Preventivka
Napsal: 12 čer 2015 21:42
Zdravím, prosím o preventivní kontrolu. Mám podezření na nekalý soft, protože procesor občas vyskočí na několik sekund až na 60 procent, přitom správce úloh neukazuje v procesech téměř žádnou aktivitu. Děkuji
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014 (ATTENTION: ====> FRST version is 479 days old and could be outdated)
Ran by caesar (administrator) on CAESAR-PC on 12-06-2015 22:27:49
Running from C:\Users\caesar\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(一普明为(北京)信息技术有限公司) D:\soft\viry.cz\PCHunter_free\PCHunter64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(forum.viry.cz) C:\Users\caesar\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16413288 2010-02-10] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2706216 2011-02-25] (Synaptics Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271168 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [ZALFree] - C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [8201704 2014-12-15] (Zemana Ltd.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] - C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKU\S-1-5-21-1214931475-1963704409-3014128974-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1214931475-1963704409-3014128974-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1214931475-1963704409-3014128974-1000\...\Policies\Explorer: []
Startup: C:\Users\caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\caesar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\settings manager\smdmf\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\settings manager\smdmf\sysapcrt.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={4C ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKCU - {B9F85D51-BF5A-4CA7-BC9D-28B17E7059E6} URL = http://websearch.ask.com/redirect?clien ... 1D0691413D
SearchScopes: HKCU - {E9DB9E7B-A275-41D1-8158-D0423FBEBDEB} URL = http://www.google.com/cse?cx=partner-pu ... earchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.786\AVG SafeGuard toolbar_toolbar.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.167
FireFox:
========
FF ProfilePath: C:\Users\caesar\AppData\Roaming\Mozilla\Firefox\Profiles\5m522e8w.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
Chrome:
=======
CHR Extension: (Google Slides) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-08]
CHR Extension: (Google Docs) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-08]
CHR Extension: (Google Drive) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-08]
CHR Extension: (Web2PDFConverter) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk [2014-09-27]
CHR Extension: (YouTube) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-20]
CHR Extension: ($selector$ is not a valid CSS selector) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-10]
CHR Extension: (Remember The Milk) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdiaibgndcpagmnpkjoelgfkommjbni [2014-09-10]
CHR Extension: (Google Search) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-20]
CHR Extension: (Play.cz) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacomocbpihfdldecacpjedmmcbdgdop [2014-09-10]
CHR Extension: (Google Calendar) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-09-27]
CHR Extension: (myVocabu) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoakpbajjmgoheogkoblfhbbdacjdjm [2014-09-23]
CHR Extension: (Google Sheets) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-08]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-09-11]
CHR Extension: (Google Wallet) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Gmail) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 Agent; C:\Windows\VPDAgent_x64.exe [156672 2012-11-20] (Two Pilots)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [12600 2012-03-26] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [291696 2012-03-26] (Microsoft Corporation)
