Už se to podařilo, ale Avira mi našla, že se v FRST launcheru nachází DR/Delphi.Gen. Toto mám ignorovat?
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by michal.sir (administrator) on NTBMICHAL on 14-07-2015 21:18:58
Running from C:\Users\michal.sir\Desktop
Loaded Profiles: michal.sir (Available Profiles: michal.sir)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\HDD Health\HDDHealthService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(PANTERASoft) C:\Program Files (x86)\HDD Health\hddhealth.exe
() C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
(forum.viry.cz) C:\Users\michal.sir\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2015-04-14] (IDT, Inc.)
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] ()
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-06-05] (PDF Complete Inc)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-07] (CyberLink Corp.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm®Atheros®)
HKU\S-1-5-21-2211805086-445478240-3207990257-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-2211805086-445478240-3207990257-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-2211805086-445478240-3207990257-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)
HKU\S-1-5-21-2211805086-445478240-3207990257-1002\...\MountPoints2: {04a3bb63-fd92-11e4-bf23-20689d0d0c3a} - "G:\autorun.exe"
HKU\S-1-5-21-2211805086-445478240-3207990257-1002\...\MountPoints2: {04a3bb66-fd92-11e4-bf23-20689d0d0c3a} - "H:\autorun.exe"
HKU\S-1-5-21-2211805086-445478240-3207990257-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2014-12-23]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft)
Startup: C:\Users\michal.sir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk [2014-10-19]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2211805086-445478240-3207990257-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.seznam.cz/
HKU\S-1-5-21-2211805086-445478240-3207990257-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-29] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-05-08] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-29] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1B8D6279-1D87-470A-B72A-C49D1D438A82}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{348AF857-BA5E-456A-89DB-E9BC45BD24D3}: [DhcpNameServer] 192.168.1.250 213.226.240.126 213.226.224.12
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-10] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2013-07-09] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\michal.sir\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browser Safety) - C:\Users\michal.sir\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-03]
CHR Extension: (Google Wallet) - C:\Users\michal.sir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] -
https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] -
https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-11-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-11-04] (Intel Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-06-05] (PDF Complete Inc)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2013-07-09] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2015-04-14] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37088 2014-11-03] (Advanced Micro Devices, Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2015-07-12] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-02-25] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-05-18] (Disc Soft Ltd)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-14] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-04-14] (Intel Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1522976 2015-04-14] (Sunplus)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 21:18 - 2015-07-14 21:19 - 00019622 _____ C:\Users\michal.sir\Desktop\FRST.txt
2015-07-14 21:18 - 2015-07-14 21:19 - 00000000 ____D C:\FRST
2015-07-14 21:15 - 2015-07-14 21:15 - 00112640 _____ (forum.viry.cz) C:\Users\michal.sir\Desktop\FRSTLauncher.exe
2015-07-14 20:55 - 2015-07-14 20:55 - 02133504 _____ (Farbar) C:\Users\michal.sir\Desktop\FRST64.exe
2015-07-14 20:55 - 2015-07-14 20:55 - 00000000 ____D C:\rsit
2015-07-14 20:55 - 2015-07-14 20:55 - 00000000 ____D C:\Program Files\trend micro
2015-07-14 20:54 - 2015-07-14 20:54 - 01222144 _____ C:\Users\michal.sir\Downloads\RSITx64.exe
