB0A6D1} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO)
Task: {90665CC5-C752-4991-948E-50FF62F595BD} - System32\Tasks\{FB89807F-2F19-4B8C-8905-04801B444E35} => pcalua.exe -a C:\Users\Predecká\Desktop\sp50498.exe -d C:\Users\Predecká\Desktop
Task: {92596195-6D49-4EF1-A674-F9DB348A4987} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {95E002E2-301C-4E6E-9119-7A29F0A5E151} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-10-07] (Hewlett-Packard Company)
Task: {9632F5C5-1BC1-4F8A-9D56-78AD81C8E5F7} - System32\Tasks\{056285CF-E4B9-40F4-B28B-A11D17F0FA16} => pcalua.exe -a "C:\Users\Predecká\Desktop\Nová složka\sp47022.exe" -d "C:\Users\Predecká\Desktop\Nová složka"
Task: {966047B0-3DDC-4809-8119-069815148A85} - System32\Tasks\{3CB51CCD-0E90-4AE8-9574-2C76FCFD9053} => C:\Program Files\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe [2009-04-22] (EA.com)
Task: {97CA1EF2-E93E-4B5F-9C03-8025C0D853DD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {9C2CA8C4-FCA1-4420-804D-C57C50013C4B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO)
Task: {9CA8122D-CED4-482D-98F8-9B1E0F77E071} - System32\Tasks\{A7A74C63-E979-42C2-A6BE-3C2757569D74} => pcalua.exe -a C:\Users\Predecká\Desktop\sp50180.exe -d C:\Users\Predecká\Desktop
Task: {A23C41B6-AF60-49FD-A91D-7E90B386AC98} - System32\Tasks\{B61F4047-F0B8-4A52-A026-07F927245C22} => Chrome.exe http://ui.skype.com/ui/0/4.2.0.187.259/ ... ltbrowser2
Task: {B4701212-D7A3-4320-8E37-2D1C4147E8F6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-20] (AVAST Software)
Task: {BCC18368-2731-4A1A-A33E-1C24109CFE91} - System32\Tasks\{9ADD37FC-A915-4BDF-AE16-B8A0CD563703} => pcalua.exe -a C:\Users\Predecká\Desktop\sp49404.exe -d C:\Users\Predecká\Desktop
Task: {BEAD6EDD-68BC-437B-9C7F-F736D8C9A32E} - System32\Tasks\{29282076-F74C-4FFB-BC12-A24F8CAB9040} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {C3A56F4A-5CC3-4119-8850-5CAC118D94EB} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-01-30] (COMODO)
Task: {C8291E10-38A0-4E1D-B626-916B03EB0836} - System32\Tasks\{346E5409-9F4E-4273-A2CC-0CC401154F7F} => pcalua.exe -a C:\Users\Predecká\Desktop\SUPERAntiSpyware4221014cz.exe -d C:\Users\Predecká\Desktop
Task: {CFA8D49E-5531-46CF-9A73-D14B03F88D1C} - System32\Tasks\{FE3F9B98-69AA-48F5-9638-085ABDE4CDC2} => pcalua.exe -a C:\Users\Predecká\Downloads\sp50286.exe -d C:\Users\Predecká\Downloads
Task: {DCB3A348-57EC-4D86-BA08-1C1FE613AE1B} - System32\Tasks\{C4800305-96DA-42C0-B462-3246FDCFC4E5} => pcalua.exe -a C:\Users\Predecká\Desktop\SuperAntiSpywarePRO_CZ_3_9.sfx.exe -d C:\Users\Predecká\Desktop
Task: {E4FC1A09-9BE7-425E-B773-1167D649CFF8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {E9440F04-F02F-499E-A319-A4717A2FFF80} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-10-07] (Hewlett-Packard Company)
Task: {EB753D5A-E3BE-4616-8F7D-F2355478288B} - System32\Tasks\{54A27A0F-D067-4F14-9F7E-40FD8C55A956} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {F034EEC8-BAC3-4D78-A784-355D95CF8465} - System32\Tasks\{8C632739-F0B1-4E67-A167-B1106E8B1A73} => pcalua.exe -a "C:\Users\Predecká\Desktop\Nová složka\sp51076.exe" -d "C:\Users\Predecká\Desktop\Nová složka"
Task: {F6439252-A4D8-4F3D-B2BE-85D85DF317EF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-20] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-20 10:21 - 2015-02-20 10:21 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15021901\algo.dll
2011-02-06 14:46 - 2010-02-10 18:10 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2015-02-20 10:19 - 2015-02-20 10:20 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-06-17 11:40 - 2009-06-17 11:40 - 02121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2009-06-17 11:40 - 2009-06-17 11:40 - 07745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2009-06-17 11:40 - 2009-06-17 11:40 - 00135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2011-12-09 18:12 - 2011-12-07 14:37 - 01151520 _____ () C:\Program Files\Seznam.cz\bin\core.4.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\RSIT.exe:$CmdTcID
AlternateDataStreams: C:\RSIT.exe:$CmdZnID
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aswBoot.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\charmap.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dfshim.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mscorier.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mscories.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\packager.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pku2u.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rastls.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorekmts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\termsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWorkspace.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsta.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswHwid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswRdr2.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswRvrt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswStm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswVmm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\rdpwd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID
AlternateDataStreams: C:\Users\Predecká\Desktop\adwcleaner_4.111.exe:$CmdTcID
AlternateDataStreams: C:\Users\Predecká\Desktop\FRST.exe:$CmdTcID
AlternateDataStreams: C:\Users\Predecká\Desktop\FRSTLauncher.exe:$CmdTcID
AlternateDataStreams: C:\Users\Predecká\Desktop\FRSTLauncher.exe:$CmdZnID
AlternateDataStreams: C:\Users\Predecká\Desktop\LM.bat:$CmdTcID
AlternateDataStreams: C:\Users\Predecká\AppData\Local\MSGBOX.EXE:$CmdTcID

