Zde je log FRST.txt, v příloze Addition.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Marek (administrator) on PC-MAREK on 30-05-2015 20:35:28
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_monitor.exe
(Flexera Software LLC) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\lmgrd.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Trace Software International) C:\Program Files\SolidWorks Corp\SolidWorks Electrical\server\EwServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe
(Microsoft Corporation) C:\ProgramData\SolidWorks Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PTC) C:\Program Files\PTC\PTC Portmapper\i486_nt\obj\portmap.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\ws.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
() C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansyslmd.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(forum.viry.cz) C:\Users\Marek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2015-04-07] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2015-04-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2219688963-3035179073-2312985523-1001\...\Run: [Autodesk Sync] => [X]
HKU\S-1-5-21-2219688963-3035179073-2312985523-1001\...\Run: [Spotify Web Helper] => C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-08] (Spotify Ltd)
HKU\S-1-5-21-2219688963-3035179073-2312985523-1001\...\Run: [Spotify] => C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe [7112248 2015-04-08] (Spotify Ltd)
HKU\S-1-5-21-2219688963-3035179073-2312985523-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2014-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2219688963-3035179073-2312985523-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2219688963-3035179073-2312985523-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2219688963-3035179073-2312985523-1001\...\MountPoints2: {203364d7-dd5c-11e4-8256-000272c71b0c} - "N:\setup.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-04-10] ()
Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-04-10] ()
Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe [2015-04-07] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2219688963-3035179073-2312985523-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-03-24] (DVDVideoSoft Ltd.)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-15] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-15] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-03-24] (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E}
http://files.creative.com/Web/softwareu ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://files.creative.com/Web/softwareu ... /CTPID.cab
Winsock: Catalog9 12 C:\Windows\SysWOW64\nutafun4.dll [164144 2009-11-10] (MKS Software Inc.)
Winsock: Catalog9 13 C:\Windows\SysWOW64\nutafun4.dll [164144 2009-11-10] (MKS Software Inc.)
Winsock: Catalog9-x64 12 C:\Windows\system32\nutafun4.dll [205024 2009-11-10] (MKS Software Inc.)
Winsock: Catalog9-x64 13 C:\Windows\system32\nutafun4.dll [205024 2009-11-10] (MKS Software Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\c8pni1to.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-24] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-15] (Oracle Corporation)
FF Plugin-x32: @lattice3d.com/XVL Player -> C:\Program Files\Lattice\Player3_x86\npxvlplay.dll [2015-02-26] (Lattice Technology Co.,Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll [2010-03-27] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-04-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-04-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-04-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-04-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-04-08] (Apple Inc.)
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\c8pni1to.default\searchplugins\googletranslate.xml [2015-04-11]
FF Extension: MEGA - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\c8pni1to.default\Extensions\
firefox@mega.co.nz.xpi [2015-04-16]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\c8pni1to.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-04-07]
FF Extension: Adblock Plus - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\c8pni1to.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-07]
FF Extension: Tab Mix Plus - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\c8pni1to.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-04-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-09]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2015-04-09]
FF HKLM-x32\...\Firefox\Extensions: [
pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-05-02]
Chrome:
=======
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-07]
CHR Extension: (Google Docs) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-07]
CHR Extension: (Google Drive) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-07]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-07]
CHR Extension: (Adblock Plus) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-07]
CHR Extension: (Google Search) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-07]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-04-07]
CHR Extension: (Google Sheets) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-07]
CHR Extension: (Bookmark Manager) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Google Wallet) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-07]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [4854272 2013-10-08] (ANSYS, Inc.) [File not signed]
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 ewserver; C:\Program Files\SolidWorks Corp\SolidWorks Electrical\server\EwServer.exe [193024 2014-01-11] (Trace Software International) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-12] (Autodesk, Inc.)
R2 MSSQL$TEW_SQLEXPRESS; c:\ProgramData\SolidWorks Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] ()
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [563424 2009-11-10] (MKS Software Inc.)
