Zdravím,tady posílám oba logy,doufám že sem postupoval správně.Díky
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-08-2015
Ran by Mic (administrator) on MIC-PC (19-08-2015 15:39:06)
Running from C:\Users\Mic\Desktop
Loaded Profiles: Mic (Available Profiles: Mic)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Avid Technology, Inc.) C:\Windows\System32\M-AudioTaskBarIcon.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(KORG Inc.) C:\Program Files\KORG\KORG USB-MIDI Driver\EsHelper2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(C. Ghisler & Co.) C:\Program Files\totalcmd\TOTALCMD.EXE
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Mic\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [M-Audio Taskbar Icon] => C:\Windows\system32\M-AudioTaskBarIcon.exe [644104 2010-12-07] (Avid Technology, Inc.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [KORG USB-MIDI Driver] => C:\Program Files\KORG\KORG USB-MIDI Driver\EsHelper2.exe [394096 2014-01-16] (KORG Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-15] (AVAST Software)
HKU\S-1-5-21-398789677-1632921365-3791617423-1001\...\Run: [Hobbyist Software VLC Streamer] => "C:\Program Files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" /startup
HKU\S-1-5-21-398789677-1632921365-3791617423-1001\...\Run: [eTranslator Automatic Update] => C:\Users\Mic\AppData\Roaming\eTranslator\eTranslator.exe [4822328 2015-08-18] (eTranslator App)
HKU\S-1-5-21-398789677-1632921365-3791617423-1001\...\Run: [luuwynhjbz] => explorer "
http://torrentexpert.ru/?utm_source=uou ... 2CCEA44504" <===== ATTENTION
HKU\S-1-5-21-398789677-1632921365-3791617423-1001\...\Run: [kometaup] => C:\Users\Mic\AppData\Local\Kometa\kometaup.exe [1106528 2015-08-18] (Kometa LCC)
Startup: C:\Users\Mic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-12-20]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-15] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-398789677-1632921365-3791617423-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-398789677-1632921365-3791617423-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://torrentexpert.ru/?utm_source=startpage03&utm_content=a58416f70956ebe1106d7b20d0c7b909&utm_term=D6D745D4F36E75F7DB28F22CCEA44504
HKU\S-1-5-21-398789677-1632921365-3791617423-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://
www.msn.com/?pc=AV01
SearchScopes: HKLM -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-398789677-1632921365-3791617423-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={SearchTerms}&fr=ntg&gp=blackbear6
SearchScopes: HKU\S-1-5-21-398789677-1632921365-3791617423-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-398789677-1632921365-3791617423-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={SearchTerms}&fr=ntg&gp=blackbear6
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-15] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-398789677-1632921365-3791617423-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\..\Interfaces\{32EF1F19-7A5F-4B3F-9814-B159653B59FC}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FE61F0CB-D408-499D-ABCE-3F0B55E5AC3A}: [NameServer] 10.255.255.10,10.255.255.20
FireFox:
========
FF ProfilePath: C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\y6y7s7wr.default-1435317240039
FF SelectedSearchEngine: Поиск@Mail.Ru
FF Homepage: hxxp://torrentexpert.ru/?utm_source=startpage03&utm_content=a58416f70956ebe1106d7b20d0c7b909&utm_term=D6D745D4F36E75F7DB28F22CCEA44504
FF Keyword.URL: hxxp://go.mail.ru/search?fr=ntg&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF Extension: Adblock Plus - C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\y6y7s7wr.default-1435317240039\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-26]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-16]
