VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zamrzani PC

https://forum.viry.cz:443/viewtopic.php?t=143458

Stránka 1 z 1

Zamrzani PC

Napsal: 11 bře 2015 18:36
od Albrecht
Zdravim boguzel se mi zase zacal sekat PC. Vzdz resetuju chvili jde a najednou se sekne nejvice v google chrome, ale i mimo nej. prosim o radu.

----------------------------------------------------------------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by hp (administrator) on HP-HP on 11-03-2015 18:34:14
Running from C:\Users\hp\Desktop
Loaded Profiles: hp (Available profiles: hp & Sabina & Sandra & Petr & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Gridspot) C:\Program Files (x86)\Gridspot\Gridspot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\hp\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-12-12] (PC Tools)
HKLM-x32\...\Run: [Gridspot] => C:\Program Files (x86)\Gridspot\Gridspot.exe [525168 2012-03-20] (Gridspot)
HKLM-x32\...\Run: [MyPublicWiFi] => C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe [2002944 2011-12-22] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-20] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\MountPoints2: J - J:\autorun.exe
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\MountPoints2: {7aad374a-d8b4-11e0-883b-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
HKU\TS_KeyLodaded\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Guest\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\TS_KeyLodaded\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Guest\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\TS_KeyLodaded\...\Run: [uTorrent] => C:\Users\Guest\AppData\Roaming\uTorrent\uTorrent.exe [1418832 2014-09-13] (BitTorrent Inc.)
HKU\TS_KeyLodaded\...\Run: [{79BF4901-1EC4-4726-B3C2-A7859706C6E7}] => C:\Users\Guest\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe [32229024 2014-08-24] (Riot Games)
HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:8555;https=127.0.0.1:8555
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5251
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
SearchScopes: HKU\S-1-5-21-3652145099-1749333591-366478180-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3652145099-1749333591-366478180-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3652145099-1749333591-366478180-1000 -> {4078FCEF-4277-4536-9AF4-E43B8C9CD31F} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5251
SearchScopes: HKU\TS_KeyLodaded -> {2DD496D4-B21F-4B9E-9D45-80B9312FE9E4} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\TS_KeyLodaded -> {57892B23-E393-474C-987A-97BD8C62A4B5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {5E129CDA-ABEB-48C5-8BCF-355EEA567284} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {5F744618-9107-4298-B619-5D4923892A5D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\TS_KeyLodaded -> {84699356-C568-40CE-A470-5826CE3FC720} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {98EBCEF3-DBEE-46BF-BAE4-52BDF1FE601A} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {AE2D1DB3-E531-41BB-948A-D669DE7AC53C} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={se ... ype=HPDTDF
SearchScopes: HKU\TS_KeyLodaded -> {C5582402-4283-4A58-94CF-DBA7EDE77AF5} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {CBA77424-721E-46F1-8D4D-2F37D5516DFC} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {D2831001-D38E-40BF-B263-9CAFAC74383E} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Se ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-21] (Sun Microsystems, Inc.)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09] (HP)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-21] (Sun Microsystems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-06-09] (HP)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-04-21] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll [2014-12-07] ()
FF Plugin HKU\S-1-5-21-3652145099-1749333591-366478180-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\hp\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3652145099-1749333591-366478180-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\hp\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-05] (Unity Technologies ApS)
FF Plugin HKU\TS_KeyLodaded: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Guest\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\searchplugins\badoo.xml [2013-11-05]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\searchplugins\firmycz.xml [2014-01-11]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\searchplugins\mapycz.xml [2014-01-11]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\searchplugins\zbocz.xml [2014-01-11]
FF Extension: Seznam lištička - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-08]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-19]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF HKU\TS_KeyLodaded\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-21]
CHR Extension: (Google Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-21]
CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-21]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-21]
CHR Extension: (Google Search) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-21]
CHR Extension: (Google Sheets) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Google Wallet) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-20] (AVAST Software)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2647256 2014-01-24] (Blue Coat Systems, Inc.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-12-07] (WildTangent)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-12-12] (PC Tools)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-01-12] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-20] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-20] ()
R2 bckd; C:\Windows\System32\drivers\bckd.sys [126168 2014-01-24] (Blue Coat Systems, Inc.)
R2 GridspotVMDriver; C:\Program Files (x86)\Gridspot\VMRuntime\VBoxDrv.sys [224048 2011-11-04] (Oracle Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-08-25] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-06-10] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 18:34 - 2015-03-11 18:35 - 00021719 _____ () C:\Users\hp\Desktop\FRST.txt
2015-03-11 18:33 - 2015-03-11 18:33 - 00112640 _____ (forum.viry.cz) C:\Users\hp\Desktop\FRSTLauncher.exe
2015-03-11 18:33 - 2015-03-11 18:33 - 00029696 _____ () C:\Users\hp\AppData\Local\MSGBOX.EXE
2015-03-11 18:33 - 2015-03-11 18:33 - 00015327 _____ () C:\Users\hp\Desktop\LM.bat
2015-03-11 18:31 - 2015-03-11 18:31 - 02095616 _____ (Farbar) C:\Users\hp\Desktop\FRST64 (1).exe
2015-03-11 18:30 - 2015-03-11 18:30 - 02095616 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2015-03-08 14:50 - 2015-03-08 14:50 - 00001166 _____ () C:\Users\hp\Desktop\TERA.lnk
2015-03-08 14:50 - 2015-03-08 14:50 - 00000000 ____D () C:\Users\hp\AppData\Roaming\TERA
2015-03-08 14:28 - 2015-03-08 14:29 - 00000000 ____D () C:\Users\hp\Documents\NFS Most Wanted
2015-03-08 14:27 - 2007-05-01 18:24 - 00000000 ____D () C:\Users\hp\Desktop\Need for Speed Most Wanted
2015-03-08 14:17 - 2015-03-08 14:26 - 370552018 _____ () C:\Users\hp\Desktop\Need For Speed Most Wanted - (Www.ApunKaGames.Net).rar
2015-03-08 14:05 - 2015-03-08 14:05 - 00000000 __SHD () C:\Users\hp\AppData\Local\EmieBrowserModeList
2015-03-08 13:47 - 2015-03-08 13:47 - 00003086 _____ () C:\Windows\System32\Tasks\{4BB3338A-779A-4FFB-9523-2BDB113CF241}
2015-03-07 20:07 - 2015-03-07 20:07 - 00001254 _____ () C:\Windows\PFRO.log
2015-03-07 15:19 - 2015-03-07 15:19 - 00017419 _____ () C:\Windows\DirectX.log
2015-03-07 15:16 - 2015-03-08 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-03-07 15:16 - 2015-03-07 15:18 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2015-03-07 15:16 - 2015-03-07 15:16 - 00001069 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk
2015-03-07 15:16 - 2015-03-07 15:16 - 00000000 ____D () C:\Users\hp\Downloads\Gameforge Live
2015-03-07 15:16 - 2015-03-07 15:16 - 00000000 ____D () C:\Users\hp\AppData\Local\Gameforge4d
2015-03-07 15:15 - 2015-03-07 15:16 - 20193856 _____ (Gameforge ) C:\Users\hp\Desktop\AION_GameforgeLiveSetup_EN.exe
2015-03-07 14:45 - 2015-03-07 14:45 - 02780502 _____ (NC Interactive, LLC) C:\Users\Sandra\Downloads\Unconfirmed 297634.crdownload
2015-03-06 19:35 - 2015-03-06 19:35 - 00000000 ____D () C:\Users\Sandra\AppData\Local\Steam
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 __SHD () C:\Users\Petr\AppData\Local\EmieUserList
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 __SHD () C:\Users\Petr\AppData\Local\EmieSiteList
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 __SHD () C:\Users\Petr\AppData\Local\EmieBrowserModeList