R3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-05-12] ()
R2 PortmapperService; C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [677376 2015-04-09] (PTC) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [235656 2014-01-11] (Mentor Graphics Corporation) [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-04-08] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; c:\ProgramData\SolidWorks Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-04-07] (Disc Soft Ltd)
U3 dtlitescsidrv; C:\Windows\System32\Drivers\dtlitescsidrv.sys [316072 2015-04-07] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-04-07] (Duplex Secure Ltd.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-30 20:35 - 2015-05-30 20:36 - 00025455 _____ () C:\Users\Marek\Desktop\FRST.txt
2015-05-30 20:34 - 2015-05-30 20:35 - 00000000 ____D () C:\FRST
2015-05-30 20:31 - 2015-05-30 20:31 - 00112640 _____ (forum.viry.cz) C:\Users\Marek\Desktop\FRSTLauncher.exe
2015-05-30 20:30 - 2015-05-30 20:30 - 02108928 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2015-05-29 21:33 - 2015-05-30 04:48 - 00007632 _____ () C:\Users\Marek\AppData\Local\resmon.resmoncfg
2015-05-29 19:38 - 2015-05-30 17:03 - 00004970 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for pc-Marek-Marek pc-Marek
2015-05-28 00:47 - 2015-05-28 00:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-05-24 02:19 - 2015-05-24 02:19 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Nitro
2015-05-24 02:17 - 2015-05-24 02:17 - 00001948 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk
2015-05-24 02:17 - 2015-05-24 02:17 - 00000000 ____D () C:\ProgramData\Nitro
2015-05-24 02:17 - 2015-05-24 02:17 - 00000000 ____D () C:\Program Files\Nitro
2015-05-24 02:17 - 2015-05-24 02:17 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2015-05-24 02:17 - 2015-05-24 02:17 - 00000000 ____D () C:\Program Files (x86)\Nitro
2015-05-24 02:17 - 2014-08-01 14:22 - 00029704 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon9.dll
2015-05-24 02:17 - 2014-08-01 14:22 - 00017928 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui9.dll
2015-05-21 10:40 - 2015-05-21 10:40 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Design Science
2015-05-21 10:21 - 2015-05-21 10:43 - 00000000 ____D () C:\Program Files (x86)\MathType
2015-05-21 10:21 - 2015-05-21 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6
2015-05-17 12:29 - 2015-05-17 12:29 - 00304752 _____ () C:\Windows\Minidump\051715-30750-01.dmp
2015-05-16 12:40 - 2015-05-16 12:40 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecoTools
2015-05-16 12:40 - 2015-05-16 12:40 - 00000000 ____D () C:\Program Files (x86)\Seco Tools
2015-05-12 21:02 - 2015-05-12 21:02 - 00000000 ____D () C:\Users\Marek\AppData\Local\PunkBuster
2015-05-12 21:02 - 2015-05-12 21:02 - 00000000 ____D () C:\Users\Marek\AppData\Local\Activision
2015-05-12 20:35 - 2015-05-12 21:02 - 00111928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-12 20:35 - 2015-05-12 20:35 - 00682280 _____ () C:\Windows\SysWOW64\pbsvc.exe
2015-05-12 20:35 - 2015-05-12 20:35 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-07 09:12 - 2015-05-07 09:12 - 00000000 ____D () C:\Users\Marek\AppData\Local\Microsoft_Corporation
2015-05-07 09:10 - 2015-05-07 09:10 - 00000000 ____D () C:\Users\Marek\AppData\Local\Downloaded Installations
2015-05-07 09:10 - 2015-05-07 09:10 - 00000000 ____D () C:\Program Files\Citace.com
2015-05-06 14:26 - 2015-05-06 14:26 - 00000000 _____ () C:\Users\Marek\Sti_Trace.log
