Zdravím,
poprosil bych o kontrolu. Zdá se mi, že mi tady něco přebývá. Předem děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by František at 2015-04-24 09:47:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 54 GB (36%) free of 151 GB
Total RAM: 3582 MB (8% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:51, on 24.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\vsnp2std.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAC8SWK.EXE
D:\System\program files\post_it\PsnLite.exe
D:\System\program files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
D:\System\PROGRA~1\post_it\PSNGive.exe
D:\System\program files\avast\AvastUI.exe
C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
D:\System\program files\acronis\TrueImageMonitor.exe
D:\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\YTDownloader\YTDownloader.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\YTDOWN~1\BrowserHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\František.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.omniboxes.com/?type=hp&ts=14 ... JD2Z909890
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.omniboxes.com/?type=hp&ts=14 ... JD2Z909890
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.omniboxes.com/?type=hp&ts=14 ... JD2Z909890
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.omniboxes.com/web/?type=ds&t ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.omniboxes.com/web/?type=ds&t ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.omniboxes.com/?type=hp&ts=14 ... JD2Z909890
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.omniboxes.com/web/?type=ds&t ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.omniboxes.com/web/?type=ds&t ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\System\program files\avast\aswWebRepIE.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\System\program files\avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EaseUS EPM tray] D:\System\program files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "D:\System\program files\avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "D:\System\program files\acronis\TrueImageMonitor.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = D:\System\program files\post_it\PsnLite.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - D:\System\program files\avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - D:\System\program files\avast\afwServ.exe
O23 - Service: BrsHelper - Unknown owner - C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11216 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\Tablet\Pen\Pen_TouchService.exe"
atieclxx
/QuitInfo:00000000000001F8;000000000000025C; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
"D:\System\program files\avast\AvastSvc.exe"
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"D:\System\program files\avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
WLIDSvcM.exe 2944
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
taskeng.exe {EA89D581-0BCB-402F-8F1F-6AA2B949671C}
/QuitInfo:00000000000003E4;00000000000003FC; /AddRef;
/QuitInfo:00000000000001F4;0000000000000484;
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
/loadhooks /Parent:0000000000000C0C
taskeng.exe {695ECA4D-7D51-4C5E-81C2-1CCD626F85D0}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Sense\47ecbf1d-5f09-4e3b-8879-e0f70e521512-1-6.exe" /rawdata=qVGfJvIU4R93NNmrdflwlW350yw+Wc5ALhBaI950FGRj+2V+N5jpl32v2POqQqjb5SPk0WFfJ92qTOdWMKtxN/xmaZDJ0k7fzUJbqnNCZBja7aNqj4BWOZBbBGtuoO5UNQ/lKTSZ7ukHRPs44OJa4xFfZsJeh81GhSXw5RBuu0AUmXgqPshzQlIphVVFUZ6z1mwd76nzAtHUYtAzULJAoF+RY1cem2aULp7xP58ig9RMTlzBYA6poTbVBRbGN64vFlKfHgD9udXRvHE6AJV8UaTr+rwAS7R/8JcXZf9ZZ9Kh3OMZ/lhT/70Uxv/0dA8t2fGyW+CzhISvsXkuBZkvVWfyRvY9OKxpG1CkDzBh11BjUU3dZwSNkSB8x3Jh85moYcrgPhAmPTTy+XpQdLaGjH8uVcBVaBDBe6e66fqZE3ohRp8DKWVZqs6pTn9yG508a00YedITB8jUiVTfUDUmFMhXN+fWKC1yPERCNtj1TXWDm++eBu5Tu7AdDYdyeneLOCY4s+NG0cbzieA/TwQQLBboogfoSsIfeVR3sx/70/Zyoqdgy32sL9N6eF5Kbbaj+GnRHYZVWw/fG102TP6EkAUrUstMkCRG+Ms5ROEj6DYcOjR4x4CXsx2We7TWKiE8pO8n75WRW9CnfBm/m/TXRQ7fU84GJKixXeBau52bmU1PnKRgAa4IjFUAfG+0CeckdQWByd6CXbOBXmywrVH9wCMpCVxYzprdw3g+PB6rh96dBXPn3lhMbtEpsxZv6ClGy9raqjBLGc6a/2VO5EADBxmbseeGPjlrQktgm5EGEvkTvvvKFmBYmq9cKnUjtD5DRPJICi4XvskzmLgW95luf8W5mPLZZM4QVwrY+fsbBiQOHzITJCANThlmeZ8OdO+U1uBBsP3A3J7RRouGaQet5O28pZNzKNFA2iTwOw4ofHMY4LyOvzhZkU+1GfvQVpYHsoByDi2x1ZgWez2UUkIS6cfSI0c7nERCYFZ3Sj/NBZp0qIzIq7T1kewJhhDgspw0BnEtR5wLr7Bu9MgHo4jRlCY3rj3bftuVOoe6nOxAvSVyDidB4FRW0ZpkUq/c9y0IsijtDmYTsXW58OTEm/POr7MseQt6XZmslxzJ/Lyhfo/hZpF+RY+R9cu/dSxbjEMeZSmVmylZrbpTNQCbSXPAhKqcnKlOqGqvTiuJjlqmGcoH9yhrfd/exbRjQW99T3INSwGZyx3hPVfqWV692uYOc2W62zYJ0v5V/cAim1BPX2NZMLyQoqis6BqXD9HJULIdoljUM8oO/P9rXzLyE0B5iF21dXEynmQEUWnUTkJplggK3Zkh1ic4y9WNgbkVgLgjfMRaN5BTwJhomIAmgsrXV6++RcE7lsxDoQePH+0hhSVyu1fs08jTatvvmxXA2sGoJ6owEPVnnPXzFeVXv8C7lfjFr0yBtbYsW6g87GB9xn4OplbKIQd/GZUYjWhVZbLY3gkPgLAdkOBY9dDpsx4NXVkLYzXcGO49E/kiVrHvp/twwNOAzvtD6J7AAyFrU0a6
"C:\Program Files (x86)\Ge-Force\eb50a98c-587a-4fbd-b5bb-a2c742809b79-1-6.exe" /rawdata=fcXje9fcGU98EiKzEgN2O4KcsKP42tWjOp8u/+lTLLMdBHqW8cKehBEjaQtcEFlxyM/BBejPwL9t1b0txTG1sPYBnKnnuhmLrQdIUekpWnwW2jZp+Of1J6dJLCAXkiShhH3Ku0UT7ciN7puaplskNmYaSGtO5OGhVVd4WLfPQpNed5oCy4lRmWIRisbfHwhYQqL5AYREU9aL2F3KW4nDxFQmCPuDf2FiufvFS1AxyYXqsT7f/XOIqrEyeOYv6sLnAzFatEw3fOiiER/vKCuOMgz+Gcds1R+T9lX/jAWurdRPFAuoy9CpOuwZ0uq10D9xahqATRzgl3qKJ90gqEKOqVEin4ZmxeJXNGUa20bkhkz0cUIc5bFHXlyxInxuPk/rV0L+HCx1oScrxtg1P0CTDB62cnorTeBui2PGkcAh3kjy3Ox8ycbDxnaxYJflrJEKtcmStzBBV1B/rMRqFqUdvcoqNYA0xNn+gmJizXrIzI8o95xXJEVFO5Z7Y6CykFeqS2299RuLFPhDkB3Up709dO92xKIXQLAbmLojpGmjQxOVYtlLOimNvc7UAkAOzVok2iUlgxm04KTo3AgRnBaurC9IsmtYW1ZdwwIFhk463X0aG7ONoJmeYNNdmIvIjGZbuHcF8I9g2t24SbbDSjZAz+yWkiVdINSPxbnEAiyIFJeWwQRoyPxAlhoTXccMEalenHvE2ep1jzTqrB3LA5BJgjUOalOjMu0ezXX5RzmrZ4sQRbqbA1nIqszejmKyl22Vrukdd1Ndewhynob/p7Mqy1KDVMAT5U/pgc1KbuYpYSHLCdUaSZ89t50pDGi0Y8AheEY+RZtNtl3rMr3udw6zoz52LN9Z5GhUgkQvZwtUgCKM5Rmm8frdLpkN+01YtyD0NfikSRQG5Uo2r6cl7+Qk9esTwdYDmuD19QNlSeo6X6qL6kbpYX87phIYF63z2pHFIu2Lm4lyUEsZaoQrE1wbFLuK5PinyyOtobpzLiH8umgYUC94WFiqVPFNqm5dOCSVHvqm4qimWeGPeowP0zvLnDvW7gUiJlvujjIWAqwepXE9yOn3i6QMwrueQLEEY5j2WiiPo+A2OY3dNacGU7z2V+CpbRcYcCgzGiuranFgA8rYG1Q3MdpckKlFswp5CphnFSxgvrvp2iK8DoDOXlXyhNSfj2DaqizqjCd1HnzB9lyFAIDw6kOHPXK4OcOI6HzCPp9DzEfdtAxvxhgmZHdxYzNNtGI0nBANeqY15k9ozIGoNXX5nUUoeLuiL+WBNJFXLDLmjFYmCYrwn7lnugErn8wo3vTmn3t0ivwjbSR8nncMdEdf6qLv27YvNkQWQmJz0kkaHi45odUZUMWECa8ibS774WCps8rx08jO6cxeHk4zSr/CsKRspUy6TaMGXR6zMdtnCP6o7SvvSID71pSWz0ZLLC50omkTLAIrscPghD204OGcZf5k1wCOtjqyvXN75rVk3utL1GGB1zd6df4sdbg5AiTFpqoaWAlGvgMWBWNKBEkaM9+QY6uY5Vcxy+o4
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\vsnp2std.exe"
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAC8SWK.EXE !hide Canon LBP5050
"D:\System\program files\post_it\PsnLite.exe" -RegRun
"D:\System\program files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"D:\System\PROGRA~1\post_it\PSNGive.exe"
"D:\System\program files\avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe"
"D:\System\program files\acronis\TrueImageMonitor.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"D:\Mozilla Thunderbird\thunderbird.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\YTDownloader\YTDownloader.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe" /firstrunupdate 0 /TAGS:@FULL-{A1B9E971-2B98-4DFD-BD34-F82AEC06AFBC}
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://em.wish.com/wf/click?upn=25eCBvI ... PhPw-3D-3D"
C:\PROGRA~2\YTDOWN~1\BrowserHelper.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4956.0.1653928590\1054899244" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,41 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9715 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.831.2.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_10/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4956.1.1066233214\1280199831" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_10/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4956.2.1294312554\729149982" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_10/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4956.3.653914203\919684399" /prefetch:673131151
"D:\stažené soubory\viry.cz\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\47ecbf1d-5f09-4e3b-8879-e0f70e521512-1-6.job
C:\Windows\tasks\47ecbf1d-5f09-4e3b-8879-e0f70e521512-5_user.job
C:\Windows\tasks\53ea5854-9464-40ff-92cd-8887adff797e-10_user.job
C:\Windows\tasks\53ea5854-9464-40ff-92cd-8887adff797e-5_user.job
C:\Windows\tasks\651a091c-7077-47c8-90a6-dcf84162083a-10_user.job
C:\Windows\tasks\651a091c-7077-47c8-90a6-dcf84162083a-5.job
C:\Windows\tasks\651a091c-7077-47c8-90a6-dcf84162083a-5_user.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\eb50a98c-587a-4fbd-b5bb-a2c742809b79-1-6.job
C:\Windows\tasks\eb50a98c-587a-4fbd-b5bb-a2c742809b79-1-7.job
C:\Windows\tasks\eb50a98c-587a-4fbd-b5bb-a2c742809b79-10_user.job
C:\Windows\tasks\eb50a98c-587a-4fbd-b5bb-a2c742809b79-5.job
C:\Windows\tasks\eb50a98c-587a-4fbd-b5bb-a2c742809b79-5_user.job
C:\Windows\tasks\eb50a98c-587a-4fbd-b5bb-a2c742809b79-7.job
C:\Windows\tasks\EYAME.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
C:\Windows\tasks\HVNQVZ.job
C:\Windows\tasks\RY.job
C:\Windows\tasks\ZUSVZ.job
=========Mozilla firefox=========
ProfilePath - C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default
prefs.js - "browser.startup.homepage" - "www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\System\program files\avast\aswWebRepIE64.dll [2015-04-23 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\System\program files\avast\aswWebRepIE.dll [2015-04-23 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - D:\System\program files\avast\aswWebRepIE.dll [2015-04-23 565304]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-06 10144288]
"snp2std"=C:\Windows\vsnp2std.exe [2006-09-15 675840]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]
"CNAP2 Launcher"=C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2007-09-06 406944]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor]
C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-09 336384]
"EaseUS EPM tray"=D:\System\program files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2013-03-29 2081792]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"AvastUI.exe"=D:\System\program files\avast\AvastUI.exe [2015-04-23 5515496]
"SAOB Monitor"=C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]
"TrueImageMonitor.exe"=D:\System\program files\acronis\TrueImageMonitor.exe [2010-09-23 5502312]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Post-it® Software Notes Lite.lnk - D:\System\program files\post_it\PsnLite.exe
C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2014-04-23 243200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open -
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-04-24 09:47:20 ----D---- C:\rsit
2015-04-23 13:13:53 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-23 13:13:52 ----D---- C:\Users\František\AppData\Roaming\OpenOffice
2015-04-23 13:13:44 ----A---- C:\Windows\avastSS.scr
2015-04-23 13:13:20 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2015-04-23 13:05:08 ----D---- C:\Program Files (x86)\OpenOffice 4
2015-04-18 09:38:34 ----SHD---- C:\found.012
2015-04-16 09:37:29 ----D---- C:\Windows\system32\appraiser
2015-04-15 10:29:39 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 10:29:39 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 10:29:39 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 10:29:39 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 10:29:39 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wups.dll
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 10:29:39 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:29:39 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:29:35 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 10:29:35 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 10:29:35 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 10:29:35 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 10:29:35 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-15 10:29:35 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 10:29:35 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 10:29:35 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 10:29:35 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 10:29:33 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 10:29:33 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 10:29:32 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 10:29:32 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 10:29:32 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 10:29:32 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 10:29:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:29:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 10:29:21 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 10:29:20 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 10:29:20 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 10:29:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 10:29:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 10:29:17 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 10:29:16 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 10:29:16 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 10:29:15 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 10:29:15 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 10:29:15 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 10:29:15 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 10:29:15 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 10:29:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 10:29:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\smss.exe
2015-04-15 10:29:15 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 10:29:15 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 10:29:15 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 10:29:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 10:29:15 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 10:29:15 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 10:29:14 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 10:29:14 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:29:13 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:29:13 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 10:29:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 10:29:13 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 10:29:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 10:29:13 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 10:29:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 10:29:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 10:29:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 10:29:13 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 10:29:13 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 10:29:13 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 10:29:13 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 10:29:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 10:29:13 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 10:29:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:29:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:29:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:29:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:29:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:29:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:29:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:29:12 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:29:12 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:29:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:29:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:29:11 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:29:11 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 10:29:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 10:29:10 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 10:29:10 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 10:29:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 10:29:10 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 10:29:10 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 10:29:10 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 10:29:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 10:29:10 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 10:28:57 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 10:28:29 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 10:28:29 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 10:28:29 ----A---- C:\Windows\system32\clfs.sys
