Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Cipisek (administrator) on CIPISKUV on 31-03-2015 13:15:18
Running from C:\Documents and Settings\Cipisek\Plocha
Loaded Profiles: Cipisek (Available profiles: Cipisek & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Kinoni\Remote Desktop\service.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Ralink Technology, Corp.) C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Kinoni) C:\Program Files\Kinoni\Remote Desktop\WindowsServer.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) C:\PROGRA~1\MICROS~4\rapimgr.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(TP-LINK TECHNOLOGIES CO., LTD. ) C:\Program Files\TP-LINK\COMMON\TWCU.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
() C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16380416 2007-07-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-06] (AVAST Software)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime Alternative\qttask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [YourFileDownloader Installer Starter] => "C:\DOCUME~1\Cipisek\LOCALS~1\Temp\YourFileDownloaderZM3xAsi8qz.exe" -startup <===== ATTENTION
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TP-LINK Wireless Utility.lnk
ShortcutTarget: TP-LINK Wireless Utility.lnk -> C:\Program Files\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk /p \??\G:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Bar =
https://www.seznam.cz/?clid=22668
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL =
http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {0BEB713D-1221-42DE-9363-7FC7FD1ADD2E} URL =
http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL =
http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {31059C0F-D78E-4700-B02B-C99D1A99C1E6} URL =
http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {606AD0E8-A44A-498E-9736-EDF7753B499B} URL =
http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {8CBF5E50-8BCC-44BA-BC12-2E47B6379E1D} URL =
http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {AB8BAA71-D142-40AA-AED0-8137DB5AFE8E} URL =
http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {CD779888-BF77-49F8-B10E-A3F7EC1A8EE5} URL =
http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {D4A2E317-B9D8-441F-99A4-5543FC8705E7} URL =
http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {F6E8F28C-42FC-425F-9AA3-B11938942620} URL =
http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {FAD04AC1-0B23-4C5F-9D6E-A2D4689567F0} URL =
http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
Toolbar: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2010-04-16] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 0396838750
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: 127.0.0.1 secure.disc-soft.com
Tcpip\Parameters: [DhcpNameServer] 10.154.198.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default
FF DefaultSearchEngine: Centrum.cz classic
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox,tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-20] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-08-04]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml [2015-03-17]
FF Extension: Garmin Communicator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-01-19]
FF Extension: FireFTP - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-03-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\
elemhidehelper@adblockplus.org.xpi [2011-10-24]
FF Extension: Turn Off the Lights - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\
stefanvandamme@stefanvd.net.xpi [2012-03-11]
FF Extension: Google Translator for Firefox - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\
translator@zoli.bod.xpi [2011-10-26]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2011-09-10]
FF Extension: Quick Translator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-11-26]
FF Extension: QR Code - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{6a910736-6fab-4480-841a-36325cce134f}.xpi [2014-12-17]
FF Extension: Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-04]
FF Extension: Greasemonkey - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-22]
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-08-08]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-05]
Opera:
=======
OPR Extension: (CinemaP-1.9cV05.03) - C:\Documents and Settings\Cipisek\Data aplikací\Opera Software\Opera Stable\Extensions\kljbbcnooaklhpifalnihdiofoahmmjj [2015-03-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-05] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 KinoniRemoteDesktop; C:\Program Files\Kinoni\Remote Desktop\service.exe [39424 2013-01-24] () [File not signed]
R2 MbnExt; C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [155716 2007-10-25] (NVIDIA Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2012-12-21] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [103736 2012-12-21] ()
R2 RalinkRegistryWriter; C:\Program Files\TP-LINK\COMMON\RaRegistry.exe [185632 2010-06-25] (Ralink Technology, Corp.)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-07-07] ()
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587472 2012-09-07] (Crawler.com)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-10-05] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-10-05] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-10-05] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-10-05] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-11-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-10-06] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-10-05] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-10-05] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2015-02-17] (DT Soft Ltd)
S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2011-07-11] (Windows (R) 2000 DDK provider)
S3 M1000Srv; C:\WINDOWS\System32\Drivers\M1000KNT.sys [276930 2005-07-01] ()
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [7936 2013-04-09] (MBB Incorporated)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [7426112 2007-10-25] (NVIDIA Corporation) [File not signed]
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2011-10-23] (VSO Software) [File not signed]
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [827488 2010-06-25] (Ralink Technology, Corp.)
R3 RtlWlanu; C:\WINDOWS\System32\DRIVERS\rtwlanu.sys [1182480 2012-11-01] (Realtek Semiconductor Corporation )
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2010-06-25] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2015-02-16] (Duplex Secure Ltd.)