2015-05-06 14:15 - 2015-05-06 14:15 - 00000000 ___RD () C:\Users\Marek\AppData\Roaming\Brother
2015-05-06 14:14 - 2015-05-06 14:24 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\ControlCenter4
2015-05-06 14:14 - 2015-05-06 14:14 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\FLEXnet
2015-05-06 14:09 - 2015-05-29 19:40 - 00013425 _____ () C:\Windows\BRRBCOM.INI
2015-05-06 14:09 - 2015-05-06 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-05-06 14:09 - 2015-05-06 14:09 - 00000000 ____D () C:\ProgramData\ControlCenter4
2015-05-06 14:09 - 2015-05-06 14:09 - 00000000 ____D () C:\Program Files (x86)\ControlCenter4
2015-05-06 14:09 - 2015-05-06 14:09 - 00000000 ____D () C:\Program Files (x86)\Browny02
2015-05-06 14:09 - 2015-05-06 14:09 - 00000000 ____D () C:\Brother
2015-05-06 14:09 - 2013-07-12 07:03 - 00251392 ____R (brother) C:\Windows\system32\NSSRH64.dll
2015-05-06 14:09 - 2013-07-03 04:46 - 00065024 ____R (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll
2015-05-06 14:09 - 2013-03-08 08:45 - 00059904 ____R (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll
2015-05-06 14:09 - 2013-03-08 08:44 - 00087040 ____R (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll
2015-05-06 14:09 - 2005-04-22 06:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2015-05-06 14:08 - 2015-05-06 14:09 - 00000000 ____D () C:\Program Files (x86)\Brother
2015-05-06 14:08 - 2014-05-12 10:41 - 00180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL
2015-05-06 14:08 - 2014-05-12 10:41 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL
2015-05-06 14:08 - 2014-05-12 10:41 - 00050688 _____ (Brother Industries Ltd.) C:\Windows\SysWOW64\BRPRTINK.DLL
2015-05-06 14:08 - 2014-05-12 10:41 - 00045056 _____ () C:\Windows\SysWOW64\BRTCPCON.DLL
2015-05-06 14:08 - 2014-05-12 10:41 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL
2015-05-06 14:08 - 2014-05-12 10:41 - 00000114 _____ () C:\Windows\SysWOW64\BRLMW03A.INI
2015-05-06 14:08 - 2014-05-11 18:05 - 00227840 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRCOI14A.DLL
2015-05-06 14:08 - 2014-02-24 05:34 - 01442816 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWi213b.dll
2015-05-06 14:08 - 2013-12-26 20:18 - 00002560 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2015-05-06 14:08 - 2013-07-12 14:03 - 00214016 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2015-05-06 14:08 - 2011-09-08 11:36 - 00279040 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrJDec.dll
2015-05-06 14:08 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2015-05-06 14:08 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2015-05-06 13:54 - 2015-05-06 13:54 - 00000000 ____D () C:\ProgramData\zeon
2015-05-06 13:54 - 2015-05-06 13:54 - 00000000 ____D () C:\Program Files\Nuance
2015-05-06 13:53 - 2015-05-06 13:54 - 00000000 ____D () C:\ProgramData\Nuance
2015-05-06 13:53 - 2015-05-06 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
2015-05-06 13:53 - 2015-05-06 13:54 - 00000000 ____D () C:\Program Files (x86)\Nuance
2015-05-06 13:53 - 2015-05-06 13:53 - 00001886 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2015-05-06 13:53 - 2015-05-06 13:53 - 00000000 ____D () C:\Users\Marek\Documents\MyWebPages
2015-05-06 13:53 - 2015-05-06 13:53 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Nuance
2015-05-06 13:53 - 2015-05-06 13:53 - 00000000 ____D () C:\ProgramData\ScanSoft
2015-05-06 13:50 - 2015-05-06 13:50 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-05-06 13:49 - 2015-05-06 13:49 - 00000000 ____D () C:\ProgramData\Brother