2015-07-14 18:37 - 2015-07-14 18:37 - 00000000 ___RD C:\Users\michal.sir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-07-14 07:57 - 2015-07-14 09:43 - 1586987008 _____ C:\Users\michal.sir\Downloads\GHOUL 2015 DD5.1 CZ dabing.avi
2015-07-13 21:10 - 2015-07-13 21:10 - 00000077 _____ C:\WINDOWS\setupact.log
2015-07-13 21:10 - 2015-07-13 21:10 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-13 11:04 - 2015-07-13 11:04 - 11792408 _____ (IObit ) C:\Users\michal.sir\Downloads\driver_booster_setup (2).exe
2015-07-12 10:56 - 2015-07-12 10:56 - 04265984 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys
2015-07-12 10:54 - 2015-07-12 10:54 - 00599208 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-07-12 10:54 - 2015-07-12 10:54 - 00409256 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-07-12 10:54 - 2015-07-12 10:54 - 00256168 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-07-12 10:54 - 2015-07-12 10:54 - 00212136 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo20.dll
2015-07-12 10:54 - 2015-07-12 10:54 - 00201416 _____ C:\WINDOWS\system32\pca-manta.bin
2015-06-30 07:57 - 2015-06-30 09:36 - 1255833600 _____ C:\Users\michal.sir\Downloads\Poltergeist CZ 2015 CZ Titule vloženy DVDRip DiwiX Like!!!!.avi
2015-06-29 11:38 - 2015-06-29 12:35 - 813668352 _____ C:\Users\michal.sir\Downloads\S láskou, Rosie 2014 Cz dab..avi
2015-06-29 07:56 - 2015-06-29 09:33 - 1390496200 _____ C:\Users\michal.sir\Downloads\lený Max Zběsilá cesta 2015 DVDRip CZ tit. ve filmu.avi
2015-06-22 12:25 - 2015-06-22 12:25 - 00000000 ____D C:\Users\michal.sir\Tracing
2015-06-22 12:23 - 2015-07-14 19:29 - 00000000 ____D C:\Users\michal.sir\AppData\Roaming\Skype
2015-06-22 12:23 - 2015-06-22 12:23 - 00002747 _____ C:\Users\Public\Desktop\Skype.lnk
2015-06-22 12:23 - 2015-06-22 12:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-22 12:23 - 2015-06-22 12:23 - 00000000 ____D C:\Users\michal.sir\AppData\Local\Skype
2015-06-22 12:23 - 2015-06-22 12:23 - 00000000 ____D C:\ProgramData\Skype
2015-06-22 12:23 - 2015-06-22 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-22 12:21 - 2015-06-22 12:22 - 01384064 _____ (Skype Technologies S.A.) C:\Users\michal.sir\Downloads\SkypeSetup.exe
2015-06-21 16:39 - 2015-06-21 17:49 - 1227862016 _____ C:\Users\michal.sir\Downloads\50-odstinu-sedi-czdab.avi
2015-06-18 12:44 - 2015-06-18 14:26 - 960755712 _____ C:\Users\michal.sir\Downloads\Hnev-Titánu-CZ-Dabing-(2012)-Ak-ní.Fantasy-by-lor.avi
2015-06-18 12:39 - 2015-06-18 14:20 - 1389101043 _____ C:\Users\michal.sir\Downloads\Avengers 2-Age of Ultron CZ dabing.avi
2015-06-18 11:36 - 2015-06-18 11:36 - 00026715 _____ C:\Users\michal.sir\Desktop\Praktická část bakalářské práce.xlsx
2015-06-18 11:23 - 2015-06-18 11:35 - 00026497 _____ C:\Users\michal.sir\Desktop\Prakticá část bakalářské práce.xlsx
2015-06-16 11:27 - 2015-06-16 11:27 - 00002613 _____ C:\Users\Public\Desktop\PdfMerge.lnk
2015-06-16 11:27 - 2015-06-16 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdfMerge
2015-06-16 11:27 - 2015-06-16 11:27 - 00000000 ____D C:\Program Files (x86)\PdfMerge
2015-06-16 08:00 - 2015-06-16 08:00 - 00001206 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-15 12:52 - 2015-06-15 12:52 - 02260480 _____ C:\Users\michal.sir\Downloads\PdfMergeSetup_1.22.msi
2015-06-15 12:44 - 2015-06-15 12:44 - 00000000 ____D C:\ProgramData\Soda PDF 7
2015-06-15 12:43 - 2015-06-15 12:43 - 10419288 _____ (LULU Software Limited) C:\Users\michal.sir\Downloads\Soda_PDF_7_Installer.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 21:00 - 2015-05-16 17:55 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-14 20:57 - 2015-02-25 20:37 - 00000000 __SHD C:\Users\michal.sir\AppData\Local\EmieUserList
2015-07-14 20:57 - 2015-02-25 20:37 - 00000000 __SHD C:\Users\michal.sir\AppData\Local\EmieSiteList
2015-07-14 20:57 - 2015-02-25 20:37 - 00000000 __SHD C:\Users\michal.sir\AppData\Local\EmieBrowserModeList
2015-07-14 20:47 - 2013-04-09 15:39 - 00000000 ____D C:\Users\michal.sir\AppData\Roaming\vlc
2015-07-14 20:33 - 2015-02-23 22:46 - 01528255 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-14 20:17 - 2013-02-08 01:55 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2211805086-445478240-3207990257-1002
2015-07-14 19:30 - 2013-02-18 23:21 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 18:39 - 2014-01-26 00:26 - 00003994 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3A13A4F5-52CA-47A6-B041-C86BBAA993AA}
