Vkládám i log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by ROBASS (administrator) on VIONETA (01-09-2015 17:29:54)
Running from C:\Users\ROBASS\Desktop
Loaded Profiles: ROBASS (Available Profiles: ROBASS)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1796496 2015-08-06] (APN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Tcpip\..\Interfaces\{2454BC51-DE58-4BC7-844A-1BF98C8D497E}: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,SearchURL = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2009324788-340054426-501186564-1000 -> {57948012-FF93-4DB1-A551-5C8D17ECAB84} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ROBASS\AppData\Roaming\Mozilla\Firefox\Profiles\6pmsaupi.default-1440538516283
FF Homepage: hxxps://
www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-2009324788-340054426-501186564-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-23]
CHR Extension: (Google Docs) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16]
CHR Extension: (YouTube) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16]
CHR Extension: (Google Search) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16]
CHR Extension: (Google Sheets) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-23]
CHR Extension: (AdBlock) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16]
CHR Extension: (Gmail) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [173968 2015-08-05] (APN LLC.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-01-17] (Microsoft Corporation) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 ET5Drv; C:\Windows\ET5Drv.sys [36416 2007-10-16] (Windows (R) Codename Longhorn DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-02-10] ()
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-10-21] (Microsoft Corporation) [File not signed]
S3 ALSysIO; \??\D:\TEMP\ALSysIO64.sys [X]
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 MarkFun_NT; \??\C:\Program Files (x86)\GIGABYTE\ET5Pro\markfun.a64 [X]
S3 slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\ROBASS\Desktop\REAL TEMP\WinRing0x64.sys [X]
S1 {7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64; system32\drivers\{7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 17:29 - 2015-09-01 17:30 - 00013885 _____ C:\Users\ROBASS\Desktop\FRST.txt
2015-09-01 17:28 - 2015-09-01 17:29 - 00000000 ____D C:\FRST
2015-09-01 17:27 - 2015-09-01 17:27 - 00112640 _____ (forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
2015-09-01 15:11 - 2015-09-01 15:11 - 02188800 _____ (Farbar) C:\Users\ROBASS\Desktop\FRST64.exe
2015-09-01 15:03 - 2015-09-01 15:03 - 00020578 _____ C:\Windows\Minidump.rar
2015-09-01 14:59 - 2015-09-01 14:59 - 474810555 _____ C:\Windows\MEMORY.DMP
2015-09-01 14:59 - 2015-09-01 14:59 - 00290336 _____ C:\Windows\Minidump\090115-19734-01.dmp
2015-09-01 14:59 - 2015-09-01 14:59 - 00000000 ____D C:\Windows\Minidump
2015-08-31 21:18 - 2015-08-31 21:21 - 00000000 ____D C:\Users\ROBASS\Desktop\31.8.2015 Kobylka
2015-08-30 17:43 - 2015-09-01 16:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 17:43 - 2015-09-01 16:26 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 17:43 - 2015-08-30 17:43 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 17:43 - 2015-08-30 17:43 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 22:02 - 2015-08-29 22:02 - 00000000 ____D C:\Users\ROBASS\Desktop\27.8. U našich, Anet papa video
2015-08-29 22:00 - 2015-08-29 22:01 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevřená ulice(tatky)
2015-08-29 21:58 - 2015-08-29 21:59 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Kostel večer
2015-08-29 21:57 - 2015-08-29 21:58 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Pouť
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Sun
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\.oracle_jre_usage
2015-08-27 13:01 - 2015-08-27 13:08 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevrena ulice, kostel, zahrada
2015-08-19 10:42 - 2015-09-01 16:26 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-16 14:07 - 2015-08-28 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-16 13:30 - 2015-08-16 13:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-13 19:34 - 2015-09-01 16:26 - 00141524 _____ C:\Windows\PFRO.log
2015-08-13 19:34 - 2015-09-01 16:26 - 00005002 _____ C:\Windows\setupact.log
2015-08-13 19:34 - 2015-08-13 19:34 - 00000000 _____ C:\Windows\setuperr.log
2015-08-11 19:35 - 2015-09-01 16:27 - 00041666 _____ C:\Windows\WindowsUpdate.log
2015-08-11 16:09 - 2015-08-29 10:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-11 16:09 - 2015-08-11 16:09 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-11 16:09 - 2015-08-11 16:09 - 00001150 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-11 14:19 - 2015-08-11 14:19 - 00242984 _____ C:\Users\ROBASS\Downloads\Firefox Setup Stub 39.0.3.exe