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Predecká\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.2

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Predecká^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CleanSetup => cmd /C rmdir /S /Q "C:\Users\Predecká\AppData\Local\Temp\nro.tmp\"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EA Core => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: Facebook Update => "C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: ICQ => "C:\Program Files\ICQ7.6\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: InCD => "C:\Program Files\Nero\Nero 9\InCD\InCD.exe"
MSCONFIG\startupreg: NBHGui => "C:\Program Files\Nero\Nero 9\InCD\NBHGui.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE

==================== Accounts: =============================
Přílohy
Chyba.rar
(207.28 KiB) Staženo 41 x

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#6 Příspěvek od altrok »

:arrow: Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC.

:arrow: Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

:arrow: Odinstalujte SUPERAntiSpyware. Po aplikovani fixlistu bych tam pustil MBAM minimalne sken hrozeb (pokud mate cas, tak vlastni sken - vsechny disky).

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
    CloseProcesses:
    HKLM\...\Run: [] => [X]
    HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
    HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\MountPoints2: {564ee737-ce17-11e0-8c54-d8d3853e814a} - E:\Autorun.exe
    HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\MountPoints2: {f1c8cc99-ff1a-11e0-8c2e-d8d3853e814a} - F:\HPLauncher.exe
    
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
    SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {138e0c76-0650-4c4c-8a15-1498084da2eb} URL = http://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_5
    SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {2bda40c6-2544-424d-bb5d-c737925aaf6d} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_5
    SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {3059775f-454e-4f21-ba2d-509087afc200} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_5
    SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {8b075dac-ee10-401b-a56e-5764276df88f} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_5
    SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
    Toolbar: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    
    2015-02-20 13:37 - 2015-02-20 13:37 - 00112640 _____ (forum.viry.cz) C:\Users\Predecká\Desktop\FRSTLauncher.exe
    2015-02-20 13:02 - 2015-02-20 13:06 - 00000000 ____D () C:\AdwCleaner
    2015-02-20 13:01 - 2015-02-20 13:01 - 02126848 _____ () C:\Users\Predecká\Desktop\adwcleaner_4.111.exe
    2015-02-20 12:59 - 2015-02-20 12:59 - 01391136 _____ () C:\Users\Predecká\Desktop\Protokol.rar
    2015-02-20 12:58 - 2015-02-20 12:58 - 21041152 _____ () C:\Users\Predecká\Desktop\Protokol.evtx
    2015-02-20 10:42 - 2015-02-20 10:48 - 00000000 ____D () C:\Program Files\trend micro
    2015-02-20 10:42 - 2015-02-20 10:43 - 00000000 ____D () C:\rsit
    2015-02-20 10:41 - 2015-02-20 10:41 - 01107968 _____ () C:\RSIT.exe
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanSetup]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
    