2015-04-14 09:35:55 ----N---- C:\bootsqm.dat
2015-04-11 10:05:53 ----SHD---- C:\found.011
2015-04-08 15:21:30 ----SHD---- C:\found.010
2015-04-08 10:59:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-07 10:44:22 ----A---- C:\autoexec.bat
2015-04-07 10:43:02 ----D---- C:\Program Files\Enigma Software Group
2015-04-04 12:11:43 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 12:11:43 ----SD---- C:\Windows\system32\GWX
2015-04-04 10:15:13 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2015-04-04 10:15:13 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2015-04-04 10:15:13 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2015-04-04 10:15:13 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2015-04-04 10:15:13 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2015-04-04 10:15:13 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-04-04 10:15:13 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-04-04 10:15:13 ----A---- C:\Windows\system32\KBDRU.DLL
2015-04-04 10:15:12 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-04-04 10:15:12 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-04-03 17:48:01 ----D---- C:\Windows\CheckSur
2015-04-03 17:17:39 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2015-04-03 17:17:39 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-04-03 17:13:22 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2015-04-03 17:13:22 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2015-04-03 17:13:22 ----A---- C:\Windows\system32\infocardapi.dll
2015-04-03 17:13:22 ----A---- C:\Windows\system32\icardagt.exe
2015-04-03 17:13:20 ----A---- C:\Windows\SYSWOW64\icardres.dll
2015-04-03 17:13:20 ----A---- C:\Windows\system32\icardres.dll
2015-04-03 17:13:03 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2015-04-03 17:13:03 ----A---- C:\Windows\system32\TsWpfWrp.exe
2015-04-03 10:14:45 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-04-03 10:14:38 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-04-03 10:14:38 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-04-03 10:14:38 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-04-03 10:14:38 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-04-03 10:14:38 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-04-03 10:14:38 ----A---- C:\Windows\system32\lpk.dll
2015-04-03 10:14:38 ----A---- C:\Windows\system32\fontsub.dll
2015-04-03 10:14:38 ----A---- C:\Windows\system32\dciman32.dll
2015-04-03 10:14:38 ----A---- C:\Windows\system32\atmlib.dll
2015-04-03 10:14:38 ----A---- C:\Windows\system32\atmfd.dll
2015-04-03 10:14:04 ----A---- C:\Windows\SYSWOW64\usp10.dll
2015-04-03 10:14:02 ----A---- C:\Windows\system32\usp10.dll
2015-04-03 10:13:49 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2015-04-03 10:13:38 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-04-03 10:12:46 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-04-03 10:12:45 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-04-03 10:12:45 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-04-03 10:12:45 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-04-03 10:12:44 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-04-03 10:12:44 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-04-03 10:12:44 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-04-03 10:12:44 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-04-03 10:12:43 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-04-03 10:12:42 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-04-03 10:12:42 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-04-03 10:12:42 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-04-03 10:12:42 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-04-03 10:12:42 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-04-03 10:12:42 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-04-03 10:12:41 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-04-03 10:12:32 ----A---- C:\Windows\system32\wintrust.dll
2015-04-03 10:12:29 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-04-03 10:12:28 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-04-03 10:12:28 ----A---- C:\Windows\system32\msscp.dll
2015-04-03 10:12:28 ----A---- C:\Windows\system32\msnetobj.dll
2015-04-03 10:12:28 ----A---- C:\Windows\system32\msmmsp.dll
2015-04-03 10:12:28 ----A---- C:\Windows\system32\mfplat.dll
2015-04-03 10:12:28 ----A---- C:\Windows\system32\drmv2clt.dll
2015-04-03 10:12:28 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-04-03 10:12:28 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-04-03 10:12:28 ----A---- C:\Windows\system32\blackbox.dll
2015-04-03 10:12:27 ----A---- C:\Windows\system32\wmploc.DLL
2015-04-03 10:12:27 ----A---- C:\Windows\system32\wmp.dll
2015-04-03 10:12:27 ----A---- C:\Windows\system32\spwmp.dll
2015-04-03 10:12:27 ----A---- C:\Windows\system32\rrinstaller.exe
2015-04-03 10:12:27 ----A---- C:\Windows\system32\mfps.dll
2015-04-03 10:12:27 ----A---- C:\Windows\system32\dxmasf.dll
2015-04-03 10:12:26 ----A---- C:\Windows\system32\mfpmp.exe
2015-04-03 10:12:26 ----A---- C:\Windows\system32\mferror.dll
2015-04-03 10:12:26 ----A---- C:\Windows\system32\mf.dll
2015-04-03 10:12:26 ----A---- C:\Windows\system32\evr.dll
2015-04-03 10:12:25 ----A---- C:\Windows\system32\quartz.dll
2015-04-03 10:12:25 ----A---- C:\Windows\system32\qdvd.dll
2015-04-03 10:12:25 ----A---- C:\Windows\system32\cryptui.dll
2015-04-03 10:12:25 ----A---- C:\Windows\system32\cryptsvc.dll
2015-04-03 10:12:25 ----A---- C:\Windows\system32\cryptsp.dll
2015-04-03 10:12:25 ----A---- C:\Windows\system32\cryptnet.dll
2015-04-03 10:12:25 ----A---- C:\Windows\system32\crypt32.dll
2015-04-03 10:12:24 ----A---- C:\Windows\system32\winresume.exe
2015-04-03 10:12:24 ----A---- C:\Windows\system32\winload.exe
2015-04-03 10:12:24 ----A---- C:\Windows\system32\ci.dll
2015-04-03 10:12:23 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-04-03 10:12:23 ----A---- C:\Windows\system32\EncDump.dll
2015-04-03 10:12:23 ----A---- C:\Windows\system32\audiosrv.dll
2015-04-03 10:12:23 ----A---- C:\Windows\system32\AudioSes.dll
2015-04-03 10:12:23 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-04-03 10:12:23 ----A---- C:\Windows\system32\AudioEng.dll
2015-04-03 10:12:23 ----A---- C:\Windows\system32\audiodg.exe
2015-04-03 10:12:22 ----A---- C:\Windows\system32\pcawrk.exe
2015-04-03 10:12:22 ----A---- C:\Windows\system32\pcasvc.dll
2015-04-03 10:12:22 ----A---- C:\Windows\system32\pcalua.exe
2015-04-03 10:12:22 ----A---- C:\Windows\system32\pcaevts.dll
2015-04-03 10:12:22 ----A---- C:\Windows\system32\pcadm.dll
2015-04-03 10:12:22 ----A---- C:\Windows\system32\drivers\appid.sys
2015-04-03 10:12:22 ----A---- C:\Windows\system32\appidsvc.dll
2015-04-03 10:12:22 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-04-03 10:12:22 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-04-03 10:12:22 ----A---- C:\Windows\system32\appidapi.dll
2015-04-03 10:12:09 ----A---- C:\Windows\system32\profsvc.dll
2015-04-03 10:12:03 ----A---- C:\Windows\SYSWOW64\mscories.dll
2015-04-03 10:12:03 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2015-04-03 10:12:03 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2015-04-03 10:12:02 ----A---- C:\Windows\system32\mscories.dll
2015-04-03 10:12:02 ----A---- C:\Windows\system32\mscorier.dll
2015-04-03 10:12:02 ----A---- C:\Windows\system32\dfshim.dll
2015-04-03 10:11:55 ----A---- C:\Windows\system32\drivers\tcpip.sys
2015-04-03 10:11:55 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2015-04-03 10:11:16 ----A---- C:\Windows\system32\termsrv.dll
2015-04-03 10:10:30 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-04-03 10:10:30 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-04-03 10:10:30 ----A---- C:\Windows\system32\nlasvc.dll
2015-04-03 10:10:27 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-04-03 10:10:27 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-04-03 10:10:26 ----A---- C:\Windows\system32\msxml6r.dll
2015-04-03 10:10:26 ----A---- C:\Windows\system32\msxml6.dll
2015-04-03 10:10:22 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-04-03 10:10:22 ----A---- C:\Windows\system32\d3d10warp.dll
2015-04-03 10:09:52 ----A---- C:\Windows\SYSWOW64\osk.exe
2015-04-03 10:09:50 ----A---- C:\Windows\system32\osk.exe
2015-04-03 10:09:44 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-04-03 10:09:39 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-04-03 10:09:38 ----A---- C:\Windows\system32\ubpm.dll
2015-04-03 10:09:33 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-04-03 10:09:32 ----A---- C:\Windows\system32\wdi.dll
2015-04-03 10:09:32 ----A---- C:\Windows\system32\powertracker.dll
2015-04-03 10:09:31 ----A---- C:\Windows\system32\perftrack.dll
2015-04-03 10:09:03 ----A---- C:\Windows\SYSWOW64\qedit.dll
2015-04-03 10:09:03 ----A---- C:\Windows\system32\qedit.dll
2015-04-03 10:08:56 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-04-03 10:08:56 ----A---- C:\Windows\system32\shell32.dll
2015-04-03 10:08:52 ----A---- C:\Windows\system32\drivers\afd.sys
2015-04-03 10:08:47 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-04-03 10:08:12 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2015-04-03 10:08:11 ----A---- C:\Windows\system32\IMJP10K.DLL
2015-04-03 10:08:04 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2015-04-03 10:07:45 ----A---- C:\Windows\system32\drivers\cng.sys
2015-04-03 10:07:42 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-04-03 10:07:41 ----A---- C:\Windows\system32\oleaut32.dll
2015-04-03 10:07:30 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-04-03 10:07:27 ----A---- C:\Windows\system32\pku2u.dll
2015-04-03 10:06:43 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-04-03 10:06:43 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-04-03 10:06:40 ----A---- C:\Windows\system32\mstscax.dll
2015-04-03 10:06:35 ----A---- C:\Windows\SYSWOW64\charmap.exe
2015-04-03 10:06:35 ----A---- C:\Windows\system32\charmap.exe
2015-04-03 10:06:32 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-04-03 10:06:32 ----A---- C:\Windows\system32\msctf.dll
2015-04-03 10:06:27 ----A---- C:\Windows\SYSWOW64\rastls.dll
2015-04-03 10:06:26 ----A---- C:\Windows\system32\rastls.dll
2015-04-03 10:06:22 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2015-04-03 10:06:22 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2015-04-03 10:06:22 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2015-04-03 10:06:22 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2015-04-03 10:06:22 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2015-04-03 10:06:22 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-04-03 10:06:22 ----A---- C:\Windows\system32\WsmSvc.dll
2015-04-03 10:06:22 ----A---- C:\Windows\system32\WsmAuto.dll
2015-04-03 10:06:22 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-03 10:06:22 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-04-03 10:06:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-04-03 10:06:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-04-03 10:05:50 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-04-03 10:05:49 ----A---- C:\Windows\system32\tzres.dll
2015-04-03 10:04:59 ----A---- C:\Windows\SYSWOW64\packager.dll
2015-04-03 10:04:58 ----A---- C:\Windows\system32\packager.dll
2015-04-03 10:04:39 ----A---- C:\Windows\SYSWOW64\winsta.dll
2015-04-03 10:04:38 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-04-03 10:04:30 ----A---- C:\Windows\system32\winlogon.exe
2015-04-03 10:04:28 ----A---- C:\Windows\system32\winsta.dll
2015-04-03 10:04:28 ----A---- C:\Windows\system32\rdpcorekmts.dll
2015-04-03 10:04:28 ----A---- C:\Windows\system32\mstsc.exe
2015-04-03 10:04:28 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2015-04-03 10:04:28 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2015-04-03 10:03:40 ----A---- C:\Windows\system32\win32k.sys
2015-04-03 10:03:32 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-04-03 10:03:29 ----A---- C:\Windows\system32\scesrv.dll
2015-04-03 10:03:17 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-04-03 10:03:16 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-04-03 10:03:14 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-04-03 10:02:40 ----A---- C:\Windows\system32\msihnd.dll
2015-04-03 10:02:40 ----A---- C:\Windows\system32\consent.exe
2015-04-03 10:02:39 ----A---- C:\Windows\system32\msi.dll
2015-04-03 10:02:37 ----A---- C:\Windows\system32\authui.dll
2015-04-03 09:58:31 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-04-03 09:58:31 ----A---- C:\Windows\system32\WMPhoto.dll
2015-04-03 09:58:25 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-04-03 09:58:25 ----A---- C:\Windows\system32\rpcrt4.dll
2015-03-31 13:51:33 ----D---- C:\Users\František\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2015-03-31 13:51:33 ----D---- C:\Users\František\AppData\Roaming\Macromedia
2015-03-31 10:58:39 ----SHD---- C:\found.009
2015-03-30 14:27:07 ----D---- C:\found.008
2015-03-30 14:09:52 ----D---- C:\Users\František\AppData\Roaming\ATI
2015-03-30 14:09:44 ----D---- C:\Users\František\AppData\Roaming\AVAST Software
2015-03-30 14:09:37 ----D---- C:\Users\František\AppData\Roaming\3M
2015-03-30 14:09:34 ----D---- C:\Users\František\AppData\Roaming\WTablet
======List of files/folders modified in the last 1 month======
2015-04-24 09:47:45 ----D---- C:\Program Files\trend micro
2015-04-24 09:45:37 ----D---- C:\Windows\temp
2015-04-24 09:45:31 ----D---- C:\Users\František\AppData\Roaming\Dropbox
2015-04-24 09:44:39 ----D---- C:\Windows\system32\config
2015-04-23 17:04:05 ----D---- C:\Program Files\Vario12
2015-04-23 15:59:15 ----SHD---- C:\Windows\Installer
2015-04-23 15:59:14 ----D---- C:\ProgramData\Microsoft Help
2015-04-23 15:57:21 ----D---- C:\Program Files (x86)\Microsoft Office
2015-04-23 15:56:12 ----SHD---- C:\System Volume Information
2015-04-23 15:46:11 ----D---- C:\Windows\system32\drivers
2015-04-23 15:46:09 ----D---- C:\Windows\inf
2015-04-23 13:15:15 ----D---- C:\Windows\system32\DriverStore
2015-04-23 13:14:17 ----D---- C:\Windows\system32\Tasks
2015-04-23 13:13:53 ----D---- C:\Windows\System32
2015-04-23 13:13:52 ----D---- C:\Windows
2015-04-23 13:06:26 ----RSD---- C:\Windows\assembly
2015-04-23 13:05:40 ----RSD---- C:\Windows\Fonts
2015-04-23 13:05:08 ----RD---- C:\Program Files (x86)
2015-04-23 12:05:41 ----D---- C:\Windows\Microsoft.NET
2015-04-23 11:40:16 ----SD---- C:\ProgramData\Microsoft
2015-04-23 11:40:16 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-04-23 11:39:10 ----D---- C:\Program Files (x86)\MSBuild
2015-04-23 11:37:00 ----D---- C:\Windows\ShellNew
2015-04-23 11:36:32 ----A---- C:\Windows\win.ini
2015-04-21 09:11:48 ----D---- C:\Windows\AppCompat
2015-04-20 16:57:42 ----D---- C:\ZC Portál
2015-04-17 10:27:31 ----D---- C:\Program Files (x86)\Sense
2015-04-17 10:27:12 ----D---- C:\Program Files (x86)\CinemaP-1.8cV23.03
2015-04-16 11:36:41 ----D---- C:\Users\František\AppData\Roaming\AIMP3
2015-04-16 09:42:08 ----D---- C:\Windows\winsxs
2015-04-16 09:37:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 09:37:31 ----D---- C:\Windows\SysWOW64
2015-04-16 09:37:30 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 09:37:30 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 09:37:30 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 09:37:29 ----D---- C:\Windows\system32\wbem
2015-04-16 09:37:29 ----D---- C:\Windows\AppPatch
2015-04-15 15:38:50 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 15:38:37 ----D---- C:\Windows\Prefetch
2015-04-15 15:38:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-15 11:58:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-15 10:24:35 ----D---- C:\Windows\system32\catroot2
2015-04-13 10:50:10 ----D---- C:\Windows\rescache
2015-04-09 09:28:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-08 15:43:54 ----D---- C:\Users\František\AppData\Roaming\Adobe
2015-04-08 15:15:56 ----D---- C:\Temp
2015-04-08 14:54:13 ----SHD---- C:\Boot
2015-04-07 10:43:02 ----RD---- C:\Program Files