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-15]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-08-16]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-15]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-15] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 Update Ttessab; "C:\Program Files\Ttessab\updateTtessab.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-08-15] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-08-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-08-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-08-15] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-15] (AVAST Software)
S3 AXIOM; C:\Windows\System32\DRIVERS\MAudioAxiom.sys [115336 2010-03-11] (M-Audio)
S3 KORGUMDS; C:\Windows\System32\Drivers\KORGUMDS.SYS [24536 2014-01-16] (KORG INC.)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [158600 2010-12-07] (Avid Technology, Inc.)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-15] (AVAST Software)
S2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [73728 2015-03-17] (Rainbow Technologies, Inc.) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-08-15] (Avast Software)
S3 kqhvufdn; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-19 15:39 - 2015-08-19 15:39 - 00014567 _____ C:\Users\Mic\Desktop\FRST.txt
2015-08-19 15:32 - 2015-08-19 15:39 - 00000000 ____D C:\FRST
2015-08-19 15:31 - 2015-08-19 15:32 - 00112640 _____ (forum.viry.cz) C:\Users\Mic\Desktop\FRSTLauncher.exe
2015-08-19 15:17 - 2015-08-19 15:17 - 01677312 _____ (Farbar) C:\Users\Mic\Desktop\FRST.exe
2015-08-19 13:38 - 2015-08-19 13:48 - 00000000 ____D C:\Users\Mic\Downloads\Joe Henderson - 5 Blue Note CD's
2015-08-18 23:29 - 2015-08-18 23:29 - 19881984 _____ C:\Windows\system32\config\system.sav.LOG
2015-08-18 23:28 - 2015-08-18 23:28 - 43409408 _____ C:\Windows\system32\config\software.sav.LOG
2015-08-18 23:28 - 2015-08-18 23:28 - 00024576 _____ C:\Windows\system32\config\security.sav.LOG
2015-08-18 23:27 - 2015-08-18 23:27 - 00028672 _____ C:\Windows\system32\config\sam.sav.LOG
2015-08-18 23:26 - 2015-08-18 23:29 - 00001648 _____ C:\Windows\system32\ASOROSet.bin
2015-08-18 23:26 - 2015-08-18 23:26 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2015-08-18 23:23 - 2015-08-18 23:31 - 00000000 ____D C:\Users\Mic\AppData\Roaming\Solvusoft
2015-08-18 23:23 - 2012-10-15 17:02 - 00017840 _____ (solvusoft) C:\Windows\system32\roboot.exe
2015-08-18 23:02 - 2015-08-18 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-18 23:02 - 2015-08-18 23:02 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-08-18 21:21 - 2015-08-18 23:07 - 00000000 ____D C:\Users\Mic\AppData\Local\Kometa
2015-08-18 21:13 - 2015-08-18 21:13 - 00001604 _____ C:\Users\Mic\Desktop\Вoйти в Интeрнет.lnk
2015-08-18 21:13 - 2015-08-18 21:13 - 00000000 ____D C:\Users\Mic\AppData\Local\Вoйти в Интeрнет
2015-08-18 21:06 - 2015-08-18 21:06 - 00000000 ____D C:\Users\Mic\AppData\Roaming\eTranslator
2015-08-18 21:04 - 2015-08-18 21:04 - 00001236 _____ C:\Users\Mic\Desktop\Поиcк в Интeрнете.lnk
2015-08-18 21:04 - 2015-08-18 21:04 - 00000000 ____D C:\Users\Mic\AppData\Local\Поиcк в Интeрнете
2015-08-18 21:04 - 2015-08-18 21:04 - 00000000 ____D C:\Users\Mic\AppData\Local\MailRu
2015-08-18 21:02 - 2015-08-18 21:09 - 00000000 ____D C:\Users\Mic\AppData\Local\Mail.Ru
2015-08-18 21:02 - 2015-08-18 21:02 - 00000174 _____ C:\Users\Mic\Desktop\Искать в Интернете.url
2015-08-18 21:02 - 2015-08-18 21:02 - 00000000 ____D C:\Users\Mic\AppData\Roaming\MailProducts