    Task: {18F75BD1-5EA0-4BFB-A74B-D7F0817D7211} - System32\Tasks\{96D7601C-C338-4394-ADDD-072EC3C7E237} => pcalua.exe -a C:\Users\Predecká\Desktop\Vista_Win7_R251.exe -d C:\Users\Predecká\Desktop
    Task: {18FBAC51-DA88-4EB6-89F6-2439EBC9D48C} - System32\Tasks\{BBA1D70C-56C3-4073-9797-A234C71F8D99} => pcalua.exe -a "C:\Users\Predecká\Desktop\Nová složka\sp49404.exe" -d "C:\Users\Predecká\Desktop\Nová složka"
    Task: {695C913E-249A-478C-AA6F-2176967116BC} - System32\Tasks\{1C227080-0D05-4C8A-8E5E-2F812A7044FF} => pcalua.exe -a "C:\Program Files\Seznam.cz\sznpkg.exe" -d C:\Users\Predecká\Desktop -c -D http://download.seznam.cz/listicka/list ... 2.5.10.exe
    Task: {73CA1E89-B202-4CEF-9B68-60FA159DADDA} - System32\Tasks\{17B84A53-3292-4F84-B033-5BCB6ADEE768} => pcalua.exe -a "C:\Users\Predecká\Saved Games\nfs\auta\eauninstall.exe" -d "C:\Users\Predecká\Saved Games\nfs\auta"
    Task: {90665CC5-C752-4991-948E-50FF62F595BD} - System32\Tasks\{FB89807F-2F19-4B8C-8905-04801B444E35} => pcalua.exe -a C:\Users\Predecká\Desktop\sp50498.exe -d C:\Users\Predecká\Desktop
    Task: {9632F5C5-1BC1-4F8A-9D56-78AD81C8E5F7} - System32\Tasks\{056285CF-E4B9-40F4-B28B-A11D17F0FA16} => pcalua.exe -a "C:\Users\Predecká\Desktop\Nová složka\sp47022.exe" -d "C:\Users\Predecká\Desktop\Nová složka"
    Task: {9CA8122D-CED4-482D-98F8-9B1E0F77E071} - System32\Tasks\{A7A74C63-E979-42C2-A6BE-3C2757569D74} => pcalua.exe -a C:\Users\Predecká\Desktop\sp50180.exe -d C:\Users\Predecká\Desktop
    Task: {BCC18368-2731-4A1A-A33E-1C24109CFE91} - System32\Tasks\{9ADD37FC-A915-4BDF-AE16-B8A0CD563703} => pcalua.exe -a C:\Users\Predecká\Desktop\sp49404.exe -d C:\Users\Predecká\Desktop
    Task: {C8291E10-38A0-4E1D-B626-916B03EB0836} - System32\Tasks\{346E5409-9F4E-4273-A2CC-0CC401154F7F} => pcalua.exe -a C:\Users\Predecká\Desktop\SUPERAntiSpyware4221014cz.exe -d C:\Users\Predecká\Desktop
    Task: {CFA8D49E-5531-46CF-9A73-D14B03F88D1C} - System32\Tasks\{FE3F9B98-69AA-48F5-9638-085ABDE4CDC2} => pcalua.exe -a C:\Users\Predecká\Downloads\sp50286.exe -d C:\Users\Predecká\Downloads
    Task: {DCB3A348-57EC-4D86-BA08-1C1FE613AE1B} - System32\Tasks\{C4800305-96DA-42C0-B462-3246FDCFC4E5} => pcalua.exe -a C:\Users\Predecká\Desktop\SuperAntiSpywarePRO_CZ_3_9.sfx.exe -d C:\Users\Predecká\Desktop
    Task: {F034EEC8-BAC3-4D78-A784-355D95CF8465} - System32\Tasks\{8C632739-F0B1-4E67-A167-B1106E8B1A73} => pcalua.exe -a "C:\Users\Predecká\Desktop\Nová složka\sp51076.exe" -d "C:\Users\Predecká\Desktop\Nová složka"
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe
    Hosts:
    EmptyTemp:
    End
    
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prosím o kontrolu

#7 Příspěvek od PredyP »

SUPERAntiSpyware s tím je problém, nenašel jsem ho v ccleaneru pro odinstalování a není ani v programy a funkce. Na startu v programech ale je, přijde mi to jako by chyběl od instalátor.

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#8 Příspěvek od altrok »

Zkuste ho nove nainstalovat a pak odinstalovat.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prosím o kontrolu

#9 Příspěvek od PredyP »

SuperAntiSpyware je odinstalován.

MBAM dnes proběhne.

Při práci Frst se restartoval pc a při restartu se kousl, musel jsem násilně vypnout.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-02-2015 01
Ran by Predecká at 2015-02-21 11:57:49 Run:1
Running from C:\Users\Predecká\Desktop
Loaded Profiles: Predecká (Available profiles: Predecká)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\MountPoints2: {564ee737-ce17-11e0-8c54-d8d3853e814a} - E:\Autorun.exe
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\MountPoints2: {f1c8cc99-ff1a-11e0-8c2e-d8d3853e814a} - F:\HPLauncher.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {138e0c76-0650-4c4c-8a15-1498084da2eb} URL = http://www.firmy.cz/phr/{searchTerms}?s ... ckSearch_5
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {2bda40c6-2544-424d-bb5d-c737925aaf6d} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_5
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {3059775f-454e-4f21-ba2d-509087afc200} URL = http://www.mapy.cz/?query={searchTerms} ... ckSearch_5
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {8b075dac-ee10-401b-a56e-5764276df88f} URL = http://search.seznam.cz/?q={searchTerms ... ckSearch_5
SearchScopes: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
Toolbar: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File