2015-04-07 09:02:37 ----D---- C:\Windows\Tasks
2015-04-04 12:11:47 ----D---- C:\Windows\Logs
2015-04-04 09:56:22 ----SD---- C:\Users\František\AppData\Roaming\Microsoft
2015-04-04 09:40:47 ----D---- C:\Windows\ehome
2015-04-04 09:40:46 ----D---- C:\Program Files\Windows Journal
2015-04-04 09:40:45 ----D---- C:\Program Files\Windows Media Player
2015-04-04 09:40:45 ----D---- C:\Program Files (x86)\Windows Media Player
2015-04-04 09:40:44 ----D---- C:\Windows\SYSWOW64\Dism
2015-04-04 09:40:43 ----D---- C:\Windows\system32\en-US
2015-04-04 09:40:43 ----D---- C:\Windows\system32\Dism
2015-04-04 09:40:41 ----D---- C:\Windows\system32\CodeIntegrity
2015-04-04 09:40:41 ----D---- C:\Windows\system32\Boot
2015-04-04 09:40:24 ----D---- C:\Windows\tracing
2015-04-03 18:59:23 ----D---- C:\Windows\system32\catroot
2015-04-03 17:33:18 ----D---- C:\Program Files (x86)\Common Files
2015-04-03 17:23:49 ----D---- C:\Program Files\Microsoft Silverlight
2015-04-03 17:23:49 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-04-01 10:39:49 ----D---- C:\Program Files (x86)\Internet Speed Checker
2015-03-31 11:05:22 ----D---- C:\Program Files (x86)\Microsoft Toolkit Final
2015-03-31 11:02:26 ----D---- C:\Program Files (x86)\Adobe
2015-03-31 11:02:14 ----D---- C:\Program Files (x86)\Acronis
2015-03-31 11:02:14 ----D---- C:\Program Files (x86)\2461ba9b-1a67-4720-ae32-cf36e98948b1
2015-03-31 11:02:13 ----D---- C:\Program Files (x86)\195c544d-863f-4ffe-8aa4-57873f2a036e
2015-03-30 15:41:35 ----D---- C:\Windows\system32\wfp
2015-03-30 14:40:25 ----D---- C:\Users\František\AppData\Roaming\Zoner
2015-03-30 14:40:25 ----D---- C:\Users\František\AppData\Roaming\XMedia Recode
2015-03-30 14:40:25 ----D---- C:\Users\František\AppData\Roaming\Thunderbird
2015-03-30 14:40:25 ----D---- C:\Users\František\AppData\Roaming\Skype
2015-03-30 14:40:25 ----D---- C:\Users\František\AppData\Roaming\Seznam.cz
2015-03-30 14:40:20 ----D---- C:\Users\František\AppData\Roaming\Samsung
2015-03-30 14:40:19 ----D---- C:\Users\František\AppData\Roaming\Real
2015-03-30 14:40:19 ----D---- C:\Users\František\AppData\Roaming\Posta
2015-03-30 14:40:18 ----D---- C:\Users\František\AppData\Roaming\Opera Software
2015-03-30 14:40:18 ----D---- C:\Users\František\AppData\Roaming\OpenOffice.org
2015-03-30 14:40:18 ----D---- C:\Users\František\AppData\Roaming\OpenCandy
2015-03-30 14:40:18 ----D---- C:\Users\František\AppData\Roaming\omniboxes
2015-03-30 14:40:18 ----D---- C:\Users\František\AppData\Roaming\Nero
2015-03-30 14:40:17 ----D---- C:\Users\František\AppData\Roaming\MyPhoneExplorer
2015-03-30 14:40:15 ----D---- C:\Users\František\AppData\Roaming\Mozilla
2015-03-30 14:40:14 ----D---- C:\Users\František\AppData\Roaming\iSpy
2015-03-30 14:40:14 ----D---- C:\Users\František\AppData\Roaming\Intelli-studio
2015-03-30 14:40:14 ----D---- C:\Users\František\AppData\Roaming\HellSpy.cz Download Manager
2015-03-30 14:40:14 ----D---- C:\Users\František\AppData\Roaming\GRETECH
2015-03-30 14:40:14 ----D---- C:\Users\František\AppData\Roaming\Convert Audio Free
2015-03-30 14:40:14 ----D---- C:\Users\František\AppData\Roaming\BlackBean
2015-03-30 14:40:01 ----D---- C:\Program Files (x86)\YTDownloader
2015-03-30 14:40:01 ----D---- C:\Program Files (x86)\Ge-Force
2015-03-30 14:39:34 ----D---- C:\Windows\registration
2015-03-30 14:36:57 ----RHD---- C:\MSOCache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-04-23 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-23 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-23 272248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-06-05 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-27 834544]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2014-06-05 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2014-06-05 970336]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-04-23 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-23 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-23 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-23 442264]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-23 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-23 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-23 137288]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2014-06-05 279136]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-09 9258496]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-09 300544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-06 2337440]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2010-10-05 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2010-10-05 16168]
S2 sbmntr;SBMNTR; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys []
S2 SPDRIVER_1.39.0.1638;SPDRIVER_1.39.0.1638; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.39.0.1638\jsdrv.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2014-01-23 38080]
S3 AODDriver4.0;AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2014-01-23 37344]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-06-11 25640]
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2006-11-08 12296704]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2014-01-23 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2014-01-23 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2014-01-23 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2014-01-23 158024]
S3 tbhsd;Audials Sound Capturing; C:\Windows\system32\drivers\tbhsd.sys [2012-11-06 47240]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-22 154256]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2010-12-22 43792]
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2010-10-05 18288]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 1079376]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-06-05 3975088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-09 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-09 365568]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 avast! Antivirus;Avast Antivirus; D:\System\program files\avast\AvastSvc.exe [2015-04-23 343336]
R2 avast! Firewall;Avast Firewall; D:\System\program files\avast\afwServ.exe [2015-04-23 107448]
R2 BrsHelper;BrsHelper; C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE [2015-03-22 112560]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2010-10-13 5790064]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2014-08-04 5095264]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2010-10-13 487280]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2015-03-23 493712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-08-26 101888]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-23 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-12 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-23 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-12 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-04-23 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-08 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Zdravim 
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
# AdwCleaner v4.202 - Log vytvořen 28/04/2015 v 11:00:04
# Aktualizováno 23/04/2015 by Xplodea
# Databáze : 2015-04-27.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : František - FRANTISEK
# Spuštěno z : C:\Users\František\Desktop\adwcleaner_4.202.exe
# Nastavení : Čištění
***** [ Služby ] *****
[#] Služba Smazáno : BrsHelper
[#] Služba Smazáno : globalUpdate
[#] Služba Smazáno : globalUpdatem
[#] Služba Smazáno : sbmntr
[#] Služba Smazáno : WindowsMangerProtect
[#] Služba Smazáno : SPDRIVER_1.39.0.1638
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\ShopperPro
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\Sense
Složka Smazáno : C:\Program Files (x86)\YTDownloader
Složka Smazáno : C:\Program Files (x86)\Internet Speed Checker
Složka Smazáno : C:\Program Files (x86)\Ge-Force
Složka Smazáno : C:\Users\František\AppData\Local\BrowserHelper
Složka Smazáno : C:\Users\František\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\František\AppData\Roaming\omniboxes
Složka Smazáno : C:\Users\František\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbglkiiiofelplniblholffbhhjmdhhi
***** [ Naplánované úlohy ] *****
Úloha Smazáno : globalUpdateUpdateTaskMachineCore
Úloha Smazáno : globalUpdateUpdateTaskMachineUA
Úloha Smazáno : ShopperPro
Úloha Smazáno : ShopperProJSUpd
Úloha Smazáno : SMupdate1
Úloha Smazáno : YTDownloader
Úloha Smazáno : YTDownloaderUpd
Úloha Smazáno : 47ecbf1d-5f09-4e3b-8879-e0f70e521512-1-6
Úloha Smazáno : 47ecbf1d-5f09-4e3b-8879-e0f70e521512-5_user
Úloha Smazáno : 53ea5854-9464-40ff-92cd-8887adff797e-10_user
Úloha Smazáno : 53ea5854-9464-40ff-92cd-8887adff797e-5_user
Úloha Smazáno : 651a091c-7077-47c8-90a6-dcf84162083a-10_user
Úloha Smazáno : 651a091c-7077-47c8-90a6-dcf84162083a-5
Úloha Smazáno : 651a091c-7077-47c8-90a6-dcf84162083a-5_user
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-1-6
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-1-7
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-10_user
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-5
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-5_user
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-7
***** [ Zástupci ] *****
Zástupce Vyléčeno : C:\Users\Public\Desktop\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\Public\Desktop\Opera.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Zástupce Vyléčeno : C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Zástupce Vyléčeno : C:\Users\František\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Zástupce Vyléčeno : C:\Users\František\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk
***** [ Registry ] *****
Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fmconverter@gmail.com]
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Klíč Smazáno : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Klíč Smazáno : HKLM\SOFTWARE\0f0700d8-63bc-411b-9e61-8f5aa7ee90b9
Klíč Smazáno : HKLM\SOFTWARE\7d6ffb01-ec40-463b-9cc6-b51c6275c580
Klíč Smazáno : HKLM\SOFTWARE\b0e329c8-927f-4814-b489-c4fa9d34c2c8
Klíč Smazáno : HKLM\SOFTWARE\d0ed1436-e6e5-4936-8f02-bcfbc767ee34
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\YTDownloader
Klíč Smazáno : HKCU\Software\Local AppWizard-Generated Applications
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\YTDownloader
Klíč Smazáno : HKLM\SOFTWARE\omniboxesSoftware
Klíč Smazáno : HKU\.DEFAULT\Software\AVG Secure Search
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\ShopperPro
Klíč Smazáno : [x64] HKLM\SOFTWARE\YTDownloader
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17041
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v37.0.1 (x86 cs)
[4r2khtfk.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.hiddenOneOffs", "DuckDuckGo,omniboxes");
[4r2khtfk.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.selectedEngine", "omniboxes");
-\\ Google Chrome v42.0.2311.90
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R1].txt - [2557 bytů] - [16/03/2015 11:02:29]
AdwCleaner[R2].txt - [14534 bytů] - [28/04/2015 10:56:51]
AdwCleaner[S1].txt - [2653 bytů] - [16/03/2015 12:09:44]
AdwCleaner[S2].txt - [12471 bytů] - [28/04/2015 11:00:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [12530 bytů] ##########
# Aktualizováno 23/04/2015 by Xplodea
# Databáze : 2015-04-27.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : František - FRANTISEK
# Spuštěno z : C:\Users\František\Desktop\adwcleaner_4.202.exe
# Nastavení : Čištění
***** [ Služby ] *****
[#] Služba Smazáno : BrsHelper
[#] Služba Smazáno : globalUpdate
[#] Služba Smazáno : globalUpdatem
[#] Služba Smazáno : sbmntr
[#] Služba Smazáno : WindowsMangerProtect
[#] Služba Smazáno : SPDRIVER_1.39.0.1638
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\ShopperPro
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\Sense
Složka Smazáno : C:\Program Files (x86)\YTDownloader
Složka Smazáno : C:\Program Files (x86)\Internet Speed Checker
Složka Smazáno : C:\Program Files (x86)\Ge-Force
Složka Smazáno : C:\Users\František\AppData\Local\BrowserHelper
Složka Smazáno : C:\Users\František\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\František\AppData\Roaming\omniboxes
Složka Smazáno : C:\Users\František\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbglkiiiofelplniblholffbhhjmdhhi
***** [ Naplánované úlohy ] *****
Úloha Smazáno : globalUpdateUpdateTaskMachineCore
Úloha Smazáno : globalUpdateUpdateTaskMachineUA
Úloha Smazáno : ShopperPro
Úloha Smazáno : ShopperProJSUpd
Úloha Smazáno : SMupdate1
Úloha Smazáno : YTDownloader
Úloha Smazáno : YTDownloaderUpd
Úloha Smazáno : 47ecbf1d-5f09-4e3b-8879-e0f70e521512-1-6
Úloha Smazáno : 47ecbf1d-5f09-4e3b-8879-e0f70e521512-5_user
Úloha Smazáno : 53ea5854-9464-40ff-92cd-8887adff797e-10_user
Úloha Smazáno : 53ea5854-9464-40ff-92cd-8887adff797e-5_user
Úloha Smazáno : 651a091c-7077-47c8-90a6-dcf84162083a-10_user
Úloha Smazáno : 651a091c-7077-47c8-90a6-dcf84162083a-5
Úloha Smazáno : 651a091c-7077-47c8-90a6-dcf84162083a-5_user
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-1-6
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-1-7
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-10_user
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-5
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-5_user
Úloha Smazáno : eb50a98c-587a-4fbd-b5bb-a2c742809b79-7
***** [ Zástupci ] *****
Zástupce Vyléčeno : C:\Users\Public\Desktop\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\Public\Desktop\Opera.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Zástupce Vyléčeno : C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Zástupce Vyléčeno : C:\Users\František\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Zástupce Vyléčeno : C:\Users\František\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk
***** [ Registry ] *****
Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fmconverter@gmail.com]
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Klíč Smazáno : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Klíč Smazáno : HKLM\SOFTWARE\0f0700d8-63bc-411b-9e61-8f5aa7ee90b9
Klíč Smazáno : HKLM\SOFTWARE\7d6ffb01-ec40-463b-9cc6-b51c6275c580
Klíč Smazáno : HKLM\SOFTWARE\b0e329c8-927f-4814-b489-c4fa9d34c2c8
Klíč Smazáno : HKLM\SOFTWARE\d0ed1436-e6e5-4936-8f02-bcfbc767ee34
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\YTDownloader
Klíč Smazáno : HKCU\Software\Local AppWizard-Generated Applications
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\YTDownloader
Klíč Smazáno : HKLM\SOFTWARE\omniboxesSoftware
Klíč Smazáno : HKU\.DEFAULT\Software\AVG Secure Search
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\ShopperPro
Klíč Smazáno : [x64] HKLM\SOFTWARE\YTDownloader
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17041
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v37.0.1 (x86 cs)
[4r2khtfk.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.hiddenOneOffs", "DuckDuckGo,omniboxes");
[4r2khtfk.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.selectedEngine", "omniboxes");
-\\ Google Chrome v42.0.2311.90
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R1].txt - [2557 bytů] - [16/03/2015 11:02:29]
AdwCleaner[R2].txt - [14534 bytů] - [28/04/2015 10:56:51]
AdwCleaner[S1].txt - [2653 bytů] - [16/03/2015 12:09:44]
AdwCleaner[S2].txt - [12471 bytů] - [28/04/2015 11:00:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [12530 bytů] ##########
Re: Prosím o kontrolu logu
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 28.4.2015
Čas skenování: 13:51:23
Protokol:
Správce: Ano
Verze: 0.00.0.0000
Databáze malwaru: v2015.04.28.03
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: FrantiÅ¡ek
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 411218
Uplynulý čas: 17 min, 32 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 28.4.2015
Čas skenování: 13:51:23
Protokol:
Správce: Ano
Verze: 0.00.0.0000
Databáze malwaru: v2015.04.28.03
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: FrantiÅ¡ek
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 411218
Uplynulý čas: 17 min, 32 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu logu
zde ještě přikládám screen výsledků nevím jestli je to v logu poznat
- Přílohy
-
- anti_malware_vysledky.jpg (165.37 KiB) Zobrazeno 2093 x
Re: Prosím o kontrolu logu
Z toho obrazku nevidim vsechny nalezy, takze nemuzu s jistotou rict, ze tam neni nejaka falesna detekce.