2015-08-11 13:46 - 2015-08-11 13:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-11 13:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-07 15:32 - 2015-08-29 20:27 - 00000000 ____D C:\Users\ROBASS\Desktop\Nová složka (4)
2015-08-04 17:37 - 2015-08-04 17:37 - 00563296 _____ (Oracle Corporation) C:\Users\ROBASS\Downloads\jre-8u51-windows-i586-iftw.exe
2015-08-04 14:27 - 2015-08-04 14:27 - 05309440 _____ (MaLee) C:\Users\ROBASS\Downloads\ANO.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 17:27 - 2014-05-08 01:15 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Skype
2015-09-01 17:15 - 2015-01-28 02:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-01 16:34 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 16:34 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 16:26 - 2014-02-24 17:04 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 16:26 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 16:26 - 2009-07-14 06:45 - 00468464 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Panda Security
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\ProgramData\Panda Security
2015-08-28 15:32 - 2014-10-30 22:31 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\vlc
2015-08-28 15:25 - 2014-03-05 20:21 - 00695664 _____ C:\Windows\system32\perfh019.dat
2015-08-28 15:25 - 2014-03-05 20:21 - 00141320 _____ C:\Windows\system32\perfc019.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00650908 _____ C:\Windows\system32\perfh005.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00134296 _____ C:\Windows\system32\perfc005.dat
2015-08-28 15:25 - 2009-07-14 07:13 - 02369470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-27 21:13 - 2014-05-08 01:15 - 00000000 ____D C:\ProgramData\Skype
2015-08-27 13:04 - 2014-12-12 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\ProgramData\Oracle
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-27 13:03 - 2014-01-17 21:38 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-27 13:03 - 2014-01-17 13:04 - 00000000 ____D C:\Users\ROBASS
2015-08-25 23:35 - 2014-05-16 02:16 - 00000000 ____D C:\Users\ROBASS\Desktop\Původní data aplikace Firefox
2015-08-25 12:13 - 2012-07-31 20:04 - 00000000 ____D C:\Users\ROBASS\Desktop\Fotky
2015-08-25 12:01 - 2014-05-16 02:06 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-16 13:30 - 2014-01-17 19:57 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-16 13:30 - 2014-01-17 19:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-11 16:29 - 2014-05-10 01:25 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\uTorrent
2015-08-11 14:33 - 2014-03-18 22:06 - 00000000 ____D C:\Program Files (x86)\HTC
2015-08-11 14:31 - 2015-05-25 20:25 - 00000000 ____D C:\Program Files\Fotolab
2015-08-11 13:46 - 2014-05-11 20:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-06 22:47 - 2015-07-12 21:21 - 00001226 _____ C:\Users\ROBASS\Desktop\presnidavky.txt
2015-08-04 17:40 - 2014-05-10 02:09 - 00000000 ____D C:\ProgramData\Adobe
2015-08-04 14:28 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2015-05-21 16:12 - 2015-05-21 16:12 - 0000000 _____ () C:\Users\ROBASS\AppData\Local\{43B31F9C-1B1C-4755-B451-D1320849670C}
2014-01-28 08:55 - 2014-01-28 08:55 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-01-26 18:11] - [2013-10-21 07:36] - 4656640 ____A (Microsoft Corporation) CD23B721288CB741EBD3380D57F0600F
C:\Windows\SysWOW64\explorer.exe
[2013-10-21 07:36] - [2013-10-21 07:36] - 4298240 ____A (Microsoft Corporation) 0AC4BD54CDEC7679FA5ECC826BD96120
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-01 14:55
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (HDD) (Fixed) (Total:148.95 GB) (Free:61.67 GB) NTFS
Drive d: (ZALOHA) (Fixed) (Total:465.76 GB) (Free:265.72 GB) NTFS
Drive k: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:690.73 GB) NTFS
Available physical RAM: 4166.82 MB
Total physical RAM: 6142.49 MB
Percentage of memory in use: 32%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 6A205247)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
Disk: 1 (Size: 465.8 GB) (Disk ID: 7D177D17)
Partition 1: (Active) - (Size=465.8 GB) - (Type=42)
Partition 2: (Not Active) - (Size=2008 KB) - (Type=42)
Disk: 6 (Size: 931.5 GB) (Disk ID: 1C0C37A8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ROBASS\Desktop" je 16845 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\ROBASS\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\ROBASS\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\X-G500
C:\Program Files (x86)\Genius\X-G500\mousehid.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~2\MCAFEE~1\30E3C3~1.285\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Nejspíš se mi neukládá.
, ale Firefox padá neustále