2015-02-20 13:37 - 2015-02-20 13:37 - 00112640 _____ (forum.viry.cz) C:\Users\Predecká\Desktop\FRSTLauncher.exe
2015-02-20 13:02 - 2015-02-20 13:06 - 00000000 ____D () C:\AdwCleaner
2015-02-20 13:01 - 2015-02-20 13:01 - 02126848 _____ () C:\Users\Predecká\Desktop\adwcleaner_4.111.exe
2015-02-20 12:59 - 2015-02-20 12:59 - 01391136 _____ () C:\Users\Predecká\Desktop\Protokol.rar
2015-02-20 12:58 - 2015-02-20 12:58 - 21041152 _____ () C:\Users\Predecká\Desktop\Protokol.evtx
2015-02-20 10:42 - 2015-02-20 10:48 - 00000000 ____D () C:\Program Files\trend micro
2015-02-20 10:42 - 2015-02-20 10:43 - 00000000 ____D () C:\rsit
2015-02-20 10:41 - 2015-02-20 10:41 - 01107968 _____ () C:\RSIT.exe

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanSetup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

Task: {18F75BD1-5EA0-4BFB-A74B-D7F0817D7211} - System32\Tasks\{96D7601C-C338-4394-ADDD-072EC3C7E237} => pcalua.exe -a C:\Users\Predecká\Desktop\Vista_Win7_R251.exe -d C:\Users\Predecká\Desktop
Task: {18FBAC51-DA88-4EB6-89F6-2439EBC9D48C} - System32\Tasks\{BBA1D70C-56C3-4073-9797-A234C71F8D99} => pcalua.exe -a "C:\Users\Predecká\Desktop\Nová složka\sp49404.exe" -d "C:\Users\Predecká\Desktop\Nová složka"
Task: {695C913E-249A-478C-AA6F-2176967116BC} - System32\Tasks\{1C227080-0D05-4C8A-8E5E-2F812A7044FF} => pcalua.exe -a "C:\Program Files\Seznam.cz\sznpkg.exe" -d C:\Users\Predecká\Desktop -c -D http://download.seznam.cz/listicka/list ... 2.5.10.exe
Task: {73CA1E89-B202-4CEF-9B68-60FA159DADDA} - System32\Tasks\{17B84A53-3292-4F84-B033-5BCB6ADEE768} => pcalua.exe -a "C:\Users\Predecká\Saved Games\nfs\auta\eauninstall.exe" -d "C:\Users\Predecká\Saved Games\nfs\auta"
Task: {90665CC5-C752-4991-948E-50FF62F595BD} - System32\Tasks\{FB89807F-2F19-4B8C-8905-04801B444E35} => pcalua.exe -a C:\Users\Predecká\Desktop\sp50498.exe -d C:\Users\Predecká\Desktop
Task: {9632F5C5-1BC1-4F8A-9D56-78AD81C8E5F7} - System32\Tasks\{056285CF-E4B9-40F4-B28B-A11D17F0FA16} => pcalua.exe -a "C:\Users\Predecká\Desktop\Nová složka\sp47022.exe" -d "C:\Users\Predecká\Desktop\Nová složka"
Task: {9CA8122D-CED4-482D-98F8-9B1E0F77E071} - System32\Tasks\{A7A74C63-E979-42C2-A6BE-3C2757569D74} => pcalua.exe -a C:\Users\Predecká\Desktop\sp50180.exe -d C:\Users\Predecká\Desktop
Task: {BCC18368-2731-4A1A-A33E-1C24109CFE91} - System32\Tasks\{9ADD37FC-A915-4BDF-AE16-B8A0CD563703} => pcalua.exe -a C:\Users\Predecká\Desktop\sp49404.exe -d C:\Users\Predecká\Desktop
Task: {C8291E10-38A0-4E1D-B626-916B03EB0836} - System32\Tasks\{346E5409-9F4E-4273-A2CC-0CC401154F7F} => pcalua.exe -a C:\Users\Predecká\Desktop\SUPERAntiSpyware4221014cz.exe -d C:\Users\Predecká\Desktop
Task: {CFA8D49E-5531-46CF-9A73-D14B03F88D1C} - System32\Tasks\{FE3F9B98-69AA-48F5-9638-085ABDE4CDC2} => pcalua.exe -a C:\Users\Predecká\Downloads\sp50286.exe -d C:\Users\Predecká\Downloads
Task: {DCB3A348-57EC-4D86-BA08-1C1FE613AE1B} - System32\Tasks\{C4800305-96DA-42C0-B462-3246FDCFC4E5} => pcalua.exe -a C:\Users\Predecká\Desktop\SuperAntiSpywarePRO_CZ_3_9.sfx.exe -d C:\Users\Predecká\Desktop
Task: {F034EEC8-BAC3-4D78-A784-355D95CF8465} - System32\Tasks\{8C632739-F0B1-4E67-A167-B1106E8B1A73} => pcalua.exe -a "C:\Users\Predecká\Desktop\Nová složka\sp51076.exe" -d "C:\Users\Predecká\Desktop\Nová složka"
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => C:\Users\Predecká\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => C:\Users\Predecká\AppData\Local\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{564ee737-ce17-11e0-8c54-d8d3853e814a}" => Key deleted successfully.
HKCR\CLSID\{564ee737-ce17-11e0-8c54-d8d3853e814a} => Key not found.
"HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1c8cc99-ff1a-11e0-8c2e-d8d3853e814a}" => Key deleted successfully.
HKCR\CLSID\{f1c8cc99-ff1a-11e0-8c2e-d8d3853e814a} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{138e0c76-0650-4c4c-8a15-1498084da2eb}" => Key deleted successfully.
HKCR\CLSID\{138e0c76-0650-4c4c-8a15-1498084da2eb} => Key not found.
"HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2bda40c6-2544-424d-bb5d-c737925aaf6d}" => Key deleted successfully.
HKCR\CLSID\{2bda40c6-2544-424d-bb5d-c737925aaf6d} => Key not found.
"HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3059775f-454e-4f21-ba2d-509087afc200}" => Key deleted successfully.
HKCR\CLSID\{3059775f-454e-4f21-ba2d-509087afc200} => Key not found.
"HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8b075dac-ee10-401b-a56e-5764276df88f}" => Key deleted successfully.
HKCR\CLSID\{8b075dac-ee10-401b-a56e-5764276df88f} => Key not found.
"HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}" => Key deleted successfully.
HKCR\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => Key not found.
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\Predecká\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Predecká\Desktop\adwcleaner_4.111.exe => Moved successfully.
"C:\Users\Predecká\Desktop\Protokol.rar" => File/Directory not found.