2015-08-18 20:48 - 2015-08-18 20:49 - 00000000 ____D C:\Users\Mic\Downloads\Joe Henderson - In 'n Out (1964) {Blue Note, RVG Edition, 2004}
2015-08-18 20:36 - 2015-08-18 20:40 - 00000000 ____D C:\Users\Mic\Downloads\Stanley Turrentine - The Blue Note Quintet - Sextet Studio Sessions CD1 (2002) [EAC-FLAC]
2015-08-18 18:54 - 2015-08-18 20:10 - 00000000 ____D C:\Users\Mic\Downloads\Bobby Hutcherson - Head On
2015-08-18 12:33 - 2015-08-18 12:56 - 00000000 ____D C:\Users\Mic\Downloads\Bobby Hutcherson - Wise One
2015-08-18 12:16 - 2015-08-18 12:16 - 00000000 ____D C:\Users\Mic\Downloads\Bobby Hutcherson - Oblique
2015-08-18 11:12 - 2015-08-19 14:43 - 00000000 ____D C:\Users\Mic\Downloads\Albums
2015-08-16 19:19 - 2015-08-16 20:22 - 1128633948 _____ C:\Users\Mic\Downloads\Ghoul-(2015)-CZ-dabing.mkv
2015-08-16 13:35 - 2015-08-17 09:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-15 10:35 - 2015-08-15 10:35 - 00002035 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-15 10:35 - 2015-08-15 10:35 - 00000000 ____D C:\Users\Mic\AppData\Roaming\AVAST Software
2015-08-15 10:35 - 2015-08-15 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-15 10:34 - 2015-08-15 10:34 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-08-15 10:34 - 2015-08-15 10:34 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-15 10:34 - 2015-08-15 10:34 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-15 10:34 - 2015-08-15 10:34 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-15 10:34 - 2015-08-15 10:34 - 00113592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-15 10:34 - 2015-08-15 10:34 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-08-15 10:34 - 2015-08-15 10:34 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-15 10:34 - 2015-08-15 10:34 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-15 10:34 - 2015-08-15 10:34 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-15 10:34 - 2015-08-15 10:34 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-15 10:34 - 2015-08-15 10:34 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-15 10:33 - 2015-08-15 10:33 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-14 22:00 - 2015-08-14 22:03 - 00000000 ____D C:\Users\Mic\Downloads\Norman Connors - mister c (1981) (arista)
2015-08-12 18:58 - 2015-08-12 19:50 - 932332850 _____ C:\Users\Mic\Downloads\God-Delusion-Debate.avi
2015-08-11 23:54 - 2015-08-12 00:06 - 212674915 _____ C:\Users\Mic\Downloads\Noam-Chomsky-vs-Michel-Foucault-(FULL-DEBATE)-(1971).mp4
2015-08-11 23:54 - 2015-08-11 23:54 - 00086614 _____ C:\Users\Mic\Downloads\Noam-Chomsky-vs-Michel-Foucault-(FULL-DEBATE)-(1971).srt
2015-08-02 19:24 - 2015-08-02 19:34 - 00000000 ____D C:\Users\Mic\Downloads\VA-The Blue Note Years-14 cd
2015-08-02 18:38 - 2015-08-02 18:38 - 00000000 ____D C:\Users\Mic\Downloads\Stanley Turrentine - Never Let Me Go (APE+CUE)
2015-07-23 00:19 - 2015-07-23 15:38 - 00000000 ____D C:\Users\Mic\Downloads\Stanley Turrentine - More Than A Mood (1992) [EAC-APE]
2015-07-22 23:36 - 2015-07-22 23:40 - 00000000 ____D C:\Users\Mic\Downloads\Stanley Turrentine - Easy Walker (1966) [EAC-FLAC]
2015-07-22 23:28 - 2015-07-22 23:33 - 00000000 ____D C:\Users\Mic\Downloads\Stanley Turrentine - T Time (1995) [EAC-APE]
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-19 15:36 - 2009-07-14 06:34 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 15:36 - 2009-07-14 06:34 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 15:27 - 2013-12-27 16:26 - 00000000 ____D C:\Users\Mic\AppData\Roaming\uTorrent
2015-08-19 15:27 - 2013-12-20 22:26 - 00000000 ____D C:\Users\Mic\AppData\Roaming\vlc
2015-08-19 15:27 - 2013-12-20 19:40 - 00000000 ____D C:\Users\Mic\AppData\Roaming\Skype