S4 NMSAccess; C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe [71096 2009-01-12] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-09-14] ()
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S2 SensorsVService; C:\Program Files (x86)\SensorsViewPro42\svservice.exe [935424 2011-12-02] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S4 cmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [X]
S2 SmdmFService; C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe [X]
==================== Drivers (Whitelisted) ====================
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 DSO21501; C:\Windows\System32\Drivers\DSO2150AMD641.sys [27952 2010-01-28] (Hantek)
S3 DSO21502; C:\Windows\System32\Drivers\DSO2150AMD642.SYS [46256 2010-01-28] (Hantek)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-17] (Disc Soft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-10-05] (COMODO)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-15] (Zemana Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [98688 2012-03-20] (Microsoft Corporation)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-06-11] (Audials AG)
R1 sensorsview; C:\Program Files (x86)\SensorsViewPro42\drv\sensorsview32_64.sys [14544 2008-07-26] (OpenLibSys.org)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-02-27] ()
S3 WIN64AST; D:\soft\viry.cz\win64ST\WIN64AST.sys [500904 2013-01-01] ()
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (ZTE Incorporated)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R1 cmdGuard; System32\DRIVERS\cmdguard.sys [X]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2015-06-12 22:27 - 2015-06-12 22:28 - 00016578 _____ () C:\Users\caesar\Desktop\FRST.txt
2015-06-12 22:26 - 2015-06-12 22:27 - 00000000 ____D () C:\FRST
2015-06-12 22:25 - 2014-02-20 17:58 - 00112640 _____ (forum.viry.cz) C:\Users\caesar\Desktop\FRSTLauncher.exe
2015-06-12 22:25 - 2014-02-20 17:56 - 02153472 _____ (Farbar) C:\Users\caesar\Desktop\FRST64.exe
2015-06-07 19:09 - 2015-06-07 19:12 - 00000000 ____D () C:\Users\caesar\Desktop\fichtl sraz 2015
2015-06-07 09:20 - 2015-06-07 09:22 - 00000000 ____D () C:\Users\caesar\Desktop\2015 plan
2015-06-02 19:25 - 2015-06-02 19:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-28 16:17 - 2015-05-28 16:17 - 00000000 __SHD () C:\found.001
2015-05-26 18:35 - 2015-05-26 18:35 - 00000000 ____D () C:\Nepojmenovaná složka
2015-05-26 15:58 - 2015-05-26 15:59 - 00053848 _____ () C:\Users\caesar\Downloads\Audacity 1.2.6 Downloader.exe
2015-05-26 15:49 - 2015-05-26 15:49 - 01847957 _____ () C:\Users\caesar\Downloads\Audacity.rar
2015-05-26 15:46 - 2015-05-26 15:46 - 00733344 _____ () C:\Users\caesar\Downloads\audacity-lista-centrumcz.exe
2015-05-21 17:10 - 2015-06-12 21:53 - 00001684 _____ () C:\Windows\setupact.log
2015-05-21 17:10 - 2015-05-21 17:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-21 17:09 - 2015-06-07 07:12 - 00004084 _____ () C:\Windows\PFRO.log
2015-05-20 09:38 - 2015-05-20 09:38 - 01852512 _____ () C:\Users\caesar\Downloads\426156.dwg
2015-05-19 11:46 - 2015-05-19 11:46 - 00001151 _____ () C:\Users\caesar\Desktop\StopPC.lnk
2015-05-19 09:55 - 2015-05-19 09:55 - 00000000 ____D () C:\ProgramData\PCSCHEMATIC
2015-05-18 22:49 - 2009-09-17 07:05 - 00145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys
2015-05-18 22:47 - 2015-05-18 22:47 - 00000000 ____D () C:\Users\caesar\Documents\Downloaded Installations
2015-05-18 22:42 - 2015-05-20 13:31 - 00000000 ____D () C:\Program Files\PCSELCAD
2015-05-13 19:00 - 2015-05-13 19:00 - 01995776 _____ () C:\Users\caesar\Downloads\04 - 11 - MSA.ppt
2015-05-13 18:56 - 2015-05-13 18:56 - 00229888 _____ () C:\Users\caesar\Downloads\MSA-RR.xls
2015-05-13 18:47 - 2015-05-13 18:47 - 03719168 _____ () C:\Users\caesar\Downloads\Animace 13 - MSA.pps
==================== One Month Modified Files and Folders =======
2015-06-12 22:28 - 2015-06-12 22:27 - 00016578 _____ () C:\Users\caesar\Desktop\FRST.txt
2015-06-12 22:27 - 2015-06-12 22:26 - 00000000 ____D () C:\FRST
2015-06-12 22:23 - 2014-05-08 22:51 - 01850137 _____ () C:\Windows\WindowsUpdate.log