"C:\Users\Predecká\Desktop\Protokol.evtx" => File/Directory not found.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\RSIT.exe => Moved successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0 => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanSetup => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => Key Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18F75BD1-5EA0-4BFB-A74B-D7F0817D7211}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18F75BD1-5EA0-4BFB-A74B-D7F0817D7211}" => Key deleted successfully.
C:\Windows\System32\Tasks\{96D7601C-C338-4394-ADDD-072EC3C7E237} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{96D7601C-C338-4394-ADDD-072EC3C7E237}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18FBAC51-DA88-4EB6-89F6-2439EBC9D48C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18FBAC51-DA88-4EB6-89F6-2439EBC9D48C}" => Key deleted successfully.
C:\Windows\System32\Tasks\{BBA1D70C-56C3-4073-9797-A234C71F8D99} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BBA1D70C-56C3-4073-9797-A234C71F8D99}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{695C913E-249A-478C-AA6F-2176967116BC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{695C913E-249A-478C-AA6F-2176967116BC}" => Key deleted successfully.
C:\Windows\System32\Tasks\{1C227080-0D05-4C8A-8E5E-2F812A7044FF} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1C227080-0D05-4C8A-8E5E-2F812A7044FF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73CA1E89-B202-4CEF-9B68-60FA159DADDA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73CA1E89-B202-4CEF-9B68-60FA159DADDA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{17B84A53-3292-4F84-B033-5BCB6ADEE768} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{17B84A53-3292-4F84-B033-5BCB6ADEE768}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90665CC5-C752-4991-948E-50FF62F595BD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90665CC5-C752-4991-948E-50FF62F595BD}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FB89807F-2F19-4B8C-8905-04801B444E35} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FB89807F-2F19-4B8C-8905-04801B444E35}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9632F5C5-1BC1-4F8A-9D56-78AD81C8E5F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9632F5C5-1BC1-4F8A-9D56-78AD81C8E5F7}" => Key deleted successfully.
C:\Windows\System32\Tasks\{056285CF-E4B9-40F4-B28B-A11D17F0FA16} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{056285CF-E4B9-40F4-B28B-A11D17F0FA16}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CA8122D-CED4-482D-98F8-9B1E0F77E071}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CA8122D-CED4-482D-98F8-9B1E0F77E071}" => Key deleted successfully.
C:\Windows\System32\Tasks\{A7A74C63-E979-42C2-A6BE-3C2757569D74} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A7A74C63-E979-42C2-A6BE-3C2757569D74}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCC18368-2731-4A1A-A33E-1C24109CFE91}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCC18368-2731-4A1A-A33E-1C24109CFE91}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9ADD37FC-A915-4BDF-AE16-B8A0CD563703} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9ADD37FC-A915-4BDF-AE16-B8A0CD563703}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8291E10-38A0-4E1D-B626-916B03EB0836}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8291E10-38A0-4E1D-B626-916B03EB0836}" => Key deleted successfully.
C:\Windows\System32\Tasks\{346E5409-9F4E-4273-A2CC-0CC401154F7F} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{346E5409-9F4E-4273-A2CC-0CC401154F7F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFA8D49E-5531-46CF-9A73-D14B03F88D1C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFA8D49E-5531-46CF-9A73-D14B03F88D1C}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FE3F9B98-69AA-48F5-9638-085ABDE4CDC2} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FE3F9B98-69AA-48F5-9638-085ABDE4CDC2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCB3A348-57EC-4D86-BA08-1C1FE613AE1B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCB3A348-57EC-4D86-BA08-1C1FE613AE1B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C4800305-96DA-42C0-B462-3246FDCFC4E5} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4800305-96DA-42C0-B462-3246FDCFC4E5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F034EEC8-BAC3-4D78-A784-355D95CF8465}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F034EEC8-BAC3-4D78-A784-355D95CF8465}" => Key deleted successfully.
C:\Windows\System32\Tasks\{8C632739-F0B1-4E67-A167-B1106E8B1A73} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8C632739-F0B1-4E67-A167-B1106E8B1A73}" => Key deleted successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1011354896-3533526268-1818183625-1000UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 872.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog 11:58:07 ====