2015-05-02 12:51 - 2015-05-25 01:08 - 00001834 _____ () C:\Users\Marek\Documents\plot.log
2015-05-02 12:51 - 2015-05-02 12:51 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\PDF Producer
2015-05-02 12:24 - 2015-05-09 13:10 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\PDF Architect 3
2015-05-02 12:24 - 2015-05-02 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 3
2015-05-02 12:23 - 2015-05-02 12:24 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 3
2015-05-02 12:23 - 2015-05-02 12:23 - 00000000 ____D () C:\Users\Marek\Documents\PDF Architect
2015-05-02 12:15 - 2015-05-02 12:15 - 00000000 ____D () C:\ProgramData\PDF Architect 3
2015-05-02 12:14 - 2015-05-02 12:48 - 00000000 ____D () C:\Program Files\PDFCreator
2015-05-02 12:14 - 2015-05-02 12:15 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-05-02 12:14 - 2015-05-02 12:14 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\pdfforge
2015-05-02 12:14 - 2015-05-02 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-30 20:12 - 2015-04-07 14:00 - 01272160 _____ () C:\Windows\WindowsUpdate.log
2015-05-30 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-30 18:57 - 2015-04-07 15:21 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-30 18:46 - 2015-04-07 15:31 - 00000978 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 17:46 - 2015-04-07 15:31 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 21:32 - 2015-04-11 12:22 - 00000000 ____D () C:\Users\Marek\AppData\Local\CrashDumps
2015-05-29 19:32 - 2015-04-07 14:00 - 00000000 ____D () C:\Users\Marek\AppData\Local\Packages
2015-05-29 16:10 - 2015-04-07 22:03 - 02277376 ___SH () C:\Users\Marek\Desktop\Thumbs.db
2015-05-28 06:48 - 2015-04-09 22:46 - 00000000 ____D () C:\Users\Marek\AppData\Local\Deployment
2015-05-28 00:52 - 2013-08-22 16:46 - 00037119 _____ () C:\Windows\setupact.log
2015-05-26 10:17 - 2015-04-07 14:06 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2219688963-3035179073-2312985523-1001
2015-05-24 03:05 - 2015-04-07 14:22 - 00000000 ____D () C:\Users\Marek\Desktop\Programy a systém
2015-05-24 02:23 - 2015-04-07 19:59 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Nitro PDF
2015-05-24 02:16 - 2015-04-07 19:57 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Downloaded Installations
2015-05-24 02:16 - 2015-04-07 15:21 - 00003802 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-24 02:16 - 2015-04-07 15:21 - 00000000 ____D () C:\Users\Marek\AppData\Local\Adobe
2015-05-24 02:14 - 2015-04-07 14:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-24 02:14 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-24 02:14 - 2013-08-22 16:44 - 05310208 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-22 21:21 - 2015-04-08 11:30 - 00000000 ____D () C:\Users\Marek\Documents\Inventor
2015-05-21 10:52 - 2014-03-18 17:33 - 01990854 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-21 10:52 - 2014-03-18 16:54 - 00824518 _____ () C:\Windows\system32\perfh005.dat
2015-05-21 10:52 - 2014-03-18 16:54 - 00185518 _____ () C:\Windows\system32\perfc005.dat
2015-05-18 07:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-17 17:41 - 2015-04-07 15:31 - 00003950 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 17:41 - 2015-04-07 15:31 - 00003714 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 12:30 - 2015-04-07 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-17 12:29 - 2015-04-09 00:42 - 580992825 _____ () C:\Windows\MEMORY.DMP
2015-05-17 12:29 - 2015-04-09 00:42 - 00000000 ____D () C:\Windows\Minidump
2015-05-17 02:44 - 2015-04-07 14:00 - 00000000 ____D () C:\Users\Marek