2015-07-14 18:37 - 2015-04-14 21:45 - 00002886 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (michal.sir)
2015-07-14 18:37 - 2014-01-08 00:00 - 00000000 ___DO C:\Users\michal.sir\SkyDrive
2015-07-14 18:36 - 2015-05-16 17:54 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-13 21:10 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-13 21:10 - 2012-09-09 07:14 - 00000000 ____D C:\ProgramData\PDFC
2015-07-13 15:38 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-13 12:30 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-13 11:05 - 2015-04-14 21:45 - 00003244 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scan
2015-07-13 11:05 - 2015-04-14 21:45 - 00003188 _____ C:\WINDOWS\System32\Tasks\Driver Booster Update
2015-07-13 11:05 - 2015-04-14 21:45 - 00002164 _____ C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-07-13 11:05 - 2015-04-14 21:45 - 00000000 ____D C:\ProgramData\ProductData
2015-07-13 11:05 - 2015-04-14 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-07-12 11:21 - 2013-02-19 20:06 - 00000000 ____D C:\ProgramData\LogMeIn
2015-07-12 10:56 - 2014-01-07 23:06 - 00002990 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-07-12 10:54 - 2013-10-30 04:52 - 00753320 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-07-12 10:48 - 2015-03-03 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-12 10:43 - 2013-11-14 14:40 - 01934988 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-12 10:43 - 2013-11-14 14:24 - 00802206 _____ C:\WINDOWS\system32\perfh005.dat
2015-07-12 10:43 - 2013-11-14 14:24 - 00183700 _____ C:\WINDOWS\system32\perfc005.dat
2015-07-06 23:24 - 2015-03-14 10:45 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-06 23:24 - 2015-03-14 10:45 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 22:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-03 12:21 - 2015-02-05 12:11 - 00001044 _____ C:\Users\michal.sir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-07-03 12:16 - 2015-02-05 09:38 - 00000000 ____D C:\Users\michal.sir\AppData\Local\LogMeInIgnition
2015-06-29 20:49 - 2013-02-08 01:55 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-06-24 20:32 - 2014-12-25 20:56 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 20:32 - 2013-04-23 16:30 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-22 12:25 - 2014-01-07 23:18 - 00000000 ____D C:\Users\michal.sir
2015-06-21 16:34 - 2014-01-09 20:26 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-18 14:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-18 12:30 - 2013-02-08 01:48 - 00000000 ____D C:\Users\michal.sir\AppData\Local\Packages
2015-06-16 11:14 - 2015-03-03 20:58 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-06-16 11:14 - 2015-03-03 20:58 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-06-16 08:00 - 2014-04-15 16:51 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-16 07:59 - 2015-03-03 20:20 - 00000000 ____D C:\ProgramData\Avira
2015-06-16 07:59 - 2015-03-03 20:20 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-16 07:50 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-14 09:07 - 2013-02-19 19:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-14 09:06 - 2013-08-25 21:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-14 09:02 - 2013-02-19 20:35 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2015-06-11 19:14 - 2015-06-11 19:27 - 0099384 _____ () C:\Users\michal.sir\AppData\Roaming\inst.exe
2015-06-11 19:14 - 2015-06-11 19:27 - 0007859 _____ () C:\Users\michal.sir\AppData\Roaming\pcouffin.cat
2015-06-11 19:14 - 2015-06-11 19:27 - 0001167 _____ () C:\Users\michal.sir\AppData\Roaming\pcouffin.inf
2015-06-11 19:14 - 2015-06-11 19:27 - 0000055 _____ () C:\Users\michal.sir\AppData\Roaming\pcouffin.log
2015-06-11 19:14 - 2015-06-11 19:27 - 0082816 _____ (VSO Software) C:\Users\michal.sir\AppData\Roaming\pcouffin.sys
2014-10-19 15:03 - 2014-10-19 15:03 - 0000057 _____ () C:\ProgramData\Ament.ini
Some files in TEMP:
====================
C:\Users\michal.sir\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Users\michal.sir\SkyDrive:ms-properties
==================== Security Center ==================
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\michal.sir\Desktop" je 317 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================