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [File not signed]
S3 WFIOCTL; C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [9446 2005-01-06] (Leadtek Research Inc.) [File not signed]
R3 WFSONORA; C:\WINDOWS\System32\drivers\wfsonora.sys [313472 2007-07-11] (Leadtek Research Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
U3 ajjlu5fd; C:\WINDOWS\system32\Drivers\ajjlu5fd.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U3 akexcznj; C:\WINDOWS\system32\Drivers\akexcznj.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation)
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-30 22:08 - 2011-06-21 11:24 - 00032768 _____ () C:\WINDOWS\system32\Drivers\sp_rsdrv2.sys
2015-03-29 12:25 - 2015-03-29 12:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\100CANON
2015-03-27 03:22 - 2015-03-31 13:15 - 00000000 ____D () C:\Documents and Settings\Cipisek\Local Settings\Temp
2015-03-26 12:15 - 2015-03-31 13:15 - 00018654 _____ () C:\Documents and Settings\Cipisek\Plocha\FRST.txt
2015-03-26 12:15 - 2015-03-30 17:37 - 00056704 _____ () C:\Documents and Settings\Cipisek\Plocha\Addition.txt
2015-03-26 12:14 - 2015-03-31 13:15 - 00000000 ____D () C:\FRST
2015-03-26 12:13 - 2015-03-26 12:13 - 01135104 _____ (Farbar) C:\Documents and Settings\Cipisek\Plocha\FRST.exe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\Adobe
2015-03-25 03:03 - 2015-03-25 03:08 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 __RHD () C:\Documents and Settings\Administrator\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ___HD () C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-03-25 03:03 - 2014-09-14 16:04 - 00000869 _____ () C:\Documents and Settings\Administrator\Plocha\T-Mobile Internet Manager.lnk
2015-03-25 03:03 - 2014-09-14 16:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Plocha
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní tiskárny
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní síť
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Oblíbené položky
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty
2015-03-25 03:03 - 2011-07-11 16:27 - 00001599 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000792 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy
2015-03-25 03:03 - 2011-07-11 16:24 - 00000000 ___HD () C:\Documents and Settings\Administrator\Šablony
2015-03-22 14:47 - 2015-03-22 14:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-20 18:38 - 2015-03-20 18:38 - 00000413 _____ () C:\Documents and Settings\Cipisek\Plocha\viry.txt
2015-03-19 23:58 - 2015-03-19 23:58 - 00000000 ____D () C:\_OTM
2015-03-19 23:57 - 2015-03-19 23:57 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\GFI Software
2015-03-19 23:54 - 2015-03-19 23:54 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\Cipisek\Plocha\OTM.exe
2015-03-19 17:49 - 2015-03-18 18:53 - 01107968 _____ () C:\Documents and Settings\Cipisek\Plocha\RSIT.exe
2015-03-18 22:27 - 2015-03-30 22:07 - 00000000 ____D () C:\AdwCleaner
2015-03-18 18:53 - 2015-03-25 03:15 - 00000000 ____D () C:\Program Files\trend micro
2015-03-18 18:53 - 2015-03-18 18:53 - 00000000 ____D () C:\rsit
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 ___RD () C:\Documents and Settings\LocalService\Oblíbené položky
2015-03-17 15:35 - 2015-03-17 22:36 - 00000000 ____D () C:\Program Files\CinemaP-1.9cV05.03
2015-03-17 15:35 - 2015-03-17 15:35 - 00000000 ____D () C:\Program Files\Seznam.cz
2015-03-17 15:34 - 2015-03-31 12:29 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz
2015-03-17 15:25 - 2015-03-17 15:36 - 00000000 ____D () C:\Program Files\SetEdit
2015-03-17 15:25 - 2015-03-17 15:25 - 00001565 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEditHD100.lnk
2015-03-17 15:25 - 2015-03-17 15:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\SetEditHD100
2015-03-15 19:37 - 2015-03-17 15:34 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit
2015-03-15 19:37 - 2015-03-15 19:37 - 03755218 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit.rar
2015-03-11 14:59 - 2015-03-12 15:05 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-03-07 21:47 - 2015-03-07 21:47 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-515967899-1563985344-725345543-1004-0.dat
2015-03-07 21:46 - 2015-03-07 21:46 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-03-06 15:58 - 2015-03-06 16:06 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\vlc
2015-03-06 15:57 - 2015-03-07 08:29 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-06 13:59 - 2015-03-07 08:56 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\HandBrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000694 _____ () C:\Documents and Settings\Cipisek\Plocha\Handbrake.lnk
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Program Files\Handbrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Handbrake
2015-03-06 13:38 - 2015-03-06 13:38 - 00000666 _____ () C:\Documents and Settings\Cipisek\Plocha\MakeMKV.lnk