2015-05-16 14:24 - 2015-04-07 18:21 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Skype
2015-05-14 00:19 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-12 20:52 - 2015-04-07 14:50 - 00080061 _____ () C:\Windows\DirectX.log
2015-05-12 20:35 - 2015-04-07 14:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-12 20:25 - 2015-04-08 18:38 - 00000000 ____D () C:\Hry
2015-05-06 15:59 - 2015-04-08 18:15 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Ansys
2015-05-06 14:12 - 2014-03-18 09:20 - 00012514 _____ () C:\Windows\PFRO.log
2015-05-06 13:53 - 2015-04-07 15:15 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-05-03 16:22 - 2015-04-07 15:04 - 00000000 ____D () C:\Users\Marek\AppData\Local\Autodesk
2015-05-02 12:13 - 2015-04-08 16:32 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
==================== Files in the root of some directories =======
2015-04-07 17:02 - 2015-04-07 17:02 - 0069441 _____ () C:\Users\Marek\AppData\Local\1DC8B7A7_stp.CIS
2015-04-07 17:02 - 2015-04-07 17:02 - 0000309 _____ () C:\Users\Marek\AppData\Local\1DC8B7A7_stp.CIS.part
2015-04-07 17:02 - 2015-04-07 17:02 - 0121571 _____ () C:\Users\Marek\AppData\Local\38456782_stp.CIS
2015-04-07 17:02 - 2015-04-07 17:02 - 0000298 _____ () C:\Users\Marek\AppData\Local\38456782_stp.CIS.part
2015-04-07 17:02 - 2015-04-07 17:02 - 0385602 _____ () C:\Users\Marek\AppData\Local\5D515C96_stp.CIS
2015-04-07 17:02 - 2015-04-07 17:02 - 0000220 _____ () C:\Users\Marek\AppData\Local\5D515C96_stp.CIS.part
2015-04-07 17:02 - 2015-04-07 17:02 - 0691328 _____ (Opera Software) C:\Users\Marek\AppData\Local\694C50D0_stp.EXE
2015-04-07 17:02 - 2015-04-07 17:02 - 0000199 _____ () C:\Users\Marek\AppData\Local\694C50D0_stp.EXE.part
2015-04-07 17:02 - 2015-04-07 17:02 - 0178814 _____ () C:\Users\Marek\AppData\Local\754A5C3C_stp.CIS
2015-04-07 17:02 - 2015-04-07 17:02 - 0000254 _____ () C:\Users\Marek\AppData\Local\754A5C3C_stp.CIS.part
2015-05-29 21:33 - 2015-05-30 04:48 - 0007632 _____ () C:\Users\Marek\AppData\Local\resmon.resmoncfg
2015-04-07 15:04 - 2015-04-07 15:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Marek\AppData\Local\Temp\AcDeltree.exe
C:\Users\Marek\AppData\Local\Temp\AskSLib.dll
C:\Users\Marek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprmkvkm.dll
C:\Users\Marek\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Marek\AppData\Local\Temp\foGOCxOwzryIeOcZGOGh.DLL
C:\Users\Marek\AppData\Local\Temp\IiTzdHReeMshdukKsNnc.DLL
C:\Users\Marek\AppData\Local\Temp\InstallAX.exe
C:\Users\Marek\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Marek\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Marek\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Marek\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Marek\AppData\Local\Temp\nvStInst.exe
C:\Users\Marek\AppData\Local\Temp\_is7FAD.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-30 02:08
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:931.17 GB) (Free:743.22 GB) NTFS
Drive l: (WD My Book Essential 3TB) (Fixed) (Total:2794.49 GB) (Free:582.66 GB) NTFS
Available physical RAM: 3481.06 MB
Total physical RAM: 6143.05 MB
Percentage of memory in use: 43%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D9BE91F8)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2014b Startup Accelerator.job => C:\Program Files\MATLAB\R2014b\bin\win64\MATLABStartupAccelerator.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marek\Desktop" je 10 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Přispějete na provoz fóra?