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#10 Příspěvek od altrok »

OK, fixlist probehl cely... nevim, jak dlouho tu dneska budu... do kdy notas potrebujete odevzdat majitelce? Dneska/zitra?

Dejte pak log z MBAMu a nasledne i aktualni log z FRST.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prosím o kontrolu

#11 Příspěvek od PredyP »

Nedomlouval jsem se sní na tom, ona se teď s přítelem stěhovala do nového a tam stejně ještě nemají internet. Tak až to doděláme tak to bude.
MBAM jede vlastní sken.
FRSTLaucher z plochy zmizel

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#12 Příspěvek od altrok »

Mazal jsem ho fixlistem... postaci mi pak logy ze samotneho FRST.exe
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prosím o kontrolu

#13 Příspěvek od PredyP »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21.2.2015
Čas skenování: 12:37:38
Protokol: MBAM-Log.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.02.21.03
Databáze rootkitů: v2015.02.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: PredeckA!

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 486142
Uplynulý čas: 1 hod, 34 min, 48 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 4
Trojan.Agent.W, C:\Windows\Setup\SCRIPTS\Windows7Loader.exe, , [987f200102880d29a44a591a8b7a22de],
PUP.Optional.Bitcoin, C:\Windows\System32\acumncyeakc.exe, , [da3d5fc28dfdbd79e5451727b34f9070],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncyeakc.exe, , [5bbcfb266525ef47274f52e4f908c43c],
Trojan.BitMiner, C:\Windows\System32\dcgmncyeakc.exe, , [8e891011aae0d85e5dc8014e25dd6f91],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by Predecká (administrator) on PREDECKA-23 on 21-02-2015 14:33:12
Running from C:\Users\Predecká\Desktop
Loaded Profiles: Predecká (Available profiles: Predecká)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\stacsv.exe
(Nero AG) C:\Program Files\Nero\Nero 9\InCD\InCDSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Nero AG) C:\Program Files\Nero\Nero 9\InCD\NBHRegInCDSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\winsxs\x86_microsoft-windows-s..-downlevel.binaries_31bf3856ad364e35_6.3.9600.17633_none_038108a946eca5c7\MsSpellCheckingFacility.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-01-28] (IDT, Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1243864 2015-01-30] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-20] (AVAST Software)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [752736 2012-10-08] (ZONER software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Nero 9\InCD\NBHshx.dll (Nero AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1011354896-3533526268-1818183625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Ukazatel S-Rank -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files\Seznam.cz\bin\core.4.dll ()
Toolbar: HKU\S-1-5-21-1011354896-3533526268-1818183625-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.2
Tcpip\..\Interfaces\{3832DA06-64DB-4473-9E87-BFA11F36C287}: [NameServer] 8.8.8.8,8.8.8.4