2015-06-12 22:12 - 2012-12-04 17:36 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-12 22:11 - 2009-07-14 06:45 - 00016928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-12 22:11 - 2009-07-14 06:45 - 00016928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-12 22:07 - 2012-02-27 13:55 - 00000000 ____D () C:\Users\caesar\AppData\Local\Adobe
2015-06-12 22:02 - 2014-11-17 22:04 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\Skype
2015-06-12 22:00 - 2014-04-21 20:00 - 00097948 _____ () C:\Users\caesar\Network_Meter_Data.js
2015-06-12 21:56 - 2014-04-21 19:27 - 00001085 _____ () C:\Users\caesar\IP_Log_Data.js
2015-06-12 21:56 - 2012-12-07 13:49 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\Dropbox
2015-06-12 21:53 - 2015-05-21 17:10 - 00001684 _____ () C:\Windows\setupact.log
2015-06-12 21:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-10 19:21 - 2013-03-29 10:55 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\vlc
2015-06-09 17:33 - 2012-03-22 21:10 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-06-07 19:12 - 2015-06-07 19:09 - 00000000 ____D () C:\Users\caesar\Desktop\fichtl sraz 2015
2015-06-07 18:37 - 2012-06-27 08:55 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\KeePass
2015-06-07 09:22 - 2015-06-07 09:20 - 00000000 ____D () C:\Users\caesar\Desktop\2015 plan
2015-06-07 07:12 - 2015-05-21 17:09 - 00004084 _____ () C:\Windows\PFRO.log
2015-06-07 07:12 - 2015-05-03 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-05 18:02 - 2014-04-24 22:43 - 00000027 _____ () C:\Users\caesar\AppData\Roaming\Network Meter_Usage.ini
2015-06-02 19:59 - 2015-06-02 19:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-06-02 05:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-06-01 05:37 - 2014-11-17 22:03 - 00000000 ____D () C:\ProgramData\Skype
2015-05-31 20:33 - 2012-02-13 19:51 - 00000000 ___RD () C:\Users\caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2015-05-28 16:27 - 2014-11-17 22:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-28 16:17 - 2015-05-28 16:17 - 00000000 __SHD () C:\found.001
2015-05-26 18:35 - 2015-05-26 18:35 - 00000000 ____D () C:\Nepojmenovaná složka
2015-05-26 16:05 - 2009-07-14 07:08 - 00032544 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-26 15:59 - 2015-05-26 15:58 - 00053848 _____ () C:\Users\caesar\Downloads\Audacity 1.2.6 Downloader.exe
2015-05-26 15:49 - 2015-05-26 15:49 - 01847957 _____ () C:\Users\caesar\Downloads\Audacity.rar
2015-05-26 15:46 - 2015-05-26 15:46 - 00733344 _____ () C:\Users\caesar\Downloads\audacity-lista-centrumcz.exe
2015-05-24 18:05 - 2009-07-14 17:18 - 00738214 _____ () C:\Windows\system32\perfh005.dat
2015-05-24 18:05 - 2009-07-14 17:18 - 00167804 _____ () C:\Windows\system32\perfc005.dat
2015-05-24 18:05 - 2009-07-14 07:13 - 01779452 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-21 17:17 - 2012-12-07 13:49 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-21 17:10 - 2015-05-21 17:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-21 17:09 - 2014-11-12 19:34 - 00000000 ____D () C:\Users\caesar\AppData\Local\Akamai
2015-05-20 13:31 - 2015-05-18 22:42 - 00000000 ____D () C:\Program Files\PCSELCAD
2015-05-20 09:38 - 2015-05-20 09:38 - 01852512 _____ () C:\Users\caesar\Downloads\426156.dwg
2015-05-19 12:23 - 2012-10-15 07:59 - 00000000 ____D () C:\Windows\Minidump
2015-05-19 12:23 - 2012-02-27 20:20 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\DAEMON Tools Lite
2015-05-19 11:46 - 2015-05-19 11:46 - 00001151 _____ () C:\Users\caesar\Desktop\StopPC.lnk
2015-05-19 11:46 - 2015-01-24 11:24 - 00000000 ____D () C:\Users\caesar\Desktop\Plocha II
2015-05-19 11:18 - 2014-04-21 19:28 - 00000000 ____D () C:\Users\caesar\AppData\Local\AVG SafeGuard toolbar
2015-05-19 09:55 - 2015-05-19 09:55 - 00000000 ____D () C:\ProgramData\PCSCHEMATIC
2015-05-18 22:47 - 2015-05-18 22:47 - 00000000 ____D () C:\Users\caesar\Documents\Downloaded Installations