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Symantec
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 ____D () C:\Users\Petr\AppData\Local\AuthenTec
2015-02-28 17:41 - 2012-10-24 20:44 - 00656048 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2473985.exe
2015-02-28 17:40 - 2015-02-28 17:40 - 00000000 ____D () C:\Users\Sabina\AppData\Local\Glyph
2015-02-28 17:31 - 2015-02-28 17:31 - 00000000 ____D () C:\Users\Sabina\AppData\Local\Steam
2015-02-25 22:24 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 22:24 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 19:55 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-25 19:55 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-25 19:55 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-25 19:55 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 18:39 - 2015-02-25 18:39 - 00000000 _____ () C:\Users\Sandra\Desktop\New Bitmap Image.bmp
2015-02-24 20:36 - 2015-03-08 18:51 - 00109688 _____ () C:\Users\Petr\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-24 20:36 - 2015-02-24 20:37 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\TP-LINK
2015-02-24 20:36 - 2015-02-24 20:36 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\AVAST Software
2015-02-24 20:36 - 2015-02-24 20:36 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Apple Computer
2015-02-24 20:36 - 2015-02-24 20:36 - 00000000 ____D () C:\Users\Petr\AppData\Local\PDFC
2015-02-24 20:36 - 2015-02-24 20:36 - 00000000 ____D () C:\Users\Petr\AppData\Local\Gridspot
2015-02-24 20:35 - 2015-03-08 19:00 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E26CDEE8-72F0-405B-B33E-1DB6CE7DC00C}
2015-02-24 20:35 - 2015-02-24 20:35 - 00001375 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-24 20:35 - 2015-02-24 20:35 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Adobe
2015-02-24 20:35 - 2015-02-24 20:35 - 00000000 ____D () C:\Users\Petr\AppData\Local\Google
2015-02-24 20:34 - 2015-03-11 09:22 - 00000632 __RSH () C:\Users\Petr\ntuser.pol
2015-02-24 20:33 - 2015-03-11 18:27 - 00005977 _____ () C:\Windows\setupact.log
2015-02-24 20:33 - 2015-03-11 09:22 - 00000000 ____D () C:\Users\Petr
2015-02-24 20:33 - 2015-02-24 20:33 - 00000020 ___SH () C:\Users\Petr\ntuser.ini
2015-02-24 20:33 - 2015-02-24 20:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-24 20:33 - 2013-10-11 15:16 - 00000000 ____D () C:\Users\Petr\AppData\Local\Adobe
2015-02-24 20:33 - 2012-07-21 02:01 - 00000000 ____D () C:\Users\Petr\AppData\Local\Microsoft Help
2015-02-24 20:33 - 2011-08-25 17:18 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Macromedia
2015-02-24 20:33 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-24 20:33 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-24 20:29 - 2015-02-24 20:29 - 00010532 _____ () C:\Users\hp\Desktop\cc_20150224_202906.reg
2015-02-24 20:28 - 2015-02-24 20:28 - 00097248 _____ () C:\Users\hp\Desktop\cc_20150224_202850.reg
2015-02-24 20:25 - 2015-02-24 20:25 - 00000000 ____D () C:\Users\hp\AppData\Roaming\BANDISOFT
2015-02-24 20:21 - 2015-02-24 20:21 - 05325696 _____ (Piriform Ltd) C:\Users\hp\Downloads\ccsetup503.exe
2015-02-19 22:12 - 2015-02-19 22:42 - 00000000 ____D () C:\Users\hp\AppData\Roaming\iSpy
2015-02-19 21:06 - 2015-02-19 21:06 - 00003086 _____ () C:\Windows\System32\Tasks\{F5585328-B50C-45D5-9DF6-31653FD9179A}
2015-02-19 17:24 - 2015-02-19 17:24 - 01523659 _____ () C:\Users\Sandra\Downloads\GTA V Demo (1).rar
2015-02-19 17:24 - 2015-02-19 17:24 - 00499597 _____ () C:\Users\Sandra\Downloads\rarosx-5.2.0.tar.gz
2015-02-19 17:23 - 2015-02-19 17:23 - 01941352 _____ () C:\Users\Sandra\Downloads\winrar-x64-521b2.exe
2015-02-19 17:22 - 2015-02-19 17:22 - 01523659 _____ () C:\Users\Sandra\Downloads\GTA V Demo.rar
2015-02-19 17:07 - 2015-02-19 17:07 - 00003086 _____ () C:\Windows\System32\Tasks\{5BB4E76A-0C99-4A0F-A3E9-CCBC232D9D1E}
2015-02-12 21:14 - 2015-02-12 21:14 - 00000000 ____D () C:\Users\hp\AppData\Local\Ubisoft
2015-02-12 20:41 - 2015-02-12 20:41 - 00000000 ____D () C:\Users\Sandra\AppData\Local\Ubisoft
2015-02-12 20:12 - 2015-02-12 20:12 - 00000222 _____ () C:\Users\Sandra\Desktop\Tom Clancy's Ghost Recon Phantoms - EU.url
2015-02-12 20:12 - 2015-02-12 20:12 - 00000000 ____D () C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-12 17:14 - 2015-02-12 17:14 - 00000000 ____D () C:\Users\Sandra\AppData\Roaming\steam.transformice.com
2015-02-12 16:58 - 2015-02-12 16:58 - 00000000 ____D () C:\Users\Sandra\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2015-02-12 16:03 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 16:03 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 16:03 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 16:03 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 17:01 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 17:01 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 17:01 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 17:01 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 17:01 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 17:01 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 17:01 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 17:01 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 17:01 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 17:01 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 17:01 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 17:01 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 17:01 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 17:01 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 17:01 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 17:01 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 17:01 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 17:01 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 17:01 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 17:01 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 17:01 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 17:01 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 17:01 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 17:01 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 17:01 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 17:01 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 17:01 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 17:01 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 17:01 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 17:01 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 17:01 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 17:01 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 17:01 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 17:01 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 17:01 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 17:01 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 17:01 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 17:01 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 17:01 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 17:01 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 17:01 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 17:01 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 17:01 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 17:01 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 17:01 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 17:01 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 17:01 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 17:01 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 17:01 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 17:01 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 17:01 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 17:01 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 17:01 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 17:00 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 16:59 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 16:59 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 16:59 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 16:59 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 16:59 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 16:59 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 16:59 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 16:59 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 16:59 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 16:59 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 16:59 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 16:59 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 