Nicmene test nebyl nastaven spravne. Dal jste jen Sken hrozeb. Ten nekontroluje cely pocitac. Udelejte novy test, ale tentokrat spravne, cili Vlastni sken vsech disku.
Nicmene test nebyl nastaven spravne. Dal jste jen Sken hrozeb. Ten nekontroluje cely pocitac. Udelejte novy test, ale tentokrat spravne, cili Vlastni sken vsech disku.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Pardón tak snad teď:
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 29.4.2015
Čas skenování: 11:58:31
Protokol:
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.04.29.02
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: FrantiÅ¡ek
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 408016
Uplynulý čas: 19 min, 34 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 23
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [1e38155dd0ba12242c865ee9cc3648b8],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [1e38155dd0ba12242c865ee9cc3648b8],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03, , [cc8a72007d0d2c0a101e5a918e757b85],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03-nv, , [2d29b6bc74166fc73fefd6150ef52ad6],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03-nv-ie, , [56004131ec9e53e3d15d08e3659e0ef2],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, , [ec6a5a18c2c8a88e982bc98ef21351af],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv-ie, , [8dc9d89a4b3f86b05370c394996c60a0],
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv, , [0d49bfb3315951e5de3fe9e74eb5857b],
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv-ie, , [510552209af0989e40dd1eb24cb76a96],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\Sense-nv, , [b89ea7cbd7b33ef8de78b7a1bc490ef2],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\Sense-nv-ie, , [e67049296c1e2b0b2c2a76e29d688080],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [5bfb32406426dc5a009f4c7bd62d936d],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.8cV23.03-nv-ie, , [2531ea880c7ee3535cd3edfed62d1ce4],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, , [0b4b8ee48901bb7ba61e4710c63fc63a],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [5cfad39f0e7cde589fedbea0838257a9],
PUP.Optional.Cinema.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\CinemaP-1.8cV23.03-nv, , [4f073b372e5cb185b77822c9bf4414ec],
PUP.Optional.Cinema.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\CinemaP-1.8cV23.03-nv-ie, , [6de9244e068471c50f202cbf1fe403fd],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Ge-Force-nv, , [57ffe38f03870135b90b2f285aab37c9],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Ge-Force-nv-ie, , [9fb775fda9e11d19477d65f2e0254cb4],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Internet Speed Checker-nv, , [77dfc9a91278c175021cbd13c24124dc],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Internet Speed Checker-nv-ie, , [67ef5a181e6cf3439a84725ef50e27d9],
PUP.Optional.Sense.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Sense-nv, , [282eb5bd7a10b87e0057e47420e5c23e],
PUP.Optional.Sense.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Sense-nv-ie, , [5cfaf979800a66d0a9ae253380855ca4],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 2
PUP.Optional.Omniboxes.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://www.omniboxes.com/web/?type=ds&t ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.omniboxes.com/web/?type=ds&t ... earchTerms}),,[0f47d89a2f5b43f3e86dba54d53101ff]
PUP.Optional.Omniboxes.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://www.omniboxes.com/web/?type=ds&t ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.omniboxes.com/web/?type=ds&t ... earchTerms}),,[5afcd69cc3c70e28cb8a0b03ea1cf20e]
Složky: 7
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.343544, , [074fabc731592e08cfcad0da07fcd52b],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.35643, , [92c43f335b2f181efa9f3377a16209f7],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.446797, , [094dc6ac12787db9bbde1f8b9d668878],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.497083, , [92c4fa7894f666d0e1b804a621e2ca36],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, , [65f11959048647ef5a8a2c98996a51af],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, , [65f11959048647ef5a8a2c98996a51af],
Soubory: 62
PUP.Optional.Nova.A, C:\Program Files (x86)\2461ba9b-1a67-4720-ae32-cf36e98948b1\0671d915-b9b9-4ea0-8cc7-755a3b31771f.dll, , [ce889ad8d8b21c1a1ff5e03019e9619f],
PUP.Optional.Nova.A, C:\Program Files (x86)\47e7f5cd-09ef-472f-bbf4-535f19986805\856bae31-8c8b-4fee-9483-4c26b467ab84.dll, , [ed69cba75a304beb080cf41cb15152ae],
PUP.Optional.Nova.A, C:\Program Files (x86)\Acronis\2641de78-bdc9-4222-823d-e6fe2b720d0c.dll, , [4b0b6e04abdf1125769e4cc4887a9967],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a-5.exe, , [1442b8ba0486ca6cf88dbd827096fa06],
PUP.Optional.Bundle, C:\Program Files (x86)\Microsoft Toolkit Final\Microsoft Toolkit 2.5.3__9465_il66804.exe, , [89cd185a81099f97972d38044bb77d83],
PUP.Optional.Nova.A, C:\Program Files (x86)\e62e2e4c-1eb8-43a9-8621-77c29f22f9a8\5177049e-d9b2-4c69-a2f2-e805f8ef0419.dll, , [b1a54e243e4c6fc73ed6aa6621e17d83],
PUP.Optional.InternetSpeedChecker.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R069SA7.exe, , [6ee888eacbbf1f17c9e700c08c75639d],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R1TI6B5.exe, , [ba9ccba7325893a3728498a336cc03fd],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R4C78BX.exe, , [e076e78b66248ea848aebc7f54aef60a],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$RN9G71F.exe, , [6aec9ed41674c274fbfb8eadd23049b7],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$ROEO8UZ.exe, , [8dc99fd3b6d4e254cf27b9820ff39868],
PUP.Optional.Nova.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$RYE9GWG.dll, , [0254fc768a002e080f05050b9f63738d],
PUP.Optional.Protect, C:\Users\František\AppData\Local\Temp\~dl74F6\zdma\tmp\wpm_v20.0.0.1953_0302.exe, , [31250e64ee9c5adcd33dec11e3222dd3],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleCrashHandler.exe, , [480eb9b99eecf2443f73c285966c15eb],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdate.exe, , [1e38155dd0ba12242c865ee9cc3648b8],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateBroker.exe, , [6ee883ef6a20db5b526096b1da28d42c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateOnDemand.exe, , [6ee8472b4149a88e8032f94e679bb34d],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\goopdate.dll, , [96c088eab6d4d95dc6ec2a1d3bc7de22],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\goopdateres_en.dll, , [ef6788ea0a80be785b57b493ca38e41c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\npGoogleUpdate4.dll, , [0c4ac2b00a80bf77e6cca6a1ed1540c0],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\psmachine.dll, , [4d0987ebb0dae94d10a295b235cdf10f],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\psuser.dll, , [15412f4393f72a0c7240c582cf335ba5],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleCrashHandler.exe, , [bf97ec864f3b4de9bff3c78055ad1de3],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdate.exe, , [a9ad96dcb5d53ff7eec4b49337cbf60a],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateBroker.exe, , [f660571be8a2e74fc3ef75d2867c23dd],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateOnDemand.exe, , [381e3e34098137ff961cb98e36ccfc04],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\goopdate.dll, , [2630beb4bccef93d5c5684c3d62c16ea],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\goopdateres_en.dll, , [94c274fe246647ef6d4542054cb625db],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\npGoogleUpdate4.dll, , [d086fe7482085bdb21912c1b80828779],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\psmachine.dll, , [62f4561c9af0d066f2c0bf88d42e3ec2],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\psuser.dll, , [dd79f67c77135bdbdbd70344847e16ea],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleCrashHandler.exe, , [a6b00c66fe8cef47773b1f28bc46a25e],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdate.exe, , [6ceadb97d9b13ef8e0d2f255e12142be],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateBroker.exe, , [2f27a0d2f3974fe7d7db92b5ff0330d0],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateOnDemand.exe, , [ed69056df49646f09b17a7a0000231cf],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\goopdate.dll, , [1e3895ddb3d74ee851613611e31fd62a],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\goopdateres_en.dll, , [5006e68cd3b73afc3082f7501ee47f81],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\npGoogleUpdate4.dll, , [8fc71260a9e11c1a31818eb9f70b10f0],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\psmachine.dll, , [3620a4ce93f7a591407244030ef4fd03],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\psuser.dll, , [f462264c3b4f79bd6b4749feac566997],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleCrashHandler.exe, , [f660660c43477bbb62504106ff03b749],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdate.exe, , [272fc8aaa8e287af189a63e4e41e1de3],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateBroker.exe, , [ee68fe746822c076f9b9ed5aaf536e92],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateOnDemand.exe, , [70e68ee45d2ddc5abdf51a2ded15f40c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\goopdate.dll, , [4b0b77fb553574c2c9e90c3b0cf69a66],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\goopdateres_en.dll, , [7cda1c56f595c571367c69de9171bd43],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\npGoogleUpdate4.dll, , [c1954f231575e74fc8ea4205d62cdb25],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\psmachine.dll, , [69edfe74078352e44969e562a959bd43],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\psuser.dll, , [57ff452db3d7aa8c427079ce1fe3f30d],
PUP.Optional.OpenCandy, C:\Windows\temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [ee68f08291f91620e16abc7736d0d828],
PUP.Optional.Omniboxes.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omniboxes.xml, , [371fbeb4117985b16b91c7093bc8f808],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateHelper.msi, , [074fabc731592e08cfcad0da07fcd52b],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateHelper.msi, , [92c43f335b2f181efa9f3377a16209f7],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateHelper.msi, , [094dc6ac12787db9bbde1f8b9d668878],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateHelper.msi, , [92c4fa7894f666d0e1b804a621e2ca36],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a.crx, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a.xpi, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\7d6ffb01-ec40-463b-9cc6-b51c6275c580.crx, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\bgNova.html, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\e9308647-2d06-4400-9430-b5916cd5e579.dll, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, , [65f11959048647ef5a8a2c98996a51af],
PUP.Optional.Omniboxes.A, C:\Users\FrantiÅ¡ek\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\search.json, Dobré: (), Špatné: (omniboxes), ,[5600fa781f6bdf57a091f653bb4b5da3]
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 29.4.2015
Čas skenování: 11:58:31
Protokol:
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.04.29.02
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: FrantiÅ¡ek
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 408016
Uplynulý čas: 19 min, 34 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 23
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [1e38155dd0ba12242c865ee9cc3648b8],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [1e38155dd0ba12242c865ee9cc3648b8],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03, , [cc8a72007d0d2c0a101e5a918e757b85],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03-nv, , [2d29b6bc74166fc73fefd6150ef52ad6],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03-nv-ie, , [56004131ec9e53e3d15d08e3659e0ef2],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, , [ec6a5a18c2c8a88e982bc98ef21351af],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv-ie, , [8dc9d89a4b3f86b05370c394996c60a0],
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv, , [0d49bfb3315951e5de3fe9e74eb5857b],
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv-ie, , [510552209af0989e40dd1eb24cb76a96],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\Sense-nv, , [b89ea7cbd7b33ef8de78b7a1bc490ef2],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\Sense-nv-ie, , [e67049296c1e2b0b2c2a76e29d688080],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [5bfb32406426dc5a009f4c7bd62d936d],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.8cV23.03-nv-ie, , [2531ea880c7ee3535cd3edfed62d1ce4],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, , [0b4b8ee48901bb7ba61e4710c63fc63a],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [5cfad39f0e7cde589fedbea0838257a9],
PUP.Optional.Cinema.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\CinemaP-1.8cV23.03-nv, , [4f073b372e5cb185b77822c9bf4414ec],
PUP.Optional.Cinema.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\CinemaP-1.8cV23.03-nv-ie, , [6de9244e068471c50f202cbf1fe403fd],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Ge-Force-nv, , [57ffe38f03870135b90b2f285aab37c9],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Ge-Force-nv-ie, , [9fb775fda9e11d19477d65f2e0254cb4],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Internet Speed Checker-nv, , [77dfc9a91278c175021cbd13c24124dc],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Internet Speed Checker-nv-ie, , [67ef5a181e6cf3439a84725ef50e27d9],
PUP.Optional.Sense.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Sense-nv, , [282eb5bd7a10b87e0057e47420e5c23e],
PUP.Optional.Sense.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Sense-nv-ie, , [5cfaf979800a66d0a9ae253380855ca4],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 2
PUP.Optional.Omniboxes.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://www.omniboxes.com/web/?type=ds&t ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.omniboxes.com/web/?type=ds&t ... earchTerms}),,[0f47d89a2f5b43f3e86dba54d53101ff]
PUP.Optional.Omniboxes.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://www.omniboxes.com/web/?type=ds&t ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.omniboxes.com/web/?type=ds&t ... earchTerms}),,[5afcd69cc3c70e28cb8a0b03ea1cf20e]
Složky: 7
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.343544, , [074fabc731592e08cfcad0da07fcd52b],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.35643, , [92c43f335b2f181efa9f3377a16209f7],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.446797, , [094dc6ac12787db9bbde1f8b9d668878],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.497083, , [92c4fa7894f666d0e1b804a621e2ca36],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, , [65f11959048647ef5a8a2c98996a51af],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, , [65f11959048647ef5a8a2c98996a51af],
Soubory: 62
PUP.Optional.Nova.A, C:\Program Files (x86)\2461ba9b-1a67-4720-ae32-cf36e98948b1\0671d915-b9b9-4ea0-8cc7-755a3b31771f.dll, , [ce889ad8d8b21c1a1ff5e03019e9619f],
PUP.Optional.Nova.A, C:\Program Files (x86)\47e7f5cd-09ef-472f-bbf4-535f19986805\856bae31-8c8b-4fee-9483-4c26b467ab84.dll, , [ed69cba75a304beb080cf41cb15152ae],
PUP.Optional.Nova.A, C:\Program Files (x86)\Acronis\2641de78-bdc9-4222-823d-e6fe2b720d0c.dll, , [4b0b6e04abdf1125769e4cc4887a9967],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a-5.exe, , [1442b8ba0486ca6cf88dbd827096fa06],
PUP.Optional.Bundle, C:\Program Files (x86)\Microsoft Toolkit Final\Microsoft Toolkit 2.5.3__9465_il66804.exe, , [89cd185a81099f97972d38044bb77d83],
PUP.Optional.Nova.A, C:\Program Files (x86)\e62e2e4c-1eb8-43a9-8621-77c29f22f9a8\5177049e-d9b2-4c69-a2f2-e805f8ef0419.dll, , [b1a54e243e4c6fc73ed6aa6621e17d83],
PUP.Optional.InternetSpeedChecker.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R069SA7.exe, , [6ee888eacbbf1f17c9e700c08c75639d],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R1TI6B5.exe, , [ba9ccba7325893a3728498a336cc03fd],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R4C78BX.exe, , [e076e78b66248ea848aebc7f54aef60a],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$RN9G71F.exe, , [6aec9ed41674c274fbfb8eadd23049b7],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$ROEO8UZ.exe, , [8dc99fd3b6d4e254cf27b9820ff39868],
PUP.Optional.Nova.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$RYE9GWG.dll, , [0254fc768a002e080f05050b9f63738d],