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1011354896-3533526268-1818183625-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Predecká\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1011354896-3533526268-1818183625-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1011354896-3533526268-1818183625-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Predecká\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> https://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-18]
CHR Extension: (Google Drive) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-18]
CHR Extension: (YouTube) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Google Search) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (Google Wallet) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-14]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-11-16]
CHR Extension: (Gmail) - C:\Users\Predecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
StartMenuInternet: Google Chrome - C:\Users\Predecká\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-20] (AVAST Software)
R2 CLPSLS; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [1052472 2011-11-23] (COMODO)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5868440 2015-01-30] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664216 2015-01-30] (COMODO)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126008 2010-10-07] (Hewlett-Packard Company)
R2 InCDSrv; C:\Program Files\Nero\Nero 9\InCD\InCDSrv.exe [1493528 2009-05-08] (Nero AG)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 NeroRegInCDSrv; C:\Program Files\Nero\Nero 9\InCD\NBHRegInCDSrv.exe [109080 2009-05-08] (Nero AG)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-28] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-02-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73480 2015-02-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-02-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-02-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-02-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-02-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-02-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-02-20] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17088 2015-01-30] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [618072 2015-01-30] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41248 2015-01-30] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-08-24] (DT Soft Ltd)
R3 InCDFs; C:\Windows\System32\DRIVERS\InCDFs.sys [129944 2009-05-08] (Nero AG)
R3 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [48280 2009-05-08] (Nero AG)
R1 InCDRec; C:\Windows\System32\DRIVERS\InCDRec.sys [19096 2009-05-08] (Nero AG)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91200 2015-01-30] (COMODO)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-21] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-02-05] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 14:33 - 2015-02-21 14:33 - 00012778 _____ () C:\Users\Predecká\Desktop\FRST.txt
2015-02-21 12:32 - 2015-02-21 12:32 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-21 12:32 - 2015-02-21 12:32 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-21 12:32 - 2015-02-21 12:32 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-21 12:32 - 2015-02-21 12:32 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-21 12:32 - 2015-02-21 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-21 12:32 - 2015-02-21 12:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-21 12:32 - 2015-02-21 12:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-21 12:28 - 2015-02-21 12:28 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Predecká\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-21 11:57 - 2015-02-21 11:57 - 00029696 _____ () C:\Users\Predecká\AppData\Local\MSGBOX.EXE
2015-02-21 11:57 - 2015-02-21 11:57 - 00015327 _____ () C:\Users\Predecká\Desktop\LM.bat
2015-02-20 13:38 - 2015-02-21 14:33 - 00000000 ____D () C:\FRST
2015-02-20 13:36 - 2015-02-20 13:36 - 01126400 _____ (Farbar) C:\Users\Predecká\Desktop\FRST.exe
2015-02-20 10:53 - 2015-02-20 10:53 - 00000000 __SHD () C:\Users\Predecká\AppData\Local\EmieBrowserModeList
2015-02-20 10:21 - 2015-02-20 10:21 - 00000000 ____D () C:\Users\Predecká\AppData\Roaming\AVAST Software
2015-02-20 10:21 - 2015-02-20 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-20 10:20 - 2015-02-20 10:20 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-20 10:20 - 2015-02-20 10:20 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00073480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-20 10:20 - 2015-02-20 10:20 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-20 10:20 - 2015-02-20 10:19 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-02-20 10:19 - 2015-02-20 10:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-20 10:19 - 2015-02-20 10:19 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-20 10:07 - 2015-02-20 10:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-20 10:07 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-20 10:07 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-20 09:55 - 2015-02-20 09:55 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-19 22:13 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-19 22:13 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-02-19 22:13 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-02-19 22:13 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-02-19 22:13 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-02-19 22:13 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-19 22:12 - 2015-02-19 22:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-19 22:12 - 2015-02-19 22:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-19 22:12 - 2015-02-19 22:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-19 22:12 - 2015-02-19 22:12 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-19 22:12 - 2015-02-19 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-19 22:12 - 2015-02-19 22:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-19 22:12 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-02-19 22:11 - 2015-02-19 22:11 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-02-19 22:10 - 2015-02-19 22:10 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-19 22:10 - 2015-02-19 22:10 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-02-19 22:09 - 2015-02-19 22:10 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-19 22:09 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-02-19 22:06 - 2015-02-19 22:06 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-02-19 22:06 - 2015-02-19 22:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-02-19 22:05 - 2015-02-19 22:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-02-19 22:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-02-19 22:01 - 2015-02-19 22:01 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-19 22:01 - 2015-02-19 22:01 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-19 22:00 - 2015-02-19 22:00 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-02-19 21:47 - 2015-02-19 21:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-02-19 21:46 - 2015-02-19 21:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-02-19 21:45 - 2015-02-19 21:45 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-02-19 21:44 - 2015-02-19 21:44 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-02-19 21:44 - 2015-02-19 21:44 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-02-19 21:43 - 2015-02-19 21:43 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-02-19 21:43 - 2015-02-19 21:43 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-02-19 21:43 - 2015-02-19 21:43 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-02-19 21:43 - 2015-02-19 21:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-19 21:42 - 2015-02-19 21:42 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-19 21:42 - 2015-02-19 21:42 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-19 21:37 - 2015-02-19 21:37 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-19 21:36 - 2015-02-19 21:36 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-02-19 21:36 - 2015-02-19 21:36 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-19 21:36 - 2015-02-19 21:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-02-19 21:36 - 2015-02-19 21:36 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-19 21:36 - 2015-02-19 21:36 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-19 21:36 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-19 21:35 - 2015-02-19 21:35 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-19 21:35 - 2015-02-19 21:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-19 21:34 - 2015-02-19 21:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-19 21:33 - 2015-02-19 21:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-02-19 21:33 - 2015-02-19 21:33 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-02-19 21:32 - 2015-02-19 21:32 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-02-19 21:32 - 2015-02-19 21:32 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-02-19 21:13 - 2015-02-19 21:13 - 00000000 ____D () C:\ProgramData\Shared Space
2015-02-19 21:10 - 2015-02-19 21:10 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2015-02-19 20:55 - 2015-02-19 21:15 - 00000000 ____D () C:\ProgramData\Comodo
2015-02-19 20:53 - 2015-02-21 12:11 - 00323700 _____ () C:\Windows\PFRO.log
2015-02-19 20:53 - 2015-02-21 12:11 - 00000448 _____ () C:\Windows\setupact.log
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-15 09:51 - 2015-02-15 09:51 - 00000000 ____D () C:\Users\Predecká\AppData\Local\{F712AA13-5CE0-44EA-8B78-153007BAB565}
2015-01-30 12:27 - 2015-01-30 12:27 - 00618072 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-01-30 12:27 - 2015-01-30 12:27 - 00386768 _____ (COMODO) C:\Windows\system32\guard32.dll
2015-01-30 12:27 - 2015-01-30 12:27 - 00286424 _____ (COMODO) C:\Windows\system32\cmdvrt32.dll
2015-01-30 12:27 - 2015-01-30 12:27 - 00091200 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-01-30 12:27 - 2015-01-30 12:27 - 00041248 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-01-30 12:27 - 2015-01-30 12:27 - 00040664 _____ (COMODO) C:\Windows\system32\cmdkbd32.dll
2015-01-30 12:27 - 2015-01-30 12:27 - 00033520 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-01-30 12:27 - 2015-01-30 12:27 - 00017088 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-01-25 21:13 - 2015-01-25 21:14 - 00000000 ____D () C:\Users\Predecká\Downloads\9.serie