16:59 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 16:59 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 16:59 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 16:59 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 16:59 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 16:59 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 16:59 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 16:59 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 16:58 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 16:58 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 16:58 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 16:58 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 16:58 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 16:58 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 16:58 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 16:58 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 16:58 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 16:58 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 16:58 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 16:58 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 16:58 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 16:58 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 16:58 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 16:58 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 16:58 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 16:58 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 16:58 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 16:58 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 16:57 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 18:34 - 2014-11-22 21:32 - 00000000 ____D () C:\FRST
2015-03-11 18:34 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-11 18:34 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-11 18:30 - 2012-02-15 19:51 - 01270867 _____ () C:\Windows\WindowsUpdate.log
2015-03-11 18:29 - 2012-07-11 08:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-11 18:27 - 2015-02-04 21:00 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-11 18:27 - 2013-11-01 20:07 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-03-11 18:27 - 2012-04-14 11:00 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-03-11 18:27 - 2011-08-25 17:19 - 00000000 ____D () C:\ProgramData\PDFC
2015-03-11 18:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-11 17:17 - 2014-09-21 18:39 - 00000000 ____D () C:\Users\Sandra\AppData\Roaming\Seznam.cz
2015-03-11 17:05 - 2015-02-04 21:00 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-11 16:56 - 2011-08-25 17:12 - 00000000 ____D () C:\ProgramData\Temp
2015-03-11 16:43 - 2012-04-14 03:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-11 16:02 - 2014-09-21 18:39 - 00000000 ____D () C:\Users\Sandra\AppData\Roaming\Skype
2015-03-11 10:40 - 2014-09-21 18:38 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E5128A28-09FA-4B04-B4DE-030771CB111E}
2015-03-11 10:03 - 2014-09-21 18:38 - 00000906 __RSH () C:\Users\Sandra\ntuser.pol
2015-03-11 10:03 - 2014-09-21 18:38 - 00000000 ____D () C:\Users\Sandra
2015-03-11 10:03 - 2012-04-14 02:51 - 00000632 __RSH () C:\Users\hp\ntuser.pol
2015-03-11 10:03 - 2012-02-15 19:53 - 00000000 ____D () C:\Users\hp
2015-03-11 09:06 - 2012-04-28 05:06 - 00002104 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-11 08:38 - 2011-08-25 17:23 - 00000000 ____D () C:\ProgramData\truesuite
2015-03-10 22:46 - 2014-11-22 17:13 - 00000000 ____D () C:\Users\Sabina\AppData\Roaming\uTorrent
2015-03-10 22:16 - 2014-09-21 16:45 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F8DFF3C6-CD79-4584-AC22-822C0B72B262}
2015-03-10 20:59 - 2014-09-21 16:55 - 00000000 ____D () C:\Users\Sabina\AppData\Roaming\Skype
2015-03-10 17:08 - 2015-01-28 21:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-10 15:40 - 2013-11-16 19:17 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-10 13:32 - 2014-09-21 16:44 - 00000906 __RSH () C:\Users\Sabina\ntuser.pol
2015-03-10 13:32 - 2014-09-21 16:44 - 00000000 ____D () C:\Users\Sabina
2015-03-10 11:12 - 2012-02-15 19:58 - 00003902 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5476B59C-F8DD-4429-96C2-6BFF815825C1}
2015-03-10 00:06 - 2012-12-18 00:19 - 00000000 ____D () C:\Windows\Minidump
2015-03-10 00:06 - 2011-09-06 19:17 - 00287898 ____N () C:\Windows\Minidump\031015-16536-01.dmp
2015-03-08 14:47 - 2012-04-14 04:05 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Skype
2015-03-08 13:47 - 2012-04-14 04:04 - 00000000 ____D () C:\ProgramData\Skype
2015-03-07 20:12 - 2014-09-21 16:45 - 00109688 _____ () C:\Users\Sabina\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-07 20:09 - 2009-07-14 05:45 - 04970192 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-07 15:59 - 2014-09-21 18:39 - 00109688 _____ () C:\Users\Sandra\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-07 15:20 - 2012-02-15 19:57 - 00109688 _____ () C:\Users\hp\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-07 15:14 - 2014-01-11 12:55 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-03-07 15:14 - 2014-01-11 12:54 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Seznam.cz
2015-03-07 15:13 - 2011-08-25 17:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-07 15:08 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-07 15:06 - 2014-01-01 19:13 - 00000000 ____D () C:\Program Files (x86)\Graboid
2015-03-07 15:06 - 2012-12-10 16:11 - 00000000 ____D () C:\Fraps
2015-03-07 15:06 - 2012-04-28 05:06 - 00000000 ____D () C:\Users\hp\AppData\Local\Google
2015-03-07 15:06 - 2012-04-15 02:03 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Mozilla
2015-03-07 15:03 - 2012-05-26 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PacSteamT
2015-03-07 15:03 - 2012-05-26 07:46 - 00000000 ____D () C:\PacSteamT
2015-03-07 15:01 - 2014-01-02 01:04 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-03-05 22:00 - 2011-02-11 18:15 - 00770488 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-05 22:00 - 2009-07-14 06:13 - 00770488 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-01 19:15 - 2014-08-04 17:25 - 00000000 ____D () C:\Users\Public\StarStableOnline
2015-02-28 17:45 - 2014-09-21 16:45 - 00000000 ____D () C:\Users\Sabina\AppData\Roaming\Seznam.cz
2015-02-28 17:44 - 2011-08-25 17:15 - 00000000 ____D () C:\ProgramData\WildTangent
2015-02-28 17:44 - 2011-08-25 17:15 - 00000000 ____D () C:\Program Files (x86)\HP Games
2015-02-28 17:40 - 2014-07-10 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2015-02-28 17:38 - 2014-10-30 15:36 - 00000000 ____D () C:\Users\Sabina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-28 17:34 - 2014-10-18 15:30 - 00000000 ____D () C:\Users\Sabina\AppData\Local\CrashDumps
2015-02-26 15:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-24 20:21 - 2014-05-18 10:09 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-24 20:21 - 2014-05-18 10:09 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-24 17:00 - 2014-03-14 21:27 - 00000000 ____D () C:\Users\Guest
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-22 08:43 - 2014-09-21 18:40 - 00000000 ____D () C:\Users\Sandra\AppData\Local\Skype
2015-02-21 10:28 - 2015-01-10 18:47 - 00000000 ____D () C:\Users\Sabina\Documents\Bandicam
2015-02-20 16:20 - 2014-09-21 16:55 - 00000000 ____D () C:\Users\Sabina\AppData\Local\Skype
2015-02-15 16:30 - 2014-09-21 16:45 - 00000000 ____D () C:\Users\Sabina\AppData\Local\PDFC
2015-02-13 13:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 22:13 - 2014-12-15 03:10 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 22:13 - 2014-05-18 05:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 22:13 - 2011-09-06 19:17 - 00288538 _____ () C:\DUMP254b.tmp
2015-02-11 22:01 - 2014-11-03 11:12 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 22:00 - 2012-07-20 11:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 21:58 - 2013-08-14 23:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 21:52 - 2012-05-19 20:20 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2011-08-25 17:22 - 2011-06-10 00:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011
2012-11-09 17:42 - 2012-12-09 16:08 - 0056110 _____ () C:\Users\hp\AppData\Roaming\BigfootCompetitionPL.cfg
2014-02-17 20:58 - 2014-08-22 19:58 - 0000069 _____ () C:\Users\hp\AppData\Roaming\WB.CFG
2015-03-11 18:33 - 2015-03-11 18:33 - 0029696 _____ () C:\Users\hp\AppData\Local\MSGBOX.EXE
2014-01-30 18:10 - 2014-01-30 18:10 - 0007605 _____ () C:\Users\hp\AppData\Local\Resmon.ResmonCfg
2015-02-28 17:41 - 2012-10-24 20:44 - 0656048 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2473985.exe