PUP.Optional.Protect, C:\Users\František\AppData\Local\Temp\~dl74F6\zdma\tmp\wpm_v20.0.0.1953_0302.exe, , [31250e64ee9c5adcd33dec11e3222dd3],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleCrashHandler.exe, , [480eb9b99eecf2443f73c285966c15eb],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdate.exe, , [1e38155dd0ba12242c865ee9cc3648b8],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateBroker.exe, , [6ee883ef6a20db5b526096b1da28d42c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateOnDemand.exe, , [6ee8472b4149a88e8032f94e679bb34d],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\goopdate.dll, , [96c088eab6d4d95dc6ec2a1d3bc7de22],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\goopdateres_en.dll, , [ef6788ea0a80be785b57b493ca38e41c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\npGoogleUpdate4.dll, , [0c4ac2b00a80bf77e6cca6a1ed1540c0],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\psmachine.dll, , [4d0987ebb0dae94d10a295b235cdf10f],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\psuser.dll, , [15412f4393f72a0c7240c582cf335ba5],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleCrashHandler.exe, , [bf97ec864f3b4de9bff3c78055ad1de3],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdate.exe, , [a9ad96dcb5d53ff7eec4b49337cbf60a],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateBroker.exe, , [f660571be8a2e74fc3ef75d2867c23dd],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateOnDemand.exe, , [381e3e34098137ff961cb98e36ccfc04],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\goopdate.dll, , [2630beb4bccef93d5c5684c3d62c16ea],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\goopdateres_en.dll, , [94c274fe246647ef6d4542054cb625db],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\npGoogleUpdate4.dll, , [d086fe7482085bdb21912c1b80828779],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\psmachine.dll, , [62f4561c9af0d066f2c0bf88d42e3ec2],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\psuser.dll, , [dd79f67c77135bdbdbd70344847e16ea],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleCrashHandler.exe, , [a6b00c66fe8cef47773b1f28bc46a25e],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdate.exe, , [6ceadb97d9b13ef8e0d2f255e12142be],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateBroker.exe, , [2f27a0d2f3974fe7d7db92b5ff0330d0],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateOnDemand.exe, , [ed69056df49646f09b17a7a0000231cf],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\goopdate.dll, , [1e3895ddb3d74ee851613611e31fd62a],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\goopdateres_en.dll, , [5006e68cd3b73afc3082f7501ee47f81],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\npGoogleUpdate4.dll, , [8fc71260a9e11c1a31818eb9f70b10f0],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\psmachine.dll, , [3620a4ce93f7a591407244030ef4fd03],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\psuser.dll, , [f462264c3b4f79bd6b4749feac566997],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleCrashHandler.exe, , [f660660c43477bbb62504106ff03b749],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdate.exe, , [272fc8aaa8e287af189a63e4e41e1de3],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateBroker.exe, , [ee68fe746822c076f9b9ed5aaf536e92],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateOnDemand.exe, , [70e68ee45d2ddc5abdf51a2ded15f40c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\goopdate.dll, , [4b0b77fb553574c2c9e90c3b0cf69a66],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\goopdateres_en.dll, , [7cda1c56f595c571367c69de9171bd43],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\npGoogleUpdate4.dll, , [c1954f231575e74fc8ea4205d62cdb25],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\psmachine.dll, , [69edfe74078352e44969e562a959bd43],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\psuser.dll, , [57ff452db3d7aa8c427079ce1fe3f30d],
PUP.Optional.OpenCandy, C:\Windows\temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [ee68f08291f91620e16abc7736d0d828],
PUP.Optional.Omniboxes.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omniboxes.xml, , [371fbeb4117985b16b91c7093bc8f808],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateHelper.msi, , [074fabc731592e08cfcad0da07fcd52b],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateHelper.msi, , [92c43f335b2f181efa9f3377a16209f7],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateHelper.msi, , [094dc6ac12787db9bbde1f8b9d668878],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateHelper.msi, , [92c4fa7894f666d0e1b804a621e2ca36],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a.crx, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a.xpi, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\7d6ffb01-ec40-463b-9cc6-b51c6275c580.crx, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\bgNova.html, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\e9308647-2d06-4400-9430-b5916cd5e579.dll, , [4d094230bdcd072f6600248cc93a24dc],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, , [65f11959048647ef5a8a2c98996a51af],
PUP.Optional.Omniboxes.A, C:\Users\FrantiÅ¡ek\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\search.json, Dobré: (), Špatné: (omniboxes), ,[5600fa781f6bdf57a091f653bb4b5da3]
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu logu
Ja potrebuji, aby tam bylo Typ skenu: Vlastní sken. Respektive ja to nepotrebuji, ale ten pocitac by to ocenil.ballanc píše:Typ skenu: Sken hrozeb
Vsechny nalezy nechte odstranit (pripadne do karanteny). Po naslednem restartu pc test zopakujte - pokud mozno opravdu spravne nastaveny - at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Omlouvám se jsem dnes nějak natvrdlej... posílám log z doufám již toho správného scanu. mám tedy zjištěné hrozby smazat?
Díky za trpělivost
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 29.4.2015
Čas skenování: 13:42:58
Protokol:
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.04.29.02
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: FrantiÅ¡ek
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 748142
Uplynulý čas: 2 hod, 28 min, 59 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 23
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [2b2bd1a17d0d1d19189a1037976b16ea],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [2b2bd1a17d0d1d19189a1037976b16ea],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03, , [b1a587ebf19944f244eae10a52b1de22],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03-nv, , [68ee9ad8305ac07616185d8e7f844cb4],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03-nv-ie, , [1046155d09815bdb6cc2c02bff04c040],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, , [72e4e38ff09a2c0a3b88075058ad9a66],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv-ie, , [371f76fcdab04cea9d261e3965a07987],
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv, , [50065022cdbda78f60bdcc04fa099868],
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv-ie, , [183e0b674e3c8aaca27ba22e53b05ba5],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\Sense-nv, , [d0868de52e5c10260e484711c93ca35d],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\Sense-nv-ie, , [a9ad680a4a40c5713d192a2e2cd9926e],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [58fe581ae0aaef47693609be1ce70ef2],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.8cV23.03-nv-ie, , [8ec891e1cfbb9c9afe31a9428b78d52b],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, , [0b4b482a008a12248d37282fca3b817f],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [43137df54f3b69cd04884618996c8878],
PUP.Optional.Cinema.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\CinemaP-1.8cV23.03-nv, , [f660dc96e8a21125f43ba04bec175ba5],
PUP.Optional.Cinema.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\CinemaP-1.8cV23.03-nv-ie, , [0155254d652580b6d45b5b90a95a7e82],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Ge-Force-nv, , [fe58b6bca7e3b68011b3cd8a8283b34d],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Ge-Force-nv-ie, , [82d4fa78e8a24fe76a5a60f7788dbe42],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Internet Speed Checker-nv, , [3620066cbdcd003623fb478948bb3ac6],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Internet Speed Checker-nv-ie, , [d086d999464468ce7f9fd8f8eb1837c9],
PUP.Optional.Sense.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Sense-nv, , [f1658ae8a9e1e5511a3de672f114ec14],
PUP.Optional.Sense.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Sense-nv-ie, , [43139dd56a20280e480fe37536cf3fc1],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 2
PUP.Optional.Omniboxes.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://www.omniboxes.com/web/?type=ds&t ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.omniboxes.com/web/?type=ds&t ... earchTerms}),,[d383b2c098f27fb783d2c94515f18b75]
PUP.Optional.Omniboxes.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://www.omniboxes.com/web/?type=ds&t ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.omniboxes.com/web/?type=ds&t ... earchTerms}),,[e76f343e76148aac292c719dd4323bc5]
Složky: 7
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.343544, , [b99df77bf793d26438614466af544eb2],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.35643, , [0f47dc96aae075c1702988228e75fd03],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.446797, , [5501452d117981b59bfefeacf31018e8],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.497083, , [a4b2b6bcd7b391a50c8dc5e58a7960a0],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, , [1a3c92e0a7e37db944a0ac18877caf51],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, , [1a3c92e0a7e37db944a0ac18877caf51],
Soubory: 98
PUP.Optional.InternetSpeedChecker.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R069SA7.exe, , [da7cacc608823cfabef26858a65b738d],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R1TI6B5.exe, , [8ccabbb743475bdb678ffc3f986af40c],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R4C78BX.exe, , [9db9f47ef89241f52cca003b1fe3b947],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$RN9G71F.exe, , [85d15c169bef6fc76195f546669ce51b],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$ROEO8UZ.exe, , [2234442e91f90f27896de556d82ad828],
PUP.Optional.Nova.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$RYE9GWG.dll, , [c096d999eb9f2d09a76d50c04db52dd3],
PUP.Optional.GeForce.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ge-Force\eb50a98c-587a-4fbd-b5bb-a2c742809b79-1-6.exe.vir, , [84d2cea4dbaf1d19d521bf7c60a29967],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe.vir, , [6de94b273d4dd264c5ed65e240c247b9],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir, , [ec6a007262286fc70ca62225659d23dd],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe.vir, , [f561df93a1e9b4821e945aed679bcd33],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe.vir, , [36206210800af73f159df552f11101ff],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe.vir, , [d77f4929a0eaa49210a2a99e41c1e21e],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir, , [50060f63e1a91b1b585a7ccba75b946c],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir, , [7cda78fac4c6a195e5cd94b3ae546d93],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.vir, , [a4b24f232169f73ff1c1fc4b6c9604fc],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir, , [213578faa9e1b482288a0f38837f3dc3],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir, , [f066670bf793de58c7eb0047bf43c63a],
PUP.Optional.Nova.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\0f0700d8-63bc-411b-9e61-8f5aa7ee90b9.dll.vir, , [cf87c7abd1b9122426ee1cf4e81a42be],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\47ecbf1d-5f09-4e3b-8879-e0f70e521512-1-6.exe.vir, , [1541284a6a20ad892cb61ffecb37aa56],
PUP.Optional.Protect, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [2e2888ea4446270f0b056499ff06f40c],
PUP.Optional.GamePlayLab.A, C:\Users\František\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_17620\CRX_INSTALL\npGamePlayLabsPlugin.dll, , [1e38e78bd9b14beb57bb377fde239769],
PUP.Optional.Omniboxes.A, C:\Users\František\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DYM4XL6S\obw_omniboxes[1].exe, , [1343363c8efc3600139d70d642c41ae6],
PUP.Optional.Protect, C:\Users\František\AppData\Local\Temp\~dl74F6\zdma\tmp\wpm_v20.0.0.1953_0302.exe, , [ef67472b2a601323dc34bd40b94c1de3],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleCrashHandler.exe, , [ee6894dec5c5a690f2c0df68df23bb45],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdate.exe, , [2b2bd1a17d0d1d19189a1037976b16ea],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateBroker.exe, , [62f4b7bbf298b6805e543d0ae81aed13],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateOnDemand.exe, , [094d3d350c7e87afe1d1c483946e0af6],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\goopdate.dll, , [0155aac80c7eb77f8c26e4638280ee12],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\goopdateres_en.dll, , [233374fe0387a98d0aa8024556ac4fb1],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\npGoogleUpdate4.dll, , [58fe6c067713d85ef0c2d671c33f6b95],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\psmachine.dll, , [6fe7cca6ccbea88e09a93f0899696799],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\psuser.dll, , [2333531feaa0ac8a555d53f4679bc23e],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleCrashHandler.exe, , [69ede88a83079d99ffb3083fcf33b947],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdate.exe, , [2333c7ab761456e007abe760df23f20e],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateBroker.exe, , [d383c2b07812c0767a38153235cdbf41],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateOnDemand.exe, , [6ee8fb77107a61d56f43a4a3e41e7090],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\goopdate.dll, , [61f5640e47437db94a68ca7d1ee4c838],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\goopdateres_en.dll, , [b4a2b3bf127851e5664c60e72ad859a7],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\npGoogleUpdate4.dll, , [01554e24b9d155e13d756cdb4eb4a45c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\psmachine.dll, , [7fd7650d206aa294a012ee59669c19e7],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\psuser.dll, , [cc8a78faef9b3ef822905ceb4eb403fd],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleCrashHandler.exe, , [5df93d35b8d2ae88fbb7d47309f930d0],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdate.exe, , [b89e9bd7e6a4d56170420e39e91927d9],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateBroker.exe, , [2333b2c0e4a62a0c0fa3fe499969e61a],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateOnDemand.exe, , [282e0d650b7fec4a3280b196e31f07f9],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\goopdate.dll, , [ef678ce699f15dd9bdf5390ea9591ae6],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\goopdateres_en.dll, , [dc7a462c93f7b581a909ad9a44be4bb5],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\npGoogleUpdate4.dll, , [f85eaec4a3e779bd5e54e76080829d63],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\psmachine.dll, , [2c2ae290d5b582b4a30fd96ec43e58a8],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\psuser.dll, , [3c1a660ce0aa42f4872b63e439c91fe1],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleCrashHandler.exe, , [bb9b9fd34347fe388929d5726b97e31d],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdate.exe, , [490da5cd0a80fd391d95b592fa083bc5],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateBroker.exe, , [ec6a1d55a6e4b086b8fa1b2caa58946c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateOnDemand.exe, , [ec6a92e095f5ae885161ed5a32d023dd],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\goopdate.dll, , [94c2f87af892d85ebef435120df5eb15],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\goopdateres_en.dll, , [3521cfa3ccbe0432d0e2e2659e646898],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\npGoogleUpdate4.dll, , [0353432ffe8c54e2278bf75022e00000],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\psmachine.dll, , [53039cd65139dc5a8b271d2acf3301ff],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\psuser.dll, , [c29491e15e2cba7cedc5ff487a884ab6],
PUP.Optional.OpenCandy, C:\Windows\temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [b3a3640e0c7e181e43088fa4e71f37c9],
PUP.Optional.SkyTech.A, C:\found.008\dir0000.chk\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DLF2UE0H\1[1].zip, , [b6a0e0926a20fb3b5e6cc2438f73b34d],
PUP.Optional.CrossRider.A, C:\found.008\dir0000.chk\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DLF2UE0H\setup[1].exe_a, , [0b4b5d151971bd796c88de123dc4e020],
PUP.Optional.Nova.A, C:\Program Files (x86)\2461ba9b-1a67-4720-ae32-cf36e98948b1\0671d915-b9b9-4ea0-8cc7-755a3b31771f.dll, , [f363b1c126645bdb58bc2ae6ac56e41c],
PUP.Optional.Nova.A, C:\Program Files (x86)\47e7f5cd-09ef-472f-bbf4-535f19986805\856bae31-8c8b-4fee-9483-4c26b467ab84.dll, , [be982a489ceeb383e0347c94b64c0af6],
PUP.Optional.Nova.A, C:\Program Files (x86)\Acronis\2641de78-bdc9-4222-823d-e6fe2b720d0c.dll, , [480e1d55c5c595a17b99030dee1439c7],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a-5.exe, , [4b0b432f2b5fd16586ff77c8ee188b75],
PUP.Optional.Bundle, C:\Program Files (x86)\Microsoft Toolkit Final\Microsoft Toolkit 2.5.3__9465_il66804.exe, , [01552f432466f541c6fede5e59a98977],
PUP.Optional.Nova.A, C:\Program Files (x86)\e62e2e4c-1eb8-43a9-8621-77c29f22f9a8\5177049e-d9b2-4c69-a2f2-e805f8ef0419.dll, , [90c64b275634c57111038f811be7ae52],
PUP.Optional.Softonic, D:\SoftonicDownloader_for_spybot-search-destroy-portable.exe, , [25317df5d6b493a3704f270f28d9ea16],
PUP.Optional.BabylonToolBar.A, D:\stažené soubory\installer_driver_genius_trek_310_trek_310_vista_English.exe, , [96c0482a4644b0864050094053ae0ef2],
PUP.Optional.OpenCandy, D:\stažené soubory\FreemakeVideoConverterSetup.exe, , [8ccaacc65436a78f30891f203bc6db25],
PUP.Optional.OpenCandy, D:\stažené soubory\GOMPLAYERENSETUP.EXE, , [b5a16a0816744fe760eb7bb87c8a6a96],
PUP.Optional.OpenCandy.A, D:\stažené soubory\samsung Ace\MyPhoneExplorer_Setup_1.8.5.exe, , [0650a8ca8ffb74c22b7e59eb51afdb25],
PUP.Optional.Softonic.A, D:\stažené soubory\samsung Ace\SoftonicDownloader_for_mediacell-video-converter.exe, , [094d462c9feb1422c0580052fe031de3],
RiskWare.Tool.CK, D:\stažené soubory\Grafika\Adobe-CS5-Crack.rar, , [084ea7cb3e4c979f969ca34f42bfd22e],
RiskWare.Tool.CK, D:\stažené soubory\Grafika\Adobe CS5 Crack\Adobe CS5 Crack.rar, , [3026452d93f7122477bbfdf5b74afd03],
RiskWare.Tool.CK, D:\stažené soubory\Grafika\Adobe CS5 Crack\keygen.exe, , [93c3b3bfb9d162d4e250dd15c53c7987],
CrackTool.Agent, D:\stažené soubory\Grafika\Adobe CS5 Crack\Patch.exe, , [cd8998da6e1caf87aa2574dd8b767987],
PUP.RiskwareTool.CK, D:\stažené soubory\Grafika\Adobe Illustrator CS6 PROGRAM\Crack\32bit\amtlib.dll, , [371f007229614beb55d225b1be4458a8],
PUP.RiskwareTool.CK, D:\stažené soubory\Grafika\Adobe Illustrator CS6 PROGRAM\Crack\64bit\amtlib.dll, , [76e0d39fa4e6ca6c7bad9343778bfb05],