2015-05-16 18:07 - 2012-12-04 17:36 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 18:07 - 2012-12-04 17:36 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 18:07 - 2012-12-04 17:36 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 19:00 - 2015-05-13 19:00 - 01995776 _____ () C:\Users\caesar\Downloads\04 - 11 - MSA.ppt
2015-05-13 18:56 - 2015-05-13 18:56 - 00229888 _____ () C:\Users\caesar\Downloads\MSA-RR.xls
2015-05-13 18:47 - 2015-05-13 18:47 - 03719168 _____ () C:\Users\caesar\Downloads\Animace 13 - MSA.pps
Files to move or delete:
====================
C:\Users\caesar\IP_Log_Data.js
C:\Users\caesar\Network_Meter_Data.js
Some content of TEMP:
====================
C:\Users\caesar\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpo_aghi.dll
C:\Users\caesar\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2015-01-16 23:20] - [2014-07-17 04:07] - 0455168 ____A (Microsoft Corporation) 8CEBD9D0A0A879CDE9F36F4383B7CAEA
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Reduce PDF Size (x32 Version: - reducepdfsize.com)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {2C040BB5-2B06-7275-5A21-2B969A740B4B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\caesar\Desktop" je 2430 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3
C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\caesar\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarX7Mouse5Mode
"C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitmeter2.lnk
C:\PROGRA~2\Codebox\BitMeter\BITMET~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HD Writer.lnk
C:\PROGRA~2\COMMON~1\PANASO~1\HDWRIT~1\HDWRIT~1.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~2\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk
C:\PROGRA~2\Comodo\GEEKBU~1\launcher.exe "unit_manager.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\caesar\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SpeedFan.lnk
C:\PROGRA~2\SpeedFan\speedfan.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~2\MICROS~2\Office12\ONENOTEM.EXE /tsr [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014 (ATTENTION: ====> FRST version is 479 days old and could be outdated)
Ran by caesar (administrator) on CAESAR-PC on 12-06-2015 22:27:49
Running from C:\Users\caesar\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(一普明为(北京)信息技术有限公司) D:\soft\viry.cz\PCHunter_free\PCHunter64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(forum.viry.cz) C:\Users\caesar\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16413288 2010-02-10] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2706216 2011-02-25] (Synaptics Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271168 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [ZALFree] - C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [8201704 2014-12-15] (Zemana Ltd.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] - C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKU\S-1-5-21-1214931475-1963704409-3014128974-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1214931475-1963704409-3014128974-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1214931475-1963704409-3014128974-1000\...\Policies\Explorer: []
Startup: C:\Users\caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\caesar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\settings manager\smdmf\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\settings manager\smdmf\sysapcrt.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={4C ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKCU - {B9F85D51-BF5A-4CA7-BC9D-28B17E7059E6} URL = http://websearch.ask.com/redirect?clien ... 1D0691413D
SearchScopes: HKCU - {E9DB9E7B-A275-41D1-8158-D0423FBEBDEB} URL = http://www.google.com/cse?cx=partner-pu ... earchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.786\AVG SafeGuard toolbar_toolbar.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.167
FireFox:
========
FF ProfilePath: C:\Users\caesar\AppData\Roaming\Mozilla\Firefox\Profiles\5m522e8w.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