Files to move or delete:
====================
C:\ProgramData\uninstall2473985.exe


Some content of TEMP:
====================
C:\Users\hp\AppData\Local\Temp\SkypeSetup.exe
C:\Users\hp\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Sabina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sandra\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 00:34

==================== End Of Log ============================

Re: Zamrzani PC

Napsal: 11 bře 2015 19:22
od Rudy
Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Zamrzani PC

Napsal: 11 bře 2015 19:31
od Albrecht
# AdwCleaner v4.112 - Logfile created 11/03/2015 at 19:28:06
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : hp - HP-HP
# Running from : C:\Users\hp\Desktop\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : PanService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Users\Sandra\AppData\Local\TNT2
Folder Deleted : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\wubuji3g.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\njdfx3wm.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
Folder Deleted : C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nglnnifljabmkcecofpnlokcgnmbecia
Folder Deleted : C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmabjcmofdemkaaekcmpocognlfonepb
File Deleted : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorage
File Deleted : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorage-journal

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Google Chrome v41.0.2272.89

[C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.k9safesearch.com/search.jsp?r=o&q={searchTerms}

*************************

AdwCleaner[R1].txt - [1871 bytes] - [22/11/2014 22:16:35]
AdwCleaner[R2].txt - [2695 bytes] - [11/03/2015 19:25:25]
AdwCleaner[S1].txt - [1952 bytes] - [22/11/2014 22:19:13]
AdwCleaner[S2].txt - [2654 bytes] - [11/03/2015 19:28:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2713 bytes] ##########

Re: Zamrzani PC

Napsal: 11 bře 2015 19:47
od Rudy
Dejte nový log FRST.