Malware.Gen, D:\stažené soubory\Grafika\Adobe Photoshop CS5 CZ\Crack\adobe_PS_CS5_keygen.exe, , [72e4dd956b1f1c1aa538256245bbd42c],
PUP.Optional.OutBrowse, D:\stažené soubory\office\Microsoft Toolkit Final.exe, , [5402324090fa46f0a904e758fe04ac54],
PUP.Optional.OpenCandy, D:\stažené soubory\office\dmg-extractor_1.1.1.1.exe, , [0f47660ceb9fdf576edd47ec5ea820e0],
PUP.Optional.TorchMedia, D:\stažené soubory\potÅebné programy\TorchSetup-r20-n-bc.exe, , [de78f18196f455e1fb22aa45936eda26],
PUP.Optional.Downloader, D:\stažené soubory\potÅebné programy\FairUse4W\iskysoft_drm_removal_1.1.1_patch_by_chaos_downloader_133.exe, , [ada91f5358321f17bc3a5ee87e84cd33],
PUP.RiskwareTool.CK, D:\System\program files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll, , [7fd78fe3a3e7dc5a9c8ceaec52b036ca],
PUP.Optional.Omniboxes.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omniboxes.xml, , [f2644929791110267a825e72bd4601ff],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateHelper.msi, , [b99df77bf793d26438614466af544eb2],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateHelper.msi, , [0f47dc96aae075c1702988228e75fd03],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateHelper.msi, , [5501452d117981b59bfefeacf31018e8],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateHelper.msi, , [a4b2b6bcd7b391a50c8dc5e58a7960a0],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a.crx, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a.xpi, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\7d6ffb01-ec40-463b-9cc6-b51c6275c580.crx, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\bgNova.html, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\e9308647-2d06-4400-9430-b5916cd5e579.dll, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, , [1a3c92e0a7e37db944a0ac18877caf51],
PUP.Optional.Omniboxes.A, C:\Users\FrantiÅ¡ek\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\search.json, Dobré: (), Špatné: (omniboxes), ,[73e3f280b1d93501a58cd673e81efe02]
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Díky za trpělivost
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 29.4.2015
Čas skenování: 13:42:58
Protokol:
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.04.29.02
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: FrantiÅ¡ek
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 748142
Uplynulý čas: 2 hod, 28 min, 59 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 23
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [2b2bd1a17d0d1d19189a1037976b16ea],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [2b2bd1a17d0d1d19189a1037976b16ea],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03, , [b1a587ebf19944f244eae10a52b1de22],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03-nv, , [68ee9ad8305ac07616185d8e7f844cb4],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV23.03-nv-ie, , [1046155d09815bdb6cc2c02bff04c040],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, , [72e4e38ff09a2c0a3b88075058ad9a66],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv-ie, , [371f76fcdab04cea9d261e3965a07987],
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv, , [50065022cdbda78f60bdcc04fa099868],
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv-ie, , [183e0b674e3c8aaca27ba22e53b05ba5],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\Sense-nv, , [d0868de52e5c10260e484711c93ca35d],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\Sense-nv-ie, , [a9ad680a4a40c5713d192a2e2cd9926e],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [58fe581ae0aaef47693609be1ce70ef2],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.8cV23.03-nv-ie, , [8ec891e1cfbb9c9afe31a9428b78d52b],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, , [0b4b482a008a12248d37282fca3b817f],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [43137df54f3b69cd04884618996c8878],
PUP.Optional.Cinema.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\CinemaP-1.8cV23.03-nv, , [f660dc96e8a21125f43ba04bec175ba5],
PUP.Optional.Cinema.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\CinemaP-1.8cV23.03-nv-ie, , [0155254d652580b6d45b5b90a95a7e82],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Ge-Force-nv, , [fe58b6bca7e3b68011b3cd8a8283b34d],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Ge-Force-nv-ie, , [82d4fa78e8a24fe76a5a60f7788dbe42],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Internet Speed Checker-nv, , [3620066cbdcd003623fb478948bb3ac6],
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Internet Speed Checker-nv-ie, , [d086d999464468ce7f9fd8f8eb1837c9],
PUP.Optional.Sense.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Sense-nv, , [f1658ae8a9e1e5511a3de672f114ec14],
PUP.Optional.Sense.A, HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Sense-nv-ie, , [43139dd56a20280e480fe37536cf3fc1],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 2
PUP.Optional.Omniboxes.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://www.omniboxes.com/web/?type=ds&t ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.omniboxes.com/web/?type=ds&t ... earchTerms}),,[d383b2c098f27fb783d2c94515f18b75]
PUP.Optional.Omniboxes.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://www.omniboxes.com/web/?type=ds&t ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.omniboxes.com/web/?type=ds&t ... earchTerms}),,[e76f343e76148aac292c719dd4323bc5]
Složky: 7
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.343544, , [b99df77bf793d26438614466af544eb2],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.35643, , [0f47dc96aae075c1702988228e75fd03],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.446797, , [5501452d117981b59bfefeacf31018e8],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.497083, , [a4b2b6bcd7b391a50c8dc5e58a7960a0],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, , [1a3c92e0a7e37db944a0ac18877caf51],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, , [1a3c92e0a7e37db944a0ac18877caf51],
Soubory: 98
PUP.Optional.InternetSpeedChecker.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R069SA7.exe, , [da7cacc608823cfabef26858a65b738d],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R1TI6B5.exe, , [8ccabbb743475bdb678ffc3f986af40c],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$R4C78BX.exe, , [9db9f47ef89241f52cca003b1fe3b947],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$RN9G71F.exe, , [85d15c169bef6fc76195f546669ce51b],
PUP.Optional.GeForce.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$ROEO8UZ.exe, , [2234442e91f90f27896de556d82ad828],
PUP.Optional.Nova.A, C:\$RECYCLE.BIN\S-1-5-21-2670680469-1364093197-1783861760-1000\$RYE9GWG.dll, , [c096d999eb9f2d09a76d50c04db52dd3],
PUP.Optional.GeForce.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ge-Force\eb50a98c-587a-4fbd-b5bb-a2c742809b79-1-6.exe.vir, , [84d2cea4dbaf1d19d521bf7c60a29967],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe.vir, , [6de94b273d4dd264c5ed65e240c247b9],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir, , [ec6a007262286fc70ca62225659d23dd],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe.vir, , [f561df93a1e9b4821e945aed679bcd33],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe.vir, , [36206210800af73f159df552f11101ff],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe.vir, , [d77f4929a0eaa49210a2a99e41c1e21e],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir, , [50060f63e1a91b1b585a7ccba75b946c],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir, , [7cda78fac4c6a195e5cd94b3ae546d93],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.vir, , [a4b24f232169f73ff1c1fc4b6c9604fc],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir, , [213578faa9e1b482288a0f38837f3dc3],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir, , [f066670bf793de58c7eb0047bf43c63a],
PUP.Optional.Nova.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\0f0700d8-63bc-411b-9e61-8f5aa7ee90b9.dll.vir, , [cf87c7abd1b9122426ee1cf4e81a42be],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\47ecbf1d-5f09-4e3b-8879-e0f70e521512-1-6.exe.vir, , [1541284a6a20ad892cb61ffecb37aa56],
PUP.Optional.Protect, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [2e2888ea4446270f0b056499ff06f40c],
PUP.Optional.GamePlayLab.A, C:\Users\František\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_17620\CRX_INSTALL\npGamePlayLabsPlugin.dll, , [1e38e78bd9b14beb57bb377fde239769],
PUP.Optional.Omniboxes.A, C:\Users\František\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DYM4XL6S\obw_omniboxes[1].exe, , [1343363c8efc3600139d70d642c41ae6],
PUP.Optional.Protect, C:\Users\František\AppData\Local\Temp\~dl74F6\zdma\tmp\wpm_v20.0.0.1953_0302.exe, , [ef67472b2a601323dc34bd40b94c1de3],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleCrashHandler.exe, , [ee6894dec5c5a690f2c0df68df23bb45],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdate.exe, , [2b2bd1a17d0d1d19189a1037976b16ea],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateBroker.exe, , [62f4b7bbf298b6805e543d0ae81aed13],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateOnDemand.exe, , [094d3d350c7e87afe1d1c483946e0af6],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\goopdate.dll, , [0155aac80c7eb77f8c26e4638280ee12],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\goopdateres_en.dll, , [233374fe0387a98d0aa8024556ac4fb1],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\npGoogleUpdate4.dll, , [58fe6c067713d85ef0c2d671c33f6b95],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\psmachine.dll, , [6fe7cca6ccbea88e09a93f0899696799],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.343544\psuser.dll, , [2333531feaa0ac8a555d53f4679bc23e],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleCrashHandler.exe, , [69ede88a83079d99ffb3083fcf33b947],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdate.exe, , [2333c7ab761456e007abe760df23f20e],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateBroker.exe, , [d383c2b07812c0767a38153235cdbf41],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateOnDemand.exe, , [6ee8fb77107a61d56f43a4a3e41e7090],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\goopdate.dll, , [61f5640e47437db94a68ca7d1ee4c838],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\goopdateres_en.dll, , [b4a2b3bf127851e5664c60e72ad859a7],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\npGoogleUpdate4.dll, , [01554e24b9d155e13d756cdb4eb4a45c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\psmachine.dll, , [7fd7650d206aa294a012ee59669c19e7],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.35643\psuser.dll, , [cc8a78faef9b3ef822905ceb4eb403fd],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleCrashHandler.exe, , [5df93d35b8d2ae88fbb7d47309f930d0],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdate.exe, , [b89e9bd7e6a4d56170420e39e91927d9],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateBroker.exe, , [2333b2c0e4a62a0c0fa3fe499969e61a],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateOnDemand.exe, , [282e0d650b7fec4a3280b196e31f07f9],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\goopdate.dll, , [ef678ce699f15dd9bdf5390ea9591ae6],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\goopdateres_en.dll, , [dc7a462c93f7b581a909ad9a44be4bb5],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\npGoogleUpdate4.dll, , [f85eaec4a3e779bd5e54e76080829d63],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\psmachine.dll, , [2c2ae290d5b582b4a30fd96ec43e58a8],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.446797\psuser.dll, , [3c1a660ce0aa42f4872b63e439c91fe1],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleCrashHandler.exe, , [bb9b9fd34347fe388929d5726b97e31d],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdate.exe, , [490da5cd0a80fd391d95b592fa083bc5],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateBroker.exe, , [ec6a1d55a6e4b086b8fa1b2caa58946c],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateOnDemand.exe, , [ec6a92e095f5ae885161ed5a32d023dd],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\goopdate.dll, , [94c2f87af892d85ebef435120df5eb15],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\goopdateres_en.dll, , [3521cfa3ccbe0432d0e2e2659e646898],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\npGoogleUpdate4.dll, , [0353432ffe8c54e2278bf75022e00000],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\psmachine.dll, , [53039cd65139dc5a8b271d2acf3301ff],
PUP.Optional.ModGoog, C:\Users\František\AppData\Local\Temp\comh.497083\psuser.dll, , [c29491e15e2cba7cedc5ff487a884ab6],
PUP.Optional.OpenCandy, C:\Windows\temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [b3a3640e0c7e181e43088fa4e71f37c9],
PUP.Optional.SkyTech.A, C:\found.008\dir0000.chk\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DLF2UE0H\1[1].zip, , [b6a0e0926a20fb3b5e6cc2438f73b34d],
PUP.Optional.CrossRider.A, C:\found.008\dir0000.chk\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DLF2UE0H\setup[1].exe_a, , [0b4b5d151971bd796c88de123dc4e020],
PUP.Optional.Nova.A, C:\Program Files (x86)\2461ba9b-1a67-4720-ae32-cf36e98948b1\0671d915-b9b9-4ea0-8cc7-755a3b31771f.dll, , [f363b1c126645bdb58bc2ae6ac56e41c],
PUP.Optional.Nova.A, C:\Program Files (x86)\47e7f5cd-09ef-472f-bbf4-535f19986805\856bae31-8c8b-4fee-9483-4c26b467ab84.dll, , [be982a489ceeb383e0347c94b64c0af6],
PUP.Optional.Nova.A, C:\Program Files (x86)\Acronis\2641de78-bdc9-4222-823d-e6fe2b720d0c.dll, , [480e1d55c5c595a17b99030dee1439c7],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a-5.exe, , [4b0b432f2b5fd16586ff77c8ee188b75],
PUP.Optional.Bundle, C:\Program Files (x86)\Microsoft Toolkit Final\Microsoft Toolkit 2.5.3__9465_il66804.exe, , [01552f432466f541c6fede5e59a98977],
PUP.Optional.Nova.A, C:\Program Files (x86)\e62e2e4c-1eb8-43a9-8621-77c29f22f9a8\5177049e-d9b2-4c69-a2f2-e805f8ef0419.dll, , [90c64b275634c57111038f811be7ae52],
PUP.Optional.Softonic, D:\SoftonicDownloader_for_spybot-search-destroy-portable.exe, , [25317df5d6b493a3704f270f28d9ea16],
PUP.Optional.BabylonToolBar.A, D:\stažené soubory\installer_driver_genius_trek_310_trek_310_vista_English.exe, , [96c0482a4644b0864050094053ae0ef2],
PUP.Optional.OpenCandy, D:\stažené soubory\FreemakeVideoConverterSetup.exe, , [8ccaacc65436a78f30891f203bc6db25],
PUP.Optional.OpenCandy, D:\stažené soubory\GOMPLAYERENSETUP.EXE, , [b5a16a0816744fe760eb7bb87c8a6a96],
PUP.Optional.OpenCandy.A, D:\stažené soubory\samsung Ace\MyPhoneExplorer_Setup_1.8.5.exe, , [0650a8ca8ffb74c22b7e59eb51afdb25],
PUP.Optional.Softonic.A, D:\stažené soubory\samsung Ace\SoftonicDownloader_for_mediacell-video-converter.exe, , [094d462c9feb1422c0580052fe031de3],
RiskWare.Tool.CK, D:\stažené soubory\Grafika\Adobe-CS5-Crack.rar, , [084ea7cb3e4c979f969ca34f42bfd22e],
RiskWare.Tool.CK, D:\stažené soubory\Grafika\Adobe CS5 Crack\Adobe CS5 Crack.rar, , [3026452d93f7122477bbfdf5b74afd03],
RiskWare.Tool.CK, D:\stažené soubory\Grafika\Adobe CS5 Crack\keygen.exe, , [93c3b3bfb9d162d4e250dd15c53c7987],
CrackTool.Agent, D:\stažené soubory\Grafika\Adobe CS5 Crack\Patch.exe, , [cd8998da6e1caf87aa2574dd8b767987],
PUP.RiskwareTool.CK, D:\stažené soubory\Grafika\Adobe Illustrator CS6 PROGRAM\Crack\32bit\amtlib.dll, , [371f007229614beb55d225b1be4458a8],
PUP.RiskwareTool.CK, D:\stažené soubory\Grafika\Adobe Illustrator CS6 PROGRAM\Crack\64bit\amtlib.dll, , [76e0d39fa4e6ca6c7bad9343778bfb05],
Malware.Gen, D:\stažené soubory\Grafika\Adobe Photoshop CS5 CZ\Crack\adobe_PS_CS5_keygen.exe, , [72e4dd956b1f1c1aa538256245bbd42c],
PUP.Optional.OutBrowse, D:\stažené soubory\office\Microsoft Toolkit Final.exe, , [5402324090fa46f0a904e758fe04ac54],
PUP.Optional.OpenCandy, D:\stažené soubory\office\dmg-extractor_1.1.1.1.exe, , [0f47660ceb9fdf576edd47ec5ea820e0],
PUP.Optional.TorchMedia, D:\stažené soubory\potÅebné programy\TorchSetup-r20-n-bc.exe, , [de78f18196f455e1fb22aa45936eda26],
PUP.Optional.Downloader, D:\stažené soubory\potÅebné programy\FairUse4W\iskysoft_drm_removal_1.1.1_patch_by_chaos_downloader_133.exe, , [ada91f5358321f17bc3a5ee87e84cd33],
PUP.RiskwareTool.CK, D:\System\program files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll, , [7fd78fe3a3e7dc5a9c8ceaec52b036ca],
PUP.Optional.Omniboxes.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omniboxes.xml, , [f2644929791110267a825e72bd4601ff],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.343544\GoogleUpdateHelper.msi, , [b99df77bf793d26438614466af544eb2],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.35643\GoogleUpdateHelper.msi, , [0f47dc96aae075c1702988228e75fd03],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.446797\GoogleUpdateHelper.msi, , [5501452d117981b59bfefeacf31018e8],
PUP.Optional.GlobalUpdate.A, C:\Users\František\AppData\Local\Temp\comh.497083\GoogleUpdateHelper.msi, , [a4b2b6bcd7b391a50c8dc5e58a7960a0],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a.crx, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\651a091c-7077-47c8-90a6-dcf84162083a.xpi, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\7d6ffb01-ec40-463b-9cc6-b51c6275c580.crx, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\bgNova.html, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.8cV23.03\e9308647-2d06-4400-9430-b5916cd5e579.dll, , [ba9c234f4a40af873234416fac577a86],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, , [1a3c92e0a7e37db944a0ac18877caf51],
PUP.Optional.Omniboxes.A, C:\Users\FrantiÅ¡ek\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\search.json, Dobré: (), Špatné: (omniboxes), ,[73e3f280b1d93501a58cd673e81efe02]
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu logu
Anooooo, ted je to spravne
Doporucuji vsechno odstranit (jsou mezi tim i cracky, u nich clovek nikdy nevi, jestli jsou opravdu ciste, nebo maji i darecek, takze je to na vas). Po odstraneni nalezu a restartu pc tedy udelejte novy test, opet s timto nastavenim. Napiste jeho vysledek a podle nej se zaridime dale.