Chrome:
=======
CHR Extension: (Google Slides) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-08]
CHR Extension: (Google Docs) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-08]
CHR Extension: (Google Drive) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-08]
CHR Extension: (Web2PDFConverter) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk [2014-09-27]
CHR Extension: (YouTube) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-20]
CHR Extension: ($selector$ is not a valid CSS selector) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-10]
CHR Extension: (Remember The Milk) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdiaibgndcpagmnpkjoelgfkommjbni [2014-09-10]
CHR Extension: (Google Search) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-20]
CHR Extension: (Play.cz) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacomocbpihfdldecacpjedmmcbdgdop [2014-09-10]
CHR Extension: (Google Calendar) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-09-27]
CHR Extension: (myVocabu) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoakpbajjmgoheogkoblfhbbdacjdjm [2014-09-23]
CHR Extension: (Google Sheets) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-08]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-09-11]
CHR Extension: (Google Wallet) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Gmail) - C:\Users\caesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 Agent; C:\Windows\VPDAgent_x64.exe [156672 2012-11-20] (Two Pilots)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [12600 2012-03-26] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [291696 2012-03-26] (Microsoft Corporation)
S4 NMSAccess; C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe [71096 2009-01-12] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-09-14] ()
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S2 SensorsVService; C:\Program Files (x86)\SensorsViewPro42\svservice.exe [935424 2011-12-02] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S4 cmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [X]
S2 SmdmFService; C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe [X]
==================== Drivers (Whitelisted) ====================
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 DSO21501; C:\Windows\System32\Drivers\DSO2150AMD641.sys [27952 2010-01-28] (Hantek)
S3 DSO21502; C:\Windows\System32\Drivers\DSO2150AMD642.SYS [46256 2010-01-28] (Hantek)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-17] (Disc Soft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-10-05] (COMODO)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-15] (Zemana Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [98688 2012-03-20] (Microsoft Corporation)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-06-11] (Audials AG)
R1 sensorsview; C:\Program Files (x86)\SensorsViewPro42\drv\sensorsview32_64.sys [14544 2008-07-26] (OpenLibSys.org)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-02-27] ()
S3 WIN64AST; D:\soft\viry.cz\win64ST\WIN64AST.sys [500904 2013-01-01] ()
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (ZTE Incorporated)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R1 cmdGuard; System32\DRIVERS\cmdguard.sys [X]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2015-06-12 22:27 - 2015-06-12 22:28 - 00016578 _____ () C:\Users\caesar\Desktop\FRST.txt
2015-06-12 22:26 - 2015-06-12 22:27 - 00000000 ____D () C:\FRST
2015-06-12 22:25 - 2014-02-20 17:58 - 00112640 _____ (forum.viry.cz) C:\Users\caesar\Desktop\FRSTLauncher.exe
2015-06-12 22:25 - 2014-02-20 17:56 - 02153472 _____ (Farbar) C:\Users\caesar\Desktop\FRST64.exe
2015-06-07 19:09 - 2015-06-07 19:12 - 00000000 ____D () C:\Users\caesar\Desktop\fichtl sraz 2015
2015-06-07 09:20 - 2015-06-07 09:22 - 00000000 ____D () C:\Users\caesar\Desktop\2015 plan
2015-06-02 19:25 - 2015-06-02 19:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-28 16:17 - 2015-05-28 16:17 - 00000000 __SHD () C:\found.001