Re: Zamrzani PC

Napsal: 11 bře 2015 21:01
od Albrecht
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by hp (administrator) on HP-HP on 11-03-2015 20:58:21
Running from C:\Users\hp\Desktop
Loaded Profiles: hp (Available profiles: hp & Sabina & Sandra & Petr & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Gridspot) C:\Program Files (x86)\Gridspot\Gridspot.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\hp\Desktop\FRSTLauncher(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-12-12] (PC Tools)
HKLM-x32\...\Run: [Gridspot] => C:\Program Files (x86)\Gridspot\Gridspot.exe [525168 2012-03-20] (Gridspot)
HKLM-x32\...\Run: [MyPublicWiFi] => C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe [2002944 2011-12-22] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-20] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\MountPoints2: J - J:\autorun.exe
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\MountPoints2: {7aad374a-d8b4-11e0-883b-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
HKU\TS_KeyLodaded\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Guest\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\TS_KeyLodaded\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Guest\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\TS_KeyLodaded\...\Run: [uTorrent] => C:\Users\Guest\AppData\Roaming\uTorrent\uTorrent.exe [1418832 2014-09-13] (BitTorrent Inc.)
HKU\TS_KeyLodaded\...\Run: [{79BF4901-1EC4-4726-B3C2-A7859706C6E7}] => C:\Users\Guest\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe [32229024 2014-08-24] (Riot Games)
HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:8555;https=127.0.0.1:8555
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5251
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3652145099-1749333591-366478180-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3652145099-1749333591-366478180-1000 -> {4078FCEF-4277-4536-9AF4-E43B8C9CD31F} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5251
SearchScopes: HKU\TS_KeyLodaded -> {2DD496D4-B21F-4B9E-9D45-80B9312FE9E4} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\TS_KeyLodaded -> {57892B23-E393-474C-987A-97BD8C62A4B5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {5E129CDA-ABEB-48C5-8BCF-355EEA567284} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {5F744618-9107-4298-B619-5D4923892A5D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\TS_KeyLodaded -> {84699356-C568-40CE-A470-5826CE3FC720} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {98EBCEF3-DBEE-46BF-BAE4-52BDF1FE601A} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {AE2D1DB3-E531-41BB-948A-D669DE7AC53C} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={se ... ype=HPDTDF
SearchScopes: HKU\TS_KeyLodaded -> {C5582402-4283-4A58-94CF-DBA7EDE77AF5} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {CBA77424-721E-46F1-8D4D-2F37D5516DFC} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {D2831001-D38E-40BF-B263-9CAFAC74383E} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\TS_KeyLodaded -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Se ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-21] (Sun Microsystems, Inc.)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09] (HP)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-21] (Sun Microsystems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-06-09] (HP)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-04-21] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll [2014-12-07] ()
FF Plugin HKU\S-1-5-21-3652145099-1749333591-366478180-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\hp\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3652145099-1749333591-366478180-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\hp\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-05] (Unity Technologies ApS)
FF Plugin HKU\TS_KeyLodaded: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Guest\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\searchplugins\badoo.xml [2013-11-05]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\searchplugins\firmycz.xml [2014-01-11]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\searchplugins\mapycz.xml [2014-01-11]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\lv5jc6py.default-1379005186192\searchplugins\zbocz.xml [2014-01-11]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-19]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF HKU\TS_KeyLodaded\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-21]
CHR Extension: (Google Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-21]
CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-21]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-21]
CHR Extension: (Google Search) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-21]
CHR Extension: (Google Sheets) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Google Wallet) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-20] (AVAST Software)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2647256 2014-01-24] (Blue Coat Systems, Inc.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-12-07] (WildTangent)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-12-12] (PC Tools)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-01-12] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-20] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-20] ()
R2 bckd; C:\Windows\System32\drivers\bckd.sys [126168 2014-01-24] (Blue Coat Systems, Inc.)
R2 GridspotVMDriver; C:\Program Files (x86)\Gridspot\VMRuntime\VBoxDrv.sys [224048 2011-11-04] (Oracle Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-08-25] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-06-10] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 20:58 - 2015-03-11 20:58 - 00021665 _____ () C:\Users\hp\Desktop\FRST.txt
2015-03-11 19:24 - 2015-03-11 19:24 - 02171392 _____ () C:\Users\hp\Desktop\adwcleaner_4.112.exe
2015-03-11 18:31 - 2015-03-11 18:31 - 02095616 _____ (Farbar) C:\Users\hp\Desktop\FRST64 (1).exe
2015-03-11 18:30 - 2015-03-11 18:30 - 02095616 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2015-03-08 14:50 - 2015-03-08 14:50 - 00001166 _____ () C:\Users\hp\Desktop\TERA.lnk
2015-03-08 14:50 - 2015-03-08 14:50 - 00000000 ____D () C:\Users\hp\AppData\Roaming\TERA
2015-03-08 14:28 - 2015-03-08 14:29 - 00000000 ____D () C:\Users\hp\Documents\NFS Most Wanted
2015-03-08 14:27 - 2007-05-01 18:24 - 00000000 ____D () C:\Users\hp\Desktop\Need for Speed Most Wanted
2015-03-08 14:17 - 2015-03-08 14:26 - 370552018 _____ () C:\Users\hp\Desktop\Need For Speed Most Wanted - (Www.ApunKaGames.Net).rar
2015-03-08 14:05 - 2015-03-08 14:05 - 00000000 __SHD () C:\Users\hp\AppData\Local\EmieBrowserModeList
2015-03-08 13:47 - 2015-03-08 13:47 - 00003086 _____ () C:\Windows\System32\Tasks\{4BB3338A-779A-4FFB-9523-2BDB113CF241}
2015-03-07 20:07 - 2015-03-07 20:07 - 00001254 _____ () C:\Windows\PFRO.log
2015-03-07 15:19 - 2015-03-07 15:19 - 00017419 _____ () C:\Windows\DirectX.log
2015-03-07 15:16 - 2015-03-08 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-03-07 15:16 - 2015-03-07 15:18 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2015-03-07 15:16 - 2015-03-07 15:16 - 00001069 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk
2015-03-07 15:16 - 2015-03-07 15:16 - 00000000 ____D () C:\Users\hp\Downloads\Gameforge Live
2015-03-07 15:16 - 2015-03-07 15:16 - 00000000 ____D () C:\Users\hp\AppData\Local\Gameforge4d
2015-03-07 15:15 - 2015-03-07 15:16 - 20193856 _____ (Gameforge ) C:\Users\hp\Desktop\AION_GameforgeLiveSetup_EN.exe
2015-03-07 14:45 - 2015-03-07 14:45 - 02780502 _____ (NC Interactive, LLC) C:\Users\Sandra\Downloads\Unconfirmed 297634.crdownload
2015-03-06 19:35 - 2015-03-06 19:35 - 00000000 ____D () C:\Users\Sandra\AppData\Local\Steam
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 __SHD () C:\Users\Petr\AppData\Local\EmieUserList
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 __SHD () C:\Users\Petr\AppData\Local\EmieSiteList
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 __SHD () C:\Users\Petr\AppData\Local\EmieBrowserModeList
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Symantec
2015-03-01 22:19 - 2015-03-01 22:19 - 00000000 ____D () C:\Users\Petr\AppData\Local\AuthenTec
2015-02-28 17:41 - 2012-10-24 20:44 - 00656048 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2473985.exe
2015-02-28 17:40 - 2015-02-28 17:40 - 00000000 ____D () C:\Users\Sabina\AppData\Local\Glyph
2015-02-28 17:31 - 2015-02-28 17:31 - 00000000 ____D () C:\Users\Sabina\AppData\Local\Steam