Doporucuji vsechno odstranit (jsou mezi tim i cracky, u nich clovek nikdy nevi, jestli jsou opravdu ciste, nebo maji i darecek, takze je to na vas). Po odstraneni nalezu a restartu pc tedy udelejte novy test, opet s timto nastavenim. Napiste jeho vysledek a podle nej se zaridime dale.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 5.5.2015
Čas skenování: 13:59:31
Protokol:
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.05.04.03
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: FrantiÅ¡ek
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 838883
Uplynulý čas: 2 hod, 48 min, 3 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.OpenCandy, C:\Windows\temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [6340bfd04c3eee4825f61e1a4fb760a0],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 5.5.2015
Čas skenování: 13:59:31
Protokol:
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.05.04.03
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: FrantiÅ¡ek
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 838883
Uplynulý čas: 2 hod, 48 min, 3 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.OpenCandy, C:\Windows\temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [6340bfd04c3eee4825f61e1a4fb760a0],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu logu
Nalez neni potreba resit, stejne ho odstranim skriptem. MBAM tedy odinstalujte. Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
dobrý den,
omlouvám se za prodlevy, ale nějak mi nezbývá čas...
tady je log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by František (administrator) on FRANTISEK on 13-05-2015 15:40:57
Running from C:\Users\František\Desktop
Loaded Profiles: František (Available profiles: František & Jožka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avast Software s.r.o.) D:\System\program files\avast\AvastSvc.exe
(Avast Software s.r.o.) D:\System\program files\avast\afwServ.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonix) C:\Windows\vsnp2std.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAC8SWK.EXE
(3M) D:\System\program files\post_it\PsnLite.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\System\program files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
(3M) D:\System\program files\post_it\PSNGive.exe
(Dropbox, Inc.) C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software s.r.o.) D:\System\program files\avast\avastui.exe
(Acronis) C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) D:\System\program files\acronis\TrueImageMonitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) D:\Mozilla Thunderbird\thunderbird.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\František\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [snp2std] => C:\Windows\vsnp2std.exe [675840 2006-09-15] (Sonix)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Slu~ba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391144 2010-09-23] (Acronis)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [406944 2007-09-06] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\System\program files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => D:\System\program files\avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2536752 2010-09-02] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => D:\System\program files\acronis\TrueImageMonitor.exe [5502312 2010-09-23] (Acronis)
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Post-it® Software Notes Lite.lnk [2011-03-08]
ShortcutTarget: Post-it® Software Notes Lite.lnk -> D:\System\program files\post_it\PsnLite.exe (3M)
Startup: C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\System\program files\avast\ashShA64.dll [2015-04-23] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-2670680469-1364093197-1783861760-1006\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\System\program files\avast\aswWebRepIE64.dll [2015-04-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\System\program files\avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\System\program files\avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
Toolbar: HKU\S-1-5-21-2670680469-1364093197-1783861760-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-12-19] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-12-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-12] (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-09-02] (Wacom, Inc.)
FF Extension: DownThemAll! - C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-04-01]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\System\program files\avast\WebRep\FF
FF Extension: Avast Online Security - D:\System\program files\avast\WebRep\FF [2014-06-05]
Chrome:
=======
CHR Profile: C:\Users\František\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-30]
CHR Extension: (Google Docs) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-30]
CHR Extension: (YouTube) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-30]
CHR Extension: (Google Search) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Google Sheets) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-30]
CHR Extension: (Bookmark Manager) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Avast Online Security) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-29]
CHR Extension: (Google Wallet) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-13]
CHR Extension: (Gmail) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\System\program files\avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-23]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found]
Opera:
=======
OPR Extension: (No Name) - C:\Users\František\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhongheibdpfhdpfccheljfcabgliidh [2015-03-23]
OPR Extension: (No Name) - C:\Users\František\AppData\Roaming\Opera Software\Opera Stable\Extensions\kcjifdbedkcdkeegnoenkpiphjldpahf [2015-03-23]
OPR Extension: (No Name) - C:\Users\František\AppData\Roaming\Opera Software\Opera Stable\Extensions\knlpigpfaognbholppaembpfphilacie [2015-03-23]
StartMenuInternet: (HKLM) OperaStable - D:\System\program files\opera\Launcher.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-03-09] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; D:\System\program files\avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)
R2 avast! Firewall; D:\System\program files\avast\afwServ.exe [107448 2015-04-23] (Avast Software s.r.o.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-08-26] (Freemake) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-23] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-04-23] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-23] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-04-23] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-23] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-23] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-23] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-23] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-23] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [File not signed]
U5 KMWDFILTER; C:\Windows\System32\Drivers\KMWDFILTER.sys [30208 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [12296704 2006-11-08] ()
S3 SNP2STD; C:\Windows\SysWOW64\DRIVERS\snp2sxp.sys [0 2006-11-08] () <==== ATTENTION (zero size file/folder)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-12-27] () [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [43792 2010-12-22] (Oracle Corporation)
U3 ajnqmesy; C:\Windows\System32\Drivers\ajnqmesy.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 15:40 - 2015-05-13 15:41 - 00024559 _____ () C:\Users\František\Desktop\FRST.txt
2015-05-13 15:40 - 2015-05-13 15:41 - 00000000 ____D () C:\FRST
2015-05-13 15:36 - 2015-05-13 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\František\Desktop\FRSTLauncher.exe
2015-05-12 10:25 - 2015-05-12 10:25 - 00000000 __SHD () C:\found.017
2015-05-11 13:12 - 2015-05-11 13:12 - 02102784 _____ (Farbar) C:\Users\František\Desktop\FRST64.exe
2015-05-06 14:30 - 2015-05-06 14:30 - 00000000 __SHD () C:\found.016
2015-05-04 10:19 - 2015-05-04 10:19 - 00000000 __SHD () C:\found.015
2015-04-30 09:30 - 2015-04-30 09:30 - 00000000 __SHD () C:\found.014
2015-04-28 13:07 - 2015-04-28 13:07 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\František\Desktop\mbam-setup-2.1.6.1022.exe
2015-04-28 10:54 - 2015-04-28 10:54 - 02224640 _____ () C:\Users\František\Desktop\adwcleaner_4.202.exe
2015-04-28 09:40 - 2015-04-28 09:40 - 00000000 __SHD () C:\found.013
2015-04-27 16:39 - 2015-04-27 16:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-27 13:32 - 2015-04-27 13:32 - 00000000 ____D () C:\Users\František\AppData\Local\Opera Software
2015-04-24 09:47 - 2015-04-24 09:48 - 00000000 ____D () C:\rsit
2015-04-23 13:13 - 2015-04-23 13:13 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-04-23 13:13 - 2015-04-23 13:13 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-23 13:13 - 2015-04-23 13:13 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-23 13:13 - 2015-04-23 13:13 - 00000000 ____D () C:\Users\František\AppData\Roaming\OpenOffice
2015-04-23 13:06 - 2015-04-23 13:06 - 00001100 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2015-04-23 13:06 - 2015-04-23 13:06 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2015-04-23 13:05 - 2015-04-23 13:05 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-04-18 09:38 - 2015-04-18 09:38 - 00000000 __SHD () C:\found.012
2015-04-16 09:37 - 2015-04-16 09:37 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 10:29 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 10:29 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 10:29 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 10:29 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:29 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 10:29 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 10:29 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 10:29 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 10:29 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 10:29 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 10:29 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 10:29 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 10:29 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:29 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 10:29 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 10:29 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 10:29 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 10:29 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 10:29 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 10:29 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 10:29 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 10:29 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 10:29 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 10:29 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 10:29 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 10:29 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 10:29 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 10:29 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 10:29 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 10:29 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 10:29 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 10:29 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 10:29 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 10:29 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:29 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 10:29 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 10:29 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 10:29 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 10:29 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 10:29 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 10:29 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-15 10:28 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 10:28 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 10:28 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 10:28 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 16:11 - 2015-04-14 16:32 - 1304518863 _____ () C:\Users\František\Downloads\Návrat blbýho a blbějšího (2014) CZ-Dabing NOVINKY.avi
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 15:10 - 2010-12-20 04:36 - 01839672 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 14:58 - 2015-03-13 09:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-13 09:57 - 2015-03-30 14:09 - 00000000 ____D () C:\Users\František\AppData\Local\Adobe
2015-05-13 09:54 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 09:54 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 09:47 - 2011-09-21 10:34 - 00000000 ____D () C:\Users\František\AppData\Roaming\Dropbox
2015-05-13 09:43 - 2013-11-28 16:06 - 00098914 _____ () C:\Windows\setupact.log
2015-05-13 09:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-12 17:02 - 2015-03-19 14:59 - 00000000 ____D () C:\ZC Portál
2015-05-12 10:42 - 2015-03-19 15:03 - 00001465 _____ () C:\Users\František\Desktop\ZC Portál.lnk
2015-05-12 10:29 - 2014-06-05 15:05 - 00004166 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-11 09:55 - 2015-03-30 17:39 - 00001030 _____ () C:\Users\František\Desktop\Dropbox.lnk
2015-05-11 09:55 - 2011-09-21 10:35 - 00000000 ____D () C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-07 11:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-04 10:21 - 2013-11-29 12:28 - 01463558 _____ () C:\Windows\PFRO.log
2015-05-02 11:34 - 2015-03-13 12:16 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-02 11:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-30 13:43 - 2014-06-05 16:03 - 00000000 ____D () C:\Program Files (x86)\Acronis
2015-04-30 09:32 - 2012-04-27 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-28 17:10 - 2011-03-21 13:27 - 00000000 ____D () C:\Program Files\Vario12
2015-04-28 13:24 - 2015-03-13 13:25 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1426245911
2015-04-28 11:46 - 2012-06-05 10:03 - 00000000 ____D () C:\Users\František\AppData\Roaming\AIMP3
2015-04-28 11:00 - 2015-03-23 12:45 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-28 11:00 - 2015-03-13 13:25 - 00000768 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-04-28 11:00 - 2015-03-13 13:25 - 00000768 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-28 11:00 - 2015-03-13 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-28 11:00 - 2014-04-22 10:02 - 00000000 ____D () C:\AdwCleaner
2015-04-28 11:00 - 2010-12-19 21:42 - 00000977 _____ () C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-28 09:59 - 2015-03-31 13:24 - 00000000 ____D () C:\Users\František\AppData\Local\CrashDumps
2015-04-24 09:47 - 2012-02-29 12:10 - 00000000 ____D () C:\Program Files\trend micro
2015-04-23 15:59 - 2010-12-28 12:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-23 15:57 - 2010-12-28 12:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-04-23 15:46 - 2015-03-30 14:09 - 00116176 _____ () C:\Users\František\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-23 15:43 - 2009-07-14 06:45 - 04985248 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-23 13:21 - 2013-09-10 09:10 - 00009728 _____ () C:\Users\František\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-23 13:13 - 2015-03-23 13:02 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-23 13:13 - 2015-03-23 13:02 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-04-23 11:40 - 2012-10-31 12:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-04-23 11:39 - 2009-07-14 17:36 - 00000000 ____D () C:\Windows\ShellNew
2015-04-23 11:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-04-23 11:36 - 2009-07-14 04:34 - 00000713 _____ () C:\Windows\win.ini
2015-04-22 17:13 - 2015-04-08 10:53 - 00000000 ____D () C:\Users\František\AppData\Local\GHISLER
2015-04-21 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 09:37 - 2014-05-06 17:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 09:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 15:38 - 2010-12-28 15:36 - 01573800 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 15:38 - 2009-07-14 17:18 - 00674676 _____ () C:\Windows\system32\perfh005.dat
2015-04-15 15:38 - 2009-07-14 17:18 - 00144224 _____ () C:\Windows\system32\perfc005.dat
2015-04-15 15:38 - 2009-07-14 07:13 - 01573800 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 11:58 - 2012-07-07 11:38 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 11:58 - 2012-04-11 09:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 11:58 - 2011-10-01 10:53 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2013-09-10 09:10 - 2015-04-23 13:21 - 0009728 _____ () C:\Users\František\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Files to move or delete:
====================
C:\Users\Jožka\PokerStarsBr.exe
Some content of TEMP:
====================
C:\Users\František\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcwmddr.dll
C:\Users\František\AppData\Local\Temp\genteert.dll
C:\Users\František\AppData\Local\Temp\listicka-partner-16194-1.1.8-offline.exe
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\SearchProtocolHost.exe
C:\Windows\SysWOW64\XAudio2_2.dll
C:\Windows\System32\d3dx10_36.dll
C:\Windows\System32\wvc.dll
C:\Windows\SysWOW64\Drivers\snp2sxp.sys
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Available physical RAM: 958.48 MB
Total physical RAM: 3581.55 MB
Percentage of memory in use: 73%
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EYAME.job => C:\Users\Frantiý˙ek\AppData\Roaming\EYAME.exe <==== ATTENTION
Task: C:\Windows\Tasks\HVNQVZ.job => C:\Users\Frantiý˙ek\AppData\Roaming\HVNQVZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\RY.job => C:\Users\Frantiý˙ek\AppData\Roaming\RY.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZUSVZ.job => C:\Users\Frantiý˙ek\AppData\Roaming\ZUSVZ.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:D282699C
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Franti�ek\Desktop" je 1123 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor
C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
omlouvám se za prodlevy, ale nějak mi nezbývá čas...