2015-05-26 18:35 - 2015-05-26 18:35 - 00000000 ____D () C:\Nepojmenovaná složka
2015-05-26 15:58 - 2015-05-26 15:59 - 00053848 _____ () C:\Users\caesar\Downloads\Audacity 1.2.6 Downloader.exe
2015-05-26 15:49 - 2015-05-26 15:49 - 01847957 _____ () C:\Users\caesar\Downloads\Audacity.rar
2015-05-26 15:46 - 2015-05-26 15:46 - 00733344 _____ () C:\Users\caesar\Downloads\audacity-lista-centrumcz.exe
2015-05-21 17:10 - 2015-06-12 21:53 - 00001684 _____ () C:\Windows\setupact.log
2015-05-21 17:10 - 2015-05-21 17:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-21 17:09 - 2015-06-07 07:12 - 00004084 _____ () C:\Windows\PFRO.log
2015-05-20 09:38 - 2015-05-20 09:38 - 01852512 _____ () C:\Users\caesar\Downloads\426156.dwg
2015-05-19 11:46 - 2015-05-19 11:46 - 00001151 _____ () C:\Users\caesar\Desktop\StopPC.lnk
2015-05-19 09:55 - 2015-05-19 09:55 - 00000000 ____D () C:\ProgramData\PCSCHEMATIC
2015-05-18 22:49 - 2009-09-17 07:05 - 00145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys
2015-05-18 22:47 - 2015-05-18 22:47 - 00000000 ____D () C:\Users\caesar\Documents\Downloaded Installations
2015-05-18 22:42 - 2015-05-20 13:31 - 00000000 ____D () C:\Program Files\PCSELCAD
2015-05-13 19:00 - 2015-05-13 19:00 - 01995776 _____ () C:\Users\caesar\Downloads\04 - 11 - MSA.ppt
2015-05-13 18:56 - 2015-05-13 18:56 - 00229888 _____ () C:\Users\caesar\Downloads\MSA-RR.xls
2015-05-13 18:47 - 2015-05-13 18:47 - 03719168 _____ () C:\Users\caesar\Downloads\Animace 13 - MSA.pps
==================== One Month Modified Files and Folders =======
2015-06-12 22:28 - 2015-06-12 22:27 - 00016578 _____ () C:\Users\caesar\Desktop\FRST.txt
2015-06-12 22:27 - 2015-06-12 22:26 - 00000000 ____D () C:\FRST
2015-06-12 22:23 - 2014-05-08 22:51 - 01850137 _____ () C:\Windows\WindowsUpdate.log
2015-06-12 22:12 - 2012-12-04 17:36 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-12 22:11 - 2009-07-14 06:45 - 00016928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-12 22:11 - 2009-07-14 06:45 - 00016928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-12 22:07 - 2012-02-27 13:55 - 00000000 ____D () C:\Users\caesar\AppData\Local\Adobe
2015-06-12 22:02 - 2014-11-17 22:04 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\Skype
2015-06-12 22:00 - 2014-04-21 20:00 - 00097948 _____ () C:\Users\caesar\Network_Meter_Data.js
2015-06-12 21:56 - 2014-04-21 19:27 - 00001085 _____ () C:\Users\caesar\IP_Log_Data.js
2015-06-12 21:56 - 2012-12-07 13:49 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\Dropbox
2015-06-12 21:53 - 2015-05-21 17:10 - 00001684 _____ () C:\Windows\setupact.log
2015-06-12 21:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-10 19:21 - 2013-03-29 10:55 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\vlc
2015-06-09 17:33 - 2012-03-22 21:10 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-06-07 19:12 - 2015-06-07 19:09 - 00000000 ____D () C:\Users\caesar\Desktop\fichtl sraz 2015
2015-06-07 18:37 - 2012-06-27 08:55 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\KeePass
2015-06-07 09:22 - 2015-06-07 09:20 - 00000000 ____D () C:\Users\caesar\Desktop\2015 plan
2015-06-07 07:12 - 2015-05-21 17:09 - 00004084 _____ () C:\Windows\PFRO.log
2015-06-07 07:12 - 2015-05-03 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-05 18:02 - 2014-04-24 22:43 - 00000027 _____ () C:\Users\caesar\AppData\Roaming\Network Meter_Usage.ini
2015-06-02 19:59 - 2015-06-02 19:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-06-02 05:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-06-01 05:37 - 2014-11-17 22:03 - 00000000 ____D () C:\ProgramData\Skype
2015-05-31 20:33 - 2012-02-13 19:51 - 00000000 ___RD () C:\Users\caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2015-05-28 16:27 - 2014-11-17 22:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-28 16:17 - 2015-05-28 16:17 - 00000000 __SHD () C:\found.001
2015-05-26 18:35 - 2015-05-26 18:35 - 00000000 ____D () C:\Nepojmenovaná složka