2015-02-25 22:24 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 22:24 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 19:55 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-25 19:55 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-25 19:55 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-25 19:55 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 18:39 - 2015-02-25 18:39 - 00000000 _____ () C:\Users\Sandra\Desktop\New Bitmap Image.bmp
2015-02-24 20:36 - 2015-03-08 18:51 - 00109688 _____ () C:\Users\Petr\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-24 20:36 - 2015-02-24 20:37 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\TP-LINK
2015-02-24 20:36 - 2015-02-24 20:36 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\AVAST Software
2015-02-24 20:36 - 2015-02-24 20:36 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Apple Computer
2015-02-24 20:36 - 2015-02-24 20:36 - 00000000 ____D () C:\Users\Petr\AppData\Local\PDFC
2015-02-24 20:36 - 2015-02-24 20:36 - 00000000 ____D () C:\Users\Petr\AppData\Local\Gridspot
2015-02-24 20:35 - 2015-03-08 19:00 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E26CDEE8-72F0-405B-B33E-1DB6CE7DC00C}
2015-02-24 20:35 - 2015-02-24 20:35 - 00001375 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-24 20:35 - 2015-02-24 20:35 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Adobe
2015-02-24 20:35 - 2015-02-24 20:35 - 00000000 ____D () C:\Users\Petr\AppData\Local\Google
2015-02-24 20:34 - 2015-03-11 09:22 - 00000632 __RSH () C:\Users\Petr\ntuser.pol
2015-02-24 20:33 - 2015-03-11 19:29 - 00006033 _____ () C:\Windows\setupact.log
2015-02-24 20:33 - 2015-03-11 09:22 - 00000000 ____D () C:\Users\Petr
2015-02-24 20:33 - 2015-02-24 20:33 - 00000020 ___SH () C:\Users\Petr\ntuser.ini
2015-02-24 20:33 - 2015-02-24 20:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-24 20:33 - 2013-10-11 15:16 - 00000000 ____D () C:\Users\Petr\AppData\Local\Adobe
2015-02-24 20:33 - 2012-07-21 02:01 - 00000000 ____D () C:\Users\Petr\AppData\Local\Microsoft Help
2015-02-24 20:33 - 2011-08-25 17:18 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Macromedia
2015-02-24 20:33 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-24 20:33 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-24 20:29 - 2015-02-24 20:29 - 00010532 _____ () C:\Users\hp\Desktop\cc_20150224_202906.reg
2015-02-24 20:28 - 2015-02-24 20:28 - 00097248 _____ () C:\Users\hp\Desktop\cc_20150224_202850.reg
2015-02-24 20:25 - 2015-02-24 20:25 - 00000000 ____D () C:\Users\hp\AppData\Roaming\BANDISOFT
2015-02-24 20:21 - 2015-02-24 20:21 - 05325696 _____ (Piriform Ltd) C:\Users\hp\Downloads\ccsetup503.exe
2015-02-19 22:12 - 2015-02-19 22:42 - 00000000 ____D () C:\Users\hp\AppData\Roaming\iSpy
2015-02-19 21:06 - 2015-02-19 21:06 - 00003086 _____ () C:\Windows\System32\Tasks\{F5585328-B50C-45D5-9DF6-31653FD9179A}
2015-02-19 17:24 - 2015-02-19 17:24 - 01523659 _____ () C:\Users\Sandra\Downloads\GTA V Demo (1).rar
2015-02-19 17:24 - 2015-02-19 17:24 - 00499597 _____ () C:\Users\Sandra\Downloads\rarosx-5.2.0.tar.gz
2015-02-19 17:23 - 2015-02-19 17:23 - 01941352 _____ () C:\Users\Sandra\Downloads\winrar-x64-521b2.exe
2015-02-19 17:22 - 2015-02-19 17:22 - 01523659 _____ () C:\Users\Sandra\Downloads\GTA V Demo.rar
2015-02-19 17:07 - 2015-02-19 17:07 - 00003086 _____ () C:\Windows\System32\Tasks\{5BB4E76A-0C99-4A0F-A3E9-CCBC232D9D1E}
2015-02-12 21:14 - 2015-02-12 21:14 - 00000000 ____D () C:\Users\hp\AppData\Local\Ubisoft
2015-02-12 20:41 - 2015-02-12 20:41 - 00000000 ____D () C:\Users\Sandra\AppData\Local\Ubisoft
2015-02-12 20:12 - 2015-02-12 20:12 - 00000222 _____ () C:\Users\Sandra\Desktop\Tom Clancy's Ghost Recon Phantoms - EU.url
2015-02-12 20:12 - 2015-02-12 20:12 - 00000000 ____D () C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-12 17:14 - 2015-02-12 17:14 - 00000000 ____D () C:\Users\Sandra\AppData\Roaming\steam.transformice.com
2015-02-12 16:58 - 2015-02-12 16:58 - 00000000 ____D () C:\Users\Sandra\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2015-02-12 16:03 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 16:03 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 16:03 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 16:03 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 17:01 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 17:01 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 17:01 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 17:01 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 17:01 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 17:01 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 17:01 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 17:01 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 17:01 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 17:01 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 17:01 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 17:01 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 17:01 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 17:01 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 17:01 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 17:01 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 17:01 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 17:01 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 17:01 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 17:01 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 17:01 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 17:01 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 17:01 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 17:01 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 17:01 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 17:01 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 17:01 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 17:01 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 17:01 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 17:01 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 17:01 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 17:01 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 17:01 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 17:01 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 17:01 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 17:01 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 17:01 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 17:01 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 17:01 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 17:01 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 17:01 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 17:01 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 17:01 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 17:01 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 17:01 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 17:01 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 17:01 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 17:01 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 17:01 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 17:01 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 17:01 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 17:01 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 17:01 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 17:01 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 17:01 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 17:01 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 17:00 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 16:59 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 16:59 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 16:59 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 16:59 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 16:59 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 16:59 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 16:59 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 16:59 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 16:59 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 16:59 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 16:59 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 16:59 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 16:59 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 16:59 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 