tady je log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by František (administrator) on FRANTISEK on 13-05-2015 15:40:57
Running from C:\Users\František\Desktop
Loaded Profiles: František (Available profiles: František & Jožka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avast Software s.r.o.) D:\System\program files\avast\AvastSvc.exe
(Avast Software s.r.o.) D:\System\program files\avast\afwServ.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonix) C:\Windows\vsnp2std.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAC8SWK.EXE
(3M) D:\System\program files\post_it\PsnLite.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\System\program files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
(3M) D:\System\program files\post_it\PSNGive.exe
(Dropbox, Inc.) C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software s.r.o.) D:\System\program files\avast\avastui.exe
(Acronis) C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) D:\System\program files\acronis\TrueImageMonitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) D:\Mozilla Thunderbird\thunderbird.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\František\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [snp2std] => C:\Windows\vsnp2std.exe [675840 2006-09-15] (Sonix)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Slu~ba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391144 2010-09-23] (Acronis)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [406944 2007-09-06] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\System\program files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => D:\System\program files\avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2536752 2010-09-02] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => D:\System\program files\acronis\TrueImageMonitor.exe [5502312 2010-09-23] (Acronis)
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Post-it® Software Notes Lite.lnk [2011-03-08]
ShortcutTarget: Post-it® Software Notes Lite.lnk -> D:\System\program files\post_it\PsnLite.exe (3M)
Startup: C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\System\program files\avast\ashShA64.dll [2015-04-23] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-2670680469-1364093197-1783861760-1006\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\System\program files\avast\aswWebRepIE64.dll [2015-04-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\System\program files\avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\System\program files\avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
Toolbar: HKU\S-1-5-21-2670680469-1364093197-1783861760-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-12-19] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-12-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-12] (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-09-02] (Wacom, Inc.)
FF Extension: DownThemAll! - C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-04-01]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\System\program files\avast\WebRep\FF
FF Extension: Avast Online Security - D:\System\program files\avast\WebRep\FF [2014-06-05]
Chrome:
=======
CHR Profile: C:\Users\František\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-30]
CHR Extension: (Google Docs) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-30]
CHR Extension: (YouTube) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-30]
CHR Extension: (Google Search) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Google Sheets) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-30]
CHR Extension: (Bookmark Manager) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Avast Online Security) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-29]
CHR Extension: (Google Wallet) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-13]
CHR Extension: (Gmail) - C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\System\program files\avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-23]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found]
Opera:
=======
OPR Extension: (No Name) - C:\Users\František\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhongheibdpfhdpfccheljfcabgliidh [2015-03-23]
OPR Extension: (No Name) - C:\Users\František\AppData\Roaming\Opera Software\Opera Stable\Extensions\kcjifdbedkcdkeegnoenkpiphjldpahf [2015-03-23]
OPR Extension: (No Name) - C:\Users\František\AppData\Roaming\Opera Software\Opera Stable\Extensions\knlpigpfaognbholppaembpfphilacie [2015-03-23]
StartMenuInternet: (HKLM) OperaStable - D:\System\program files\opera\Launcher.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-03-09] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; D:\System\program files\avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)
R2 avast! Firewall; D:\System\program files\avast\afwServ.exe [107448 2015-04-23] (Avast Software s.r.o.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-08-26] (Freemake) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-23] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-04-23] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-23] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-04-23] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-23] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-23] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-23] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-23] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-23] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [File not signed]
U5 KMWDFILTER; C:\Windows\System32\Drivers\KMWDFILTER.sys [30208 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [12296704 2006-11-08] ()
S3 SNP2STD; C:\Windows\SysWOW64\DRIVERS\snp2sxp.sys [0 2006-11-08] () <==== ATTENTION (zero size file/folder)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-12-27] () [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [43792 2010-12-22] (Oracle Corporation)
U3 ajnqmesy; C:\Windows\System32\Drivers\ajnqmesy.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 15:40 - 2015-05-13 15:41 - 00024559 _____ () C:\Users\František\Desktop\FRST.txt
2015-05-13 15:40 - 2015-05-13 15:41 - 00000000 ____D () C:\FRST
2015-05-13 15:36 - 2015-05-13 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\František\Desktop\FRSTLauncher.exe
2015-05-12 10:25 - 2015-05-12 10:25 - 00000000 __SHD () C:\found.017
2015-05-11 13:12 - 2015-05-11 13:12 - 02102784 _____ (Farbar) C:\Users\František\Desktop\FRST64.exe
2015-05-06 14:30 - 2015-05-06 14:30 - 00000000 __SHD () C:\found.016
2015-05-04 10:19 - 2015-05-04 10:19 - 00000000 __SHD () C:\found.015
2015-04-30 09:30 - 2015-04-30 09:30 - 00000000 __SHD () C:\found.014
2015-04-28 13:07 - 2015-04-28 13:07 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\František\Desktop\mbam-setup-2.1.6.1022.exe
2015-04-28 10:54 - 2015-04-28 10:54 - 02224640 _____ () C:\Users\František\Desktop\adwcleaner_4.202.exe
2015-04-28 09:40 - 2015-04-28 09:40 - 00000000 __SHD () C:\found.013
2015-04-27 16:39 - 2015-04-27 16:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-27 13:32 - 2015-04-27 13:32 - 00000000 ____D () C:\Users\František\AppData\Local\Opera Software
2015-04-24 09:47 - 2015-04-24 09:48 - 00000000 ____D () C:\rsit
2015-04-23 13:13 - 2015-04-23 13:13 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-04-23 13:13 - 2015-04-23 13:13 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-23 13:13 - 2015-04-23 13:13 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-23 13:13 - 2015-04-23 13:13 - 00000000 ____D () C:\Users\František\AppData\Roaming\OpenOffice
2015-04-23 13:06 - 2015-04-23 13:06 - 00001100 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2015-04-23 13:06 - 2015-04-23 13:06 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2015-04-23 13:05 - 2015-04-23 13:05 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-04-18 09:38 - 2015-04-18 09:38 - 00000000 __SHD () C:\found.012
2015-04-16 09:37 - 2015-04-16 09:37 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 10:29 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 10:29 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 10:29 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 10:29 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 10:29 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:29 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 10:29 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 10:29 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 10:29 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 10:29 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 10:29 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 10:29 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 10:29 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 10:29 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 10:29 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:29 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 10:29 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 10:29 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 10:29 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 10:29 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 10:29 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 10:29 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 10:29 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 10:29 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 10:29 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 10:29 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 10:29 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 10:29 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 10:29 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 10:29 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 10:29 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 10:29 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 10:29 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 10:29 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 10:29 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 10:29 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 10:29 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 10:29 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 10:29 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:29 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:29 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 10:29 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 10:29 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 10:29 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 10:29 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 10:29 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 10:29 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-15 10:28 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 10:28 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 10:28 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 10:28 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 16:11 - 2015-04-14 16:32 - 1304518863 _____ () C:\Users\František\Downloads\Návrat blbýho a blbějšího (2014) CZ-Dabing NOVINKY.avi
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-13 15:10 - 2010-12-20 04:36 - 01839672 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 14:58 - 2015-03-13 09:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-13 09:57 - 2015-03-30 14:09 - 00000000 ____D () C:\Users\František\AppData\Local\Adobe
2015-05-13 09:54 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 09:54 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 09:47 - 2011-09-21 10:34 - 00000000 ____D () C:\Users\František\AppData\Roaming\Dropbox
2015-05-13 09:43 - 2013-11-28 16:06 - 00098914 _____ () C:\Windows\setupact.log
2015-05-13 09:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-12 17:02 - 2015-03-19 14:59 - 00000000 ____D () C:\ZC Portál
2015-05-12 10:42 - 2015-03-19 15:03 - 00001465 _____ () C:\Users\František\Desktop\ZC Portál.lnk
2015-05-12 10:29 - 2014-06-05 15:05 - 00004166 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-11 09:55 - 2015-03-30 17:39 - 00001030 _____ () C:\Users\František\Desktop\Dropbox.lnk
2015-05-11 09:55 - 2011-09-21 10:35 - 00000000 ____D () C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-07 11:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-04 10:21 - 2013-11-29 12:28 - 01463558 _____ () C:\Windows\PFRO.log
2015-05-02 11:34 - 2015-03-13 12:16 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-02 11:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-30 13:43 - 2014-06-05 16:03 - 00000000 ____D () C:\Program Files (x86)\Acronis
2015-04-30 09:32 - 2012-04-27 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-28 17:10 - 2011-03-21 13:27 - 00000000 ____D () C:\Program Files\Vario12
2015-04-28 13:24 - 2015-03-13 13:25 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1426245911
2015-04-28 11:46 - 2012-06-05 10:03 - 00000000 ____D () C:\Users\František\AppData\Roaming\AIMP3
2015-04-28 11:00 - 2015-03-23 12:45 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-28 11:00 - 2015-03-13 13:25 - 00000768 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-04-28 11:00 - 2015-03-13 13:25 - 00000768 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-28 11:00 - 2015-03-13 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-28 11:00 - 2014-04-22 10:02 - 00000000 ____D () C:\AdwCleaner
2015-04-28 11:00 - 2010-12-19 21:42 - 00000977 _____ () C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-28 09:59 - 2015-03-31 13:24 - 00000000 ____D () C:\Users\František\AppData\Local\CrashDumps
2015-04-24 09:47 - 2012-02-29 12:10 - 00000000 ____D () C:\Program Files\trend micro
2015-04-23 15:59 - 2010-12-28 12:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-23 15:57 - 2010-12-28 12:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-04-23 15:46 - 2015-03-30 14:09 - 00116176 _____ () C:\Users\František\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-23 15:43 - 2009-07-14 06:45 - 04985248 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-23 13:21 - 2013-09-10 09:10 - 00009728 _____ () C:\Users\František\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-23 13:13 - 2015-03-23 13:02 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-23 13:13 - 2015-03-23 13:02 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-23 13:13 - 2014-06-05 15:04 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-04-23 11:40 - 2012-10-31 12:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-04-23 11:39 - 2009-07-14 17:36 - 00000000 ____D () C:\Windows\ShellNew
2015-04-23 11:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-04-23 11:36 - 2009-07-14 04:34 - 00000713 _____ () C:\Windows\win.ini
2015-04-22 17:13 - 2015-04-08 10:53 - 00000000 ____D () C:\Users\František\AppData\Local\GHISLER
2015-04-21 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 09:37 - 2014-05-06 17:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 09:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 15:38 - 2010-12-28 15:36 - 01573800 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 15:38 - 2009-07-14 17:18 - 00674676 _____ () C:\Windows\system32\perfh005.dat
2015-04-15 15:38 - 2009-07-14 17:18 - 00144224 _____ () C:\Windows\system32\perfc005.dat
2015-04-15 15:38 - 2009-07-14 07:13 - 01573800 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 11:58 - 2012-07-07 11:38 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 11:58 - 2012-04-11 09:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 11:58 - 2011-10-01 10:53 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2013-09-10 09:10 - 2015-04-23 13:21 - 0009728 _____ () C:\Users\František\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Files to move or delete:
====================
C:\Users\Jožka\PokerStarsBr.exe
Some content of TEMP:
====================
C:\Users\František\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcwmddr.dll
C:\Users\František\AppData\Local\Temp\genteert.dll
C:\Users\František\AppData\Local\Temp\listicka-partner-16194-1.1.8-offline.exe
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\SearchProtocolHost.exe
C:\Windows\SysWOW64\XAudio2_2.dll
C:\Windows\System32\d3dx10_36.dll
C:\Windows\System32\wvc.dll
C:\Windows\SysWOW64\Drivers\snp2sxp.sys
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Available physical RAM: 958.48 MB
Total physical RAM: 3581.55 MB
Percentage of memory in use: 73%
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EYAME.job => C:\Users\Frantiý˙ek\AppData\Roaming\EYAME.exe <==== ATTENTION
Task: C:\Windows\Tasks\HVNQVZ.job => C:\Users\Frantiý˙ek\AppData\Roaming\HVNQVZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\RY.job => C:\Users\Frantiý˙ek\AppData\Roaming\RY.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZUSVZ.job => C:\Users\Frantiý˙ek\AppData\Roaming\ZUSVZ.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:D282699C
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Franti�ek\Desktop" je 1123 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor
C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: Prosím o kontrolu logu
ballanc píše:***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Franti�ek\Desktop" je 1123 MB.
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku 
Vypnete trvale Windows Defender Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\...\Run: [AdobeBridge] => [X]
GroupPolicyUsers\S-1-5-21-2670680469-1364093197-1783861760-1006\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-2670680469-1364093197-1783861760-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 sbmntr;SBMNTR; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys [X]
S2 SPDRIVER_1.39.0.1638;SPDRIVER_1.39.0.1638; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.39.0.1638\jsdrv.sys [X]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-23 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-12 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-23 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-12 107848]
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EYAME.job => C:\Users\Frantiý˙ek\AppData\Roaming\EYAME.exe <==== ATTENTION
Task: C:\Windows\Tasks\HVNQVZ.job => C:\Users\Frantiý˙ek\AppData\Roaming\HVNQVZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\RY.job => C:\Users\Frantiý˙ek\AppData\Roaming\RY.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZUSVZ.job => C:\Users\Frantiý˙ek\AppData\Roaming\ZUSVZ.exe <==== ATTENTION
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?