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Program Files\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\.MakeMKV
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-31 13:15 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha
2015-03-31 12:27 - 2011-07-11 18:20 - 01184034 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-31 12:26 - 2011-07-11 16:26 - 01481466 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-31 12:24 - 2014-08-04 16:34 - 00000226 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-31 12:24 - 2012-07-22 15:31 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-31 12:24 - 2011-12-10 15:37 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\nView_Wallpaper
2015-03-31 12:23 - 2011-07-11 18:22 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-03-31 12:23 - 2011-07-11 18:22 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-03-31 12:23 - 2011-07-11 16:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-30 22:14 - 2011-07-11 16:29 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-30 22:14 - 2011-07-11 16:29 - 00000178 ___SH () C:\Documents and Settings\Cipisek\ntuser.ini
2015-03-30 15:55 - 2006-03-02 14:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-29 12:24 - 2011-07-15 22:36 - 00101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-29 12:00 - 2013-02-28 13:23 - 00000948 _____ () C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2015-03-29 11:14 - 2011-08-22 17:30 - 00000000 ____D () C:\Program Files\The KMPlayer
2015-03-25 15:19 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek
2015-03-24 13:59 - 2012-05-08 12:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-20 22:58 - 2014-01-26 11:35 - 00432964 _____ () C:\WINDOWS\setupapi.log
2015-03-20 22:58 - 2014-01-26 11:35 - 00012128 _____ () C:\WINDOWS\setupact.log
2015-03-20 11:44 - 2011-07-11 18:20 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-20 11:44 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací
2015-03-20 11:00 - 2011-07-11 16:29 - 00000000 __RHD () C:\Documents and Settings\Cipisek\Data aplikací
2015-03-20 10:30 - 2014-10-03 13:26 - 00000000 ____D () C:\Program Files\Opera
2015-03-19 23:58 - 2011-07-15 16:34 - 00000000 ___RD () C:\Program Files\Skype
2015-03-19 23:57 - 2013-02-28 13:12 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2015-03-19 23:57 - 2013-02-28 13:10 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Ad-Aware Antivirus
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-03-17 16:32 - 2015-01-25 18:12 - 00000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2015-03-17 15:37 - 2011-07-11 16:29 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-03-17 15:37 - 2006-03-02 14:00 - 00000600 _____ () C:\WINDOWS\win.ini
2015-03-17 15:35 - 2014-11-06 13:22 - 00000916 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000855 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000849 _____ () C:\Documents and Settings\All Users\Plocha\Opera.lnk
2015-03-17 15:35 - 2011-07-11 18:18 - 00000922 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-03-17 15:35 - 2011-07-11 16:29 - 00000995 _____ () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Internet Explorer.lnk
2015-03-17 15:25 - 2011-07-11 16:29 - 00000000 ___RD () C:\Documents and Settings\Cipisek\Nabídka Start\Programy
2015-03-08 16:00 - 2014-08-04 16:34 - 00000220 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-07 21:46 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
==================== Files in the root of some directories =======
2012-05-03 16:31 - 2012-05-03 16:31 - 0002528 _____ () C:\Documents and Settings\Cipisek\Data aplikací\$_hpcst$.hpc
2011-09-21 17:59 - 2011-09-21 17:59 - 0000572 _____ () C:\Documents and Settings\Cipisek\Data aplikací\AutoGK.ini
2015-01-25 18:12 - 2015-03-17 16:32 - 0000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2011-10-23 12:43 - 2011-10-23 12:43 - 0087608 _____ () C:\Documents and Settings\Cipisek\Data aplikací\inst.exe
2015-01-25 18:12 - 2015-01-25 18:12 - 0002086 _____ () C:\Documents and Settings\Cipisek\Data aplikací\OEM
2011-10-23 12:43 - 2011-10-23 12:43 - 0007887 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.cat
2011-10-23 12:43 - 2011-10-23 12:43 - 0001144 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.inf
2011-10-23 12:43 - 2011-10-23 12:43 - 0000034 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.log
2011-10-23 12:43 - 2011-10-23 12:43 - 0047360 _____ (VSO Software) C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.sys
2012-12-21 14:33 - 2012-12-21 14:33 - 0022328 _____ () C:\Documents and Settings\Cipisek\Data aplikací\PnkBstrK.sys
2011-10-23 12:43 - 2014-01-29 15:39 - 0974673 _____ () C:\Documents and Settings\Cipisek\Data aplikací\vso_ts_preview.xml
2011-07-15 22:36 - 2015-03-29 12:24 - 0101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\Cipisek\Local Settings\Temp\KMP_3.9.1.134.exe
C:\Documents and Settings\Cipisek\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Cipisek\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