16:59 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 16:59 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 16:59 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 16:59 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 16:59 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 16:59 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 16:58 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 16:58 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 16:58 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 16:58 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 16:58 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 16:58 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 16:58 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 16:58 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 16:58 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 16:58 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 16:58 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 16:58 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 16:58 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 16:58 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 16:58 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 16:58 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 16:58 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 16:58 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 16:58 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 16:58 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 16:57 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 20:58 - 2014-11-22 21:32 - 00000000 ____D () C:\FRST
2015-03-11 20:45 - 2012-04-14 04:05 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Skype
2015-03-11 20:43 - 2012-04-14 03:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-11 20:33 - 2012-07-11 08:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-11 20:05 - 2015-02-04 21:00 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-11 19:36 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-11 19:36 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-11 19:32 - 2012-02-15 19:51 - 01279025 _____ () C:\Windows\WindowsUpdate.log
2015-03-11 19:31 - 2015-02-04 21:00 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-11 19:29 - 2013-11-01 20:07 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-03-11 19:29 - 2012-04-14 11:00 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-03-11 19:29 - 2011-08-25 17:19 - 00000000 ____D () C:\ProgramData\PDFC
2015-03-11 19:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-11 19:28 - 2014-11-22 22:16 - 00000000 ____D () C:\AdwCleaner
2015-03-11 18:35 - 2012-02-15 19:58 - 00003902 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5476B59C-F8DD-4429-96C2-6BFF815825C1}
2015-03-11 17:17 - 2014-09-21 18:39 - 00000000 ____D () C:\Users\Sandra\AppData\Roaming\Seznam.cz
2015-03-11 16:56 - 2011-08-25 17:12 - 00000000 ____D () C:\ProgramData\Temp
2015-03-11 16:02 - 2014-09-21 18:39 - 00000000 ____D () C:\Users\Sandra\AppData\Roaming\Skype
2015-03-11 10:40 - 2014-09-21 18:38 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E5128A28-09FA-4B04-B4DE-030771CB111E}
2015-03-11 10:03 - 2014-09-21 18:38 - 00000906 __RSH () C:\Users\Sandra\ntuser.pol
2015-03-11 10:03 - 2014-09-21 18:38 - 00000000 ____D () C:\Users\Sandra
2015-03-11 10:03 - 2012-04-14 02:51 - 00000632 __RSH () C:\Users\hp\ntuser.pol
2015-03-11 10:03 - 2012-02-15 19:53 - 00000000 ____D () C:\Users\hp
2015-03-11 09:06 - 2012-04-28 05:06 - 00002104 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-11 08:38 - 2011-08-25 17:23 - 00000000 ____D () C:\ProgramData\truesuite
2015-03-10 22:46 - 2014-11-22 17:13 - 00000000 ____D () C:\Users\Sabina\AppData\Roaming\uTorrent
2015-03-10 22:16 - 2014-09-21 16:45 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F8DFF3C6-CD79-4584-AC22-822C0B72B262}
2015-03-10 20:59 - 2014-09-21 16:55 - 00000000 ____D () C:\Users\Sabina\AppData\Roaming\Skype
2015-03-10 17:08 - 2015-01-28 21:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-10 15:40 - 2013-11-16 19:17 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-10 13:32 - 2014-09-21 16:44 - 00000906 __RSH () C:\Users\Sabina\ntuser.pol
2015-03-10 13:32 - 2014-09-21 16:44 - 00000000 ____D () C:\Users\Sabina
2015-03-10 00:06 - 2012-12-18 00:19 - 00000000 ____D () C:\Windows\Minidump
2015-03-10 00:06 - 2011-09-06 19:17 - 00287898 ____N () C:\Windows\Minidump\031015-16536-01.dmp
2015-03-08 13:47 - 2012-04-14 04:04 - 00000000 ____D () C:\ProgramData\Skype
2015-03-07 20:12 - 2014-09-21 16:45 - 00109688 _____ () C:\Users\Sabina\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-07 20:09 - 2009-07-14 05:45 - 04970192 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-07 15:59 - 2014-09-21 18:39 - 00109688 _____ () C:\Users\Sandra\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-07 15:20 - 2012-02-15 19:57 - 00109688 _____ () C:\Users\hp\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-07 15:14 - 2014-01-11 12:55 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-03-07 15:14 - 2014-01-11 12:54 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Seznam.cz
2015-03-07 15:13 - 2011-08-25 17:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-07 15:08 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-07 15:06 - 2014-01-01 19:13 - 00000000 ____D () C:\Program Files (x86)\Graboid
2015-03-07 15:06 - 2012-12-10 16:11 - 00000000 ____D () C:\Fraps
2015-03-07 15:06 - 2012-04-28 05:06 - 00000000 ____D () C:\Users\hp\AppData\Local\Google
2015-03-07 15:06 - 2012-04-15 02:03 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Mozilla
2015-03-07 15:03 - 2012-05-26 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PacSteamT
2015-03-07 15:03 - 2012-05-26 07:46 - 00000000 ____D () C:\PacSteamT
2015-03-07 15:01 - 2014-01-02 01:04 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-03-05 22:00 - 2011-02-11 18:15 - 00770488 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-05 22:00 - 2009-07-14 06:13 - 00770488 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-01 19:15 - 2014-08-04 17:25 - 00000000 ____D () C:\Users\Public\StarStableOnline
2015-02-28 17:45 - 2014-09-21 16:45 - 00000000 ____D () C:\Users\Sabina\AppData\Roaming\Seznam.cz
2015-02-28 17:44 - 2011-08-25 17:15 - 00000000 ____D () C:\ProgramData\WildTangent
2015-02-28 17:44 - 2011-08-25 17:15 - 00000000 ____D () C:\Program Files (x86)\HP Games
2015-02-28 17:40 - 2014-07-10 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2015-02-28 17:38 - 2014-10-30 15:36 - 00000000 ____D () C:\Users\Sabina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-28 17:34 - 2014-10-18 15:30 - 00000000 ____D () C:\Users\Sabina\AppData\Local\CrashDumps
2015-02-26 15:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-24 20:21 - 2014-05-18 10:09 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-24 20:21 - 2014-05-18 10:09 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-24 17:00 - 2014-03-14 21:27 - 00000000 ____D () C:\Users\Guest
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-22 08:43 - 2014-09-21 18:40 - 00000000 ____D () C:\Users\Sandra\AppData\Local\Skype
2015-02-21 10:28 - 2015-01-10 18:47 - 00000000 ____D () C:\Users\Sabina\Documents\Bandicam
2015-02-20 16:20 - 2014-09-21 16:55 - 00000000 ____D () C:\Users\Sabina\AppData\Local\Skype
2015-02-15 16:30 - 2014-09-21 16:45 - 00000000 ____D () C:\Users\Sabina\AppData\Local\PDFC
2015-02-13 13:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 22:13 - 2014-12-15 03:10 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 22:13 - 2014-05-18 05:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 22:13 - 2011-09-06 19:17 - 00288538 _____ () C:\DUMP254b.tmp
2015-02-11 22:01 - 2014-11-03 11:12 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 22:00 - 2012-07-20 11:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 21:58 - 2013-08-14 23:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 21:52 - 2012-05-19 20:20 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2011-08-25 17:22 - 2011-06-10 00:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011
2012-11-09 17:42 - 2012-12-09 16:08 - 0056110 _____ () C:\Users\hp\AppData\Roaming\BigfootCompetitionPL.cfg
2014-02-17 20:58 - 2014-08-22 19:58 - 0000069 _____ () C:\Users\hp\AppData\Roaming\WB.CFG
2014-01-30 18:10 - 2014-01-30 18:10 - 0007605 _____ () C:\Users\hp\AppData\Local\Resmon.ResmonCfg
2015-02-28 17:41 - 2012-10-24 20:44 - 0656048 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2473985.exe