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 14:33 - 2013-03-06 14:37 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 13:24 - 2011-02-05 18:06 - 01290302 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 12:19 - 2009-07-14 05:34 - 00025872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 12:19 - 2009-07-14 05:34 - 00025872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 12:18 - 2011-02-05 18:12 - 01732304 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-21 12:12 - 2014-07-14 08:52 - 00826880 ___SH () C:\Users\Predecká\Desktop\Thumbs.db
2015-02-21 12:11 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 11:51 - 2011-12-25 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-21 11:51 - 2011-11-26 10:34 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-20 14:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-20 14:15 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-20 13:47 - 2012-10-22 16:03 - 00000000 ____D () C:\Users\Predecká\AppData\Local\CrashDumps
2015-02-20 13:06 - 2011-04-15 11:23 - 00000000 ____D () C:\ProgramData\ICQ
2015-02-20 12:50 - 2009-07-14 05:33 - 00418304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-20 12:47 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2015-02-20 11:41 - 2013-10-12 08:31 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-20 10:01 - 2011-02-05 19:30 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-20 09:55 - 2014-04-30 09:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-20 09:55 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-02-19 21:15 - 2011-02-06 01:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-02-19 21:12 - 2011-02-06 01:07 - 00000000 ____D () C:\Program Files\COMODO
2015-02-19 20:48 - 2011-02-05 22:20 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-19 20:36 - 2011-07-05 13:49 - 00000000 ____D () C:\Windows\pss
2015-02-18 19:37 - 2012-01-15 11:48 - 00000000 ___RD () C:\OBLÍBENÉ
2015-02-18 19:36 - 2011-08-23 11:02 - 00000000 ____D () C:\Škola
2015-02-04 23:33 - 2013-03-06 14:37 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-04 23:33 - 2011-07-05 21:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-29 17:49 - 2011-02-05 19:36 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2011-02-17 20:30 - 2014-10-14 19:42 - 0000147 _____ () C:\Users\Predecká\AppData\Roaming\default.rss
2015-02-21 11:57 - 2015-02-21 11:57 - 0029696 _____ () C:\Users\Predecká\AppData\Local\MSGBOX.EXE
2012-12-05 13:58 - 2012-12-05 13:58 - 0000017 _____ () C:\Users\Predecká\AppData\Local\resmon.resmoncfg
2011-08-09 12:23 - 2011-08-09 12:23 - 0000000 _____ () C:\Users\Predecká\AppData\Local\{B1AE5B7A-A80D-46D7-8DE3-162D260CB2CC}
2011-08-09 12:15 - 2011-08-09 12:15 - 0000000 _____ () C:\Users\Predecká\AppData\Local\{EAA66C59-0AD1-4596-8485-1B0CB4009601}
2011-02-06 01:02 - 2011-02-06 01:02 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-15 10:20

==================== End Of Log ============================

altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#14 Příspěvek od altrok »

BitCoin minery smazte. Co se muze stat pri smazani 4. nalezu netusim. Z duvodu poruseni pravidel fora - crackleho operacniho systemu - je toto leceni u konce (v event logu je nekolik chyb pri navazani aktualizaci, za coz dle meho muze prave crack).
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prosím o kontrolu

#15 Příspěvek od PredyP »

To je ale divné s tím crackleho operacniho systemu na spodu je štítek na win 7, ještě sem jí tedy volal a ona tvrdí že je to koupené s OS.

Zamčeno