2015-08-19 15:07 - 2014-08-17 18:58 - 00000000 ____D C:\FFOutput
2015-08-19 14:56 - 2015-06-26 13:59 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-19 14:51 - 2014-12-24 22:29 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-19 13:44 - 2013-12-20 19:23 - 01819744 _____ C:\Windows\WindowsUpdate.log
2015-08-19 09:51 - 2014-12-24 22:29 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-19 09:36 - 2014-12-19 17:27 - 00105019 _____ C:\Windows\setupact.log
2015-08-19 09:36 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-18 23:49 - 2013-12-20 21:30 - 00007597 _____ C:\Users\Mic\AppData\Local\Resmon.ResmonCfg
2015-08-18 23:30 - 2013-12-20 19:23 - 00000000 ____D C:\Users\Mic
2015-08-18 23:02 - 2014-03-05 11:30 - 00002719 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-18 23:02 - 2013-12-20 19:40 - 00000000 ___RD C:\Program Files\Skype
2015-08-18 23:02 - 2013-12-20 19:40 - 00000000 ____D C:\ProgramData\Skype
2015-08-18 21:34 - 2014-12-19 17:27 - 03649140 _____ C:\Windows\PFRO.log
2015-08-18 21:02 - 2009-07-14 04:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-08-17 09:19 - 2015-04-15 09:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-15 10:33 - 2013-12-20 20:42 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-12 16:56 - 2015-06-26 13:59 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-12 16:56 - 2015-06-26 13:59 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-07 16:44 - 2013-12-20 19:29 - 00006240 _____ C:\Windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2013-12-20 21:30 - 2015-08-18 23:49 - 0007597 _____ () C:\Users\Mic\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Mic\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Mic\AppData\Local\Temp\FFSetup3.6.0.0.exe
C:\Users\Mic\AppData\Local\Temp\gRUKjlCUeLzh.exe
C:\Users\Mic\AppData\Local\Temp\gy4EsbjJ3i70.exe
C:\Users\Mic\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Mic\AppData\Local\Temp\lZZKRoORqMoU.exe
C:\Users\Mic\AppData\Local\Temp\NeynNxDckW4j.exe
C:\Users\Mic\AppData\Local\Temp\nfue9maf.dll
C:\Users\Mic\AppData\Local\Temp\ochelper.exe
C:\Users\Mic\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Mic\AppData\Local\Temp\~13B3.exe
C:\Users\Mic\AppData\Local\Temp\~17F3.exe
C:\Users\Mic\AppData\Local\Temp\~2476.exe
C:\Users\Mic\AppData\Local\Temp\~32B.exe
C:\Users\Mic\AppData\Local\Temp\~36F8.exe
C:\Users\Mic\AppData\Local\Temp\~37A.exe
C:\Users\Mic\AppData\Local\Temp\~4837.exe
C:\Users\Mic\AppData\Local\Temp\~51A9.exe
C:\Users\Mic\AppData\Local\Temp\~5457.exe
C:\Users\Mic\AppData\Local\Temp\~5B98.exe
C:\Users\Mic\AppData\Local\Temp\~731C.exe
C:\Users\Mic\AppData\Local\Temp\~77CE.exe
C:\Users\Mic\AppData\Local\Temp\~B36.exe
C:\Users\Mic\AppData\Local\Temp\~C725.exe
C:\Users\Mic\AppData\Local\Temp\~F852.exe
C:\Users\Mic\AppData\Local\Temp\~FC9.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-12 10:40
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:391.47 GB) (Free:79.58 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:540.04 GB) (Free:27.4 GB) NTFS
Available physical RAM: 2058.05 MB
Total physical RAM: 3582.49 MB
Percentage of memory in use: 42%
==================== MBR and Partition Table ==================
TreeSize Free V1.7.9 (HKLM\...\TreeSize Free_is1) (Version: - JAM Software)
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DD7F38B1)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3B188761)
Partition 1: (Active) - (Size=391.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=540 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Mic\Desktop" je 126 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Omlouvam se kolegovi za vstup ale jako MOD si dovolim vstoupit