2015-05-26 16:05 - 2009-07-14 07:08 - 00032544 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-26 15:59 - 2015-05-26 15:58 - 00053848 _____ () C:\Users\caesar\Downloads\Audacity 1.2.6 Downloader.exe
2015-05-26 15:49 - 2015-05-26 15:49 - 01847957 _____ () C:\Users\caesar\Downloads\Audacity.rar
2015-05-26 15:46 - 2015-05-26 15:46 - 00733344 _____ () C:\Users\caesar\Downloads\audacity-lista-centrumcz.exe
2015-05-24 18:05 - 2009-07-14 17:18 - 00738214 _____ () C:\Windows\system32\perfh005.dat
2015-05-24 18:05 - 2009-07-14 17:18 - 00167804 _____ () C:\Windows\system32\perfc005.dat
2015-05-24 18:05 - 2009-07-14 07:13 - 01779452 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-21 17:17 - 2012-12-07 13:49 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-21 17:10 - 2015-05-21 17:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-21 17:09 - 2014-11-12 19:34 - 00000000 ____D () C:\Users\caesar\AppData\Local\Akamai
2015-05-20 13:31 - 2015-05-18 22:42 - 00000000 ____D () C:\Program Files\PCSELCAD
2015-05-20 09:38 - 2015-05-20 09:38 - 01852512 _____ () C:\Users\caesar\Downloads\426156.dwg
2015-05-19 12:23 - 2012-10-15 07:59 - 00000000 ____D () C:\Windows\Minidump
2015-05-19 12:23 - 2012-02-27 20:20 - 00000000 ____D () C:\Users\caesar\AppData\Roaming\DAEMON Tools Lite
2015-05-19 11:46 - 2015-05-19 11:46 - 00001151 _____ () C:\Users\caesar\Desktop\StopPC.lnk
2015-05-19 11:46 - 2015-01-24 11:24 - 00000000 ____D () C:\Users\caesar\Desktop\Plocha II
2015-05-19 11:18 - 2014-04-21 19:28 - 00000000 ____D () C:\Users\caesar\AppData\Local\AVG SafeGuard toolbar
2015-05-19 09:55 - 2015-05-19 09:55 - 00000000 ____D () C:\ProgramData\PCSCHEMATIC
2015-05-18 22:47 - 2015-05-18 22:47 - 00000000 ____D () C:\Users\caesar\Documents\Downloaded Installations
2015-05-16 18:07 - 2012-12-04 17:36 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 18:07 - 2012-12-04 17:36 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 18:07 - 2012-12-04 17:36 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 19:00 - 2015-05-13 19:00 - 01995776 _____ () C:\Users\caesar\Downloads\04 - 11 - MSA.ppt
2015-05-13 18:56 - 2015-05-13 18:56 - 00229888 _____ () C:\Users\caesar\Downloads\MSA-RR.xls
2015-05-13 18:47 - 2015-05-13 18:47 - 03719168 _____ () C:\Users\caesar\Downloads\Animace 13 - MSA.pps
Files to move or delete:
====================
C:\Users\caesar\IP_Log_Data.js
C:\Users\caesar\Network_Meter_Data.js
Some content of TEMP:
====================
C:\Users\caesar\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpo_aghi.dll
C:\Users\caesar\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2015-01-16 23:20] - [2014-07-17 04:07] - 0455168 ____A (Microsoft Corporation) 8CEBD9D0A0A879CDE9F36F4383B7CAEA
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Reduce PDF Size (x32 Version: - reducepdfsize.com)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {2C040BB5-2B06-7275-5A21-2B969A740B4B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\caesar\Desktop" je 2430 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3
C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\caesar\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarX7Mouse5Mode
"C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitmeter2.lnk
C:\PROGRA~2\Codebox\BitMeter\BITMET~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HD Writer.lnk
C:\PROGRA~2\COMMON~1\PANASO~1\HDWRIT~1\HDWRIT~1.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~2\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk
C:\PROGRA~2\Comodo\GEEKBU~1\launcher.exe "unit_manager.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\caesar\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SpeedFan.lnk
C:\PROGRA~2\SpeedFan\speedfan.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~2\MICROS~2\Office12\ONENOTEM.EXE /tsr [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Stahnete AdwCleaner 
Presunte tu nove stazenou verzi FRST primo na plochu, jinak to nebude fungovat!!!