Files to move or delete:
====================
C:\ProgramData\uninstall2473985.exe


Some content of TEMP:
====================
C:\Users\hp\AppData\Local\Temp\Quarantine.exe
C:\Users\hp\AppData\Local\Temp\SkypeSetup.exe
C:\Users\hp\AppData\Local\Temp\sqlite3.dll
C:\Users\hp\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Sabina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sandra\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 00:34




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:919.69 GB) (Free:777.69 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.72 GB) (Free:1.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Available physical RAM: 4077.2 MB
Total physical RAM: 6126.54 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DCFAAE57)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\hp\Desktop" je 6073 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001


==================== End Of Log ==============================

Re: Zamrzani PC

Napsal: 11 bře 2015 21:36
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\MountPoints2: J - J:\autorun.exe
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\MountPoints2: {7aad374a-d8b4-11e0-883b-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5251
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\TS_KeyLodaded -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5251
SearchScopes: HKU\TS_KeyLodaded -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
FF HKU\TS_KeyLodaded\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
C:\ProgramData\McAfee Security Scan
C:\Users\Sandra\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\system32\Drivers\lvuvc.hs
C:\ProgramData\uninstall2473985.exe
C:\Users\hp\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Na ploše je více než 6GB dat. Toto množství zpomaluje start systému. Přesuňte data do jiného adresáře ve vašem profilu a na plochu dejte pro snazší přístup zástupce.

Re: Zamrzani PC

Napsal: 11 bře 2015 23:30
od Albrecht
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by hp at 2015-03-11 23:27:31 Run:2
Running from C:\Users\hp\Desktop
Loaded Profiles: hp (Available profiles: hp & Sabina & Sandra & Petr & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\MountPoints2: J - J:\autorun.exe
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\...\MountPoints2: {7aad374a-d8b4-11e0-883b-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5251
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\TS_KeyLodaded -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5251
SearchScopes: HKU\TS_KeyLodaded -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
FF HKU\TS_KeyLodaded\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
C:\ProgramData\McAfee Security Scan
C:\Users\Sandra\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\system32\Drivers\lvuvc.hs
C:\ProgramData\uninstall2473985.exe
C:\Users\hp\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
End
*****************

"HKU\S-1-5-21-3652145099-1749333591-366478180-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J" => Key deleted successfully.
"HKU\S-1-5-21-3652145099-1749333591-366478180-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7aad374a-d8b4-11e0-883b-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{7aad374a-d8b4-11e0-883b-806e6f6e6963} => Key not found.
HKU\S-1-5-21-3652145099-1749333591-366478180-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\TS_KeyLodaded\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
"HKU\TS_KeyLodaded\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
"HKU\TS_KeyLodaded\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key deleted successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
HKU\TS_KeyLodaded\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value deleted successfully.
C:\ProgramData\McAfee Security Scan => Moved successfully.
C:\Users\Sandra\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\system32\Drivers\lvuvc.hs => Moved successfully.
C:\ProgramData\uninstall2473985.exe => Moved successfully.

"C:\Users\hp\AppData\Local\Temp" directory move:

Could not move "C:\Users\hp\AppData\Local\Temp" directory. => Scheduled to move on reboot.

C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-11 23:29:38)<=

C:\Users\hp\AppData\Local\Temp => Moved successfully.

==== End of Fixlog 23:29:40 ====

Re: Zamrzani PC

Napsal: 12 bře 2015 18:05
od Rudy
Smazáno. Nastala nějaká změna?

Re: Zamrzani PC

Napsal: 12 bře 2015 20:14
od Albrecht
Vyapada to ze OK kdyztak bzch se zase ozval zatim dekuji :)
:closed:

Re: Zamrzani PC

Napsal: 12 bře 2015 20:53
od Rudy
Tak to jsem rád. Namáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz