Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by NOSTROMO (administrator) on NOSTROMO-PC (07-11-2015 12:44:18)
Running from C:\Users\NOSTROMO\Desktop
Loaded Profiles: NOSTROMO (Available Profiles: NOSTROMO)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) D:\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(AVAST Software) D:\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\NOSTROMO\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-12-21] (Alcor Micro Corp.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-11-02] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Guard.Mail.ru.gui] => C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2014-07-22] ()
HKLM-x32\...\Run: [AvastUI.exe] => D:\Avast\AvastUI.exe [6134544 2015-09-29] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\Run: [icq] => C:\Users\NOSTROMO\AppData\Roaming\ICQM\icq.exe [34947592 2014-08-19] (ICQ)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Avast\ashShA64.dll [2015-09-29] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b6544d7f-7f3b-4fff-a411-88f902b30126}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-ww
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.icq.com/
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3059860613-3158309770-3600734986-1000 -> 72AFCA5951474F3FB2DC5D9193E5F225 URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast\aswWebRepIE64.dll [2015-09-12] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast\aswWebRepIE.dll [2015-09-12] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Avast\WebRep\FF [2015-09-29] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
Chrome:
=======
CHR Profile: C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-02]
CHR Extension: (Avast Online Security) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-07]
CHR Extension: (Skype Click to Call) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - D:\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-12]
CHR HKLM-x32\...\Chrome\Extension: [fgjhclagfljhianddbigacbhmbipokjl] - C:\ProgramData\SaveByclick\fgjhclagfljhianddbigacbhmbipokjl.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; D:\Avast\AvastSvc.exe [146600 2015-09-29] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2014-07-22] ()
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-11-02] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-11-02] (Synaptics Incorporated)
R2 TomTomHOMEService; D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93040 2014-12-19] (TomTom)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-11-02] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-11-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-29] (AVAST Software)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-11-02] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-11-02] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-07 12:44 - 2015-11-07 12:45 - 00015606 _____ C:\Users\NOSTROMO\Desktop\FRST.txt
2015-11-07 12:43 - 2015-11-07 12:44 - 00000000 ____D C:\FRST
2015-11-07 12:41 - 2015-11-07 12:43 - 00112640 _____ (forum.viry.cz) C:\Users\NOSTROMO\Desktop\FRSTLauncher.exe
2015-11-07 12:41 - 2015-11-07 12:41 - 00112640 _____ (forum.viry.cz) C:\Users\NOSTROMO\Downloads\Nepotvrzeno 706987.crdownload
2015-11-07 12:41 - 2015-11-07 12:41 - 00112640 _____ (forum.viry.cz) C:\Users\NOSTROMO\Downloads\Nepotvrzeno 442989.crdownload
2015-11-07 12:39 - 2015-11-07 12:40 - 02198528 _____ (Farbar) C:\Users\NOSTROMO\Desktop\FRST64.exe
2015-11-07 12:34 - 2015-11-07 12:34 - 00000711 _____ C:\Users\NOSTROMO\Desktop\Fotky – zástupce.lnk
2015-11-07 12:30 - 2015-11-07 12:30 - 00016148 _____ C:\WINDOWS\system32\NOSTROMO-PC_NOSTROMO_HistoryPrediction.bin
2015-11-07 11:13 - 2015-11-07 11:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Users\NOSTROMO\Downloads\JAD8103_BASIC.exe
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Program Files (x86)\TomTom HOME 2
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Program Files (x86)\SuperTintin for Skype
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Program Files (x86)\Apple Software Update
2015-11-06 20:09 - 2015-11-06 20:09 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-11-06 19:52 - 2015-11-06 19:52 - 00000000 ____D C:\WINDOWS\LastGood
2015-11-06 19:51 - 2015-11-06 19:51 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-11-03 12:50 - 2015-11-03 12:50 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Macromedia
2015-11-03 12:36 - 2015-11-03 12:37 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\Comms
2015-11-03 12:35 - 2015-11-03 12:35 - 00001710 _____ C:\Users\NOSTROMO\Desktop\Pošta.lnk
2015-11-02 18:30 - 2015-11-02 18:30 - 00000436 _____ C:\Users\NOSTROMO\Desktop\Tento počítač – zástupce.lnk
2015-11-02 18:13 - 2015-11-07 12:41 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\MicrosoftEdge
2015-11-02 17:45 - 2015-11-02 17:46 - 00002412 _____ C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 17:45 - 2015-11-02 17:46 - 00000000 ___RD C:\Users\NOSTROMO\OneDrive
2015-11-02 17:35 - 2015-11-02 17:35 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\Publishers
2015-11-02 17:34 - 2015-11-02 17:34 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\NetworkTiles
2015-11-02 17:32 - 2015-07-09 20:39 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-11-02 17:32 - 2015-07-09 20:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-11-02 17:32 - 2015-07-09 20:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-11-02 17:32 - 2015-07-09 20:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-11-02 17:32 - 2015-07-09 20:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-11-02 17:31 - 2015-11-02 17:31 - 00001051 _____ C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2015-11-02 08:11 - 2015-11-02 08:11 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-11-02 08:11 - 2015-11-02 08:11 - 00255176 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo29.dll
2015-11-02 08:11 - 2015-11-02 08:11 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-11-02 08:11 - 2015-11-02 08:11 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-11-02 08:10 - 2015-11-02 08:10 - 00042328 _____ (Lenovo Corporation) C:\WINDOWS\system32\Drivers\AcpiVpc.sys
2015-11-02 08:07 - 2015-11-02 18:27 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\Packages
2015-11-02 08:07 - 2015-11-02 08:07 - 00000020 ___SH C:\Users\NOSTROMO\ntuser.ini
2015-11-02 08:07 - 2015-11-02 08:07 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\TileDataLayer
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Šablony
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Poslední
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Okolní síť
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Dokumenty
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Data aplikací
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2015-11-02 08:00 - 2015-11-02 08:00 - 00022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-11-02 07:53 - 2015-11-02 07:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-02 07:49 - 2015-11-02 07:49 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-11-02 07:47 - 2015-11-03 13:09 - 00000000 ____D C:\Users\NOSTROMO
2015-11-02 07:47 - 2015-11-02 08:07 - 00000000 ___RD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Šablony
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Soubory cookie
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Poslední
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Okolní tiskárny
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Okolní síť
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Nabídka Start
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Dokumenty
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Documents\Obrázky
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Documents\Hudba
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Documents\Filmy
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Data aplikací
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\AppData\Local\Data aplikací
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 __RSD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-02 07:45 - 2015-11-06 20:15 - 02030050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-02 07:45 - 2015-11-02 07:46 - 00021209 _____ C:\WINDOWS\iis.log
2015-11-02 07:45 - 2015-11-02 07:45 - 01940726 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-11-02 07:43 - 2015-11-02 07:43 - 00000000 ____D C:\Program Files (x86)\USB Camera
2015-11-02 07:42 - 2015-11-02 07:43 - 00000529 _____ C:\WINDOWS\Synaptics.PD.log
2015-11-02 07:42 - 2015-11-02 07:43 - 00000529 _____ C:\WINDOWS\Synaptics.log
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files\Synaptics
2015-11-02 07:41 - 2015-11-02 07:41 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-11-02 07:41 - 2015-11-02 07:41 - 00000000 ____D C:\Program Files\Realtek
2015-11-02 07:39 - 2015-11-02 07:40 - 00023141 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-11-02 07:38 - 2015-11-02 08:07 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-02 07:37 - 2015-11-02 07:45 - 00000000 __SHD C:\Recovery
2015-11-02 07:34 - 2015-11-02 07:34 - 00000000 ____D C:\Windows.old
2015-11-02 07:33 - 2015-11-02 07:33 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-11-02 07:30 - 2015-11-02 07:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\Program Files\MSBuild
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\inetpub
2015-11-02 07:29 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-11-02 07:29 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-02 07:29 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-11-02 07:28 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-11-02 07:28 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-02 07:28 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-11-02 06:49 - 2015-03-27 22:33 - 00000001 ___SH C:\BOOTNXT
2015-11-02 06:45 - 2015-11-02 08:01 - 00006537 _____ C:\WINDOWS\comsetup.log
2015-11-02 06:42 - 2015-11-02 08:01 - 00010442 _____ C:\WINDOWS\diagerr.xml
2015-11-02 06:42 - 2015-11-02 08:01 - 00009528 _____ C:\WINDOWS\diagwrn.xml
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-07 12:35 - 2014-04-02 10:17 - 00000952 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a.job
2015-11-07 12:33 - 2012-12-26 18:15 - 00000000 ____D C:\Users\NOSTROMO\Documents\Soubory aplikace Outlook
2015-11-07 12:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-07 12:31 - 2012-10-20 20:06 - 00000948 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 11:54 - 2012-12-25 18:41 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Skype
2015-11-06 20:15 - 2015-09-10 06:05 - 00840160 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-06 20:15 - 2015-09-10 06:05 - 00191114 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-06 20:10 - 2015-07-30 22:50 - 00023820 _____ C:\WINDOWS\setupact.log
2015-11-06 19:52 - 2013-11-10 15:42 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-11-06 19:52 - 2013-11-10 15:42 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-11-06 19:46 - 2014-01-23 11:33 - 00004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BBB860A7-8F9D-420A-8B1C-6193EF0075BF}
2015-11-06 19:35 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-06 19:32 - 2015-09-12 13:57 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-11-06 19:32 - 2015-09-12 13:57 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-11-03 13:09 - 2012-12-26 17:45 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\ICQ
2015-11-03 12:34 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\appcompat
2015-11-02 18:21 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-02 18:11 - 2012-10-20 20:26 - 00003534 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-11-02 18:06 - 2012-10-20 19:27 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-02 18:01 - 2015-09-09 21:32 - 00001872 _____ C:\WINDOWS\PFRO.log
2015-11-02 18:01 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-02 18:00 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-02 17:33 - 2015-09-10 06:09 - 00000000 ____D C:\WINDOWS\OCR
2015-11-02 17:26 - 2015-07-30 22:49 - 00332720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-02 08:11 - 2015-08-21 20:18 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-11-02 08:11 - 2015-08-21 20:18 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-11-02 08:11 - 2015-08-21 20:18 - 00613576 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-11-02 08:11 - 2015-08-21 20:18 - 00267976 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-11-02 08:11 - 2015-08-21 20:18 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-11-02 08:10 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Registration
2015-11-02 08:06 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-11-02 08:02 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Windows NT
2015-11-02 08:02 - 2015-07-10 10:47 - 00000000 __RHD C:\Users\Default
2015-11-02 08:01 - 2015-09-12 13:57 - 00004234 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-02 08:01 - 2014-12-26 11:07 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-02 08:01 - 2014-04-02 10:17 - 00004058 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a
2015-11-02 08:01 - 2013-08-28 21:51 - 00002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-02 08:01 - 2013-08-28 21:45 - 00003300 _____ C:\WINDOWS\System32\Tasks\{1EDAD3D7-3C1D-4C80-A46E-9BA035709BE5}
2015-11-02 08:01 - 2013-08-20 15:37 - 00003102 _____ C:\WINDOWS\System32\Tasks\{49D8D266-A7DE-4544-9E34-988B3FAD5294}
2015-11-02 08:01 - 2013-07-23 08:50 - 00003200 _____ C:\WINDOWS\System32\Tasks\{01FD7442-EDDB-41C6-BB10-B922175DAADF}
2015-11-02 08:01 - 2013-07-23 08:49 - 00003156 _____ C:\WINDOWS\System32\Tasks\{CC33DA33-E6BF-4BC7-9064-0391869D65F6}
2015-11-02 08:01 - 2012-10-20 20:06 - 00003806 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-02 08:00 - 2015-07-30 23:42 - 00000000 __RSD C:\WINDOWS\Media
2015-11-02 08:00 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-02 07:54 - 2015-09-12 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-11-02 07:54 - 2015-09-10 06:20 - 00000000 ____D C:\WINDOWS\ShellNew
2015-11-02 07:54 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:54 - 2015-07-25 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jetAudio
2015-11-02 07:54 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-02 07:54 - 2015-03-29 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-11-02 07:54 - 2014-07-29 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-02 07:54 - 2014-07-22 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-11-02 07:54 - 2014-04-03 18:24 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-11-02 07:54 - 2013-09-01 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICatch (VI) PC Camera
2015-11-02 07:54 - 2013-08-28 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-11-02 07:54 - 2012-12-26 18:06 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-02 07:54 - 2012-12-26 14:40 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CZShare
2015-11-02 07:54 - 2012-12-25 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-11-02 07:54 - 2012-10-20 20:11 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-02 07:54 - 2012-10-20 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-02 07:54 - 2012-10-20 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-11-02 07:54 - 2012-10-20 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-02 07:54 - 2012-10-20 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-02 07:53 - 2015-07-30 23:43 - 00005307 _____ C:\WINDOWS\DtcInstall.log
2015-11-02 07:53 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:53 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:53 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\IME
2015-11-02 07:51 - 2013-08-16 07:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-02 07:51 - 2012-12-25 15:50 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-11-02 07:50 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\schemas
2015-11-02 07:50 - 2012-12-25 15:38 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-11-02 07:49 - 2015-08-21 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-02 07:49 - 2013-11-10 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-11-02 07:49 - 2013-11-10 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-02 07:49 - 2012-12-25 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-11-02 07:49 - 2009-07-14 16:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-02 07:49 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-02 07:49 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-02 07:48 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-11-02 07:48 - 2012-12-25 16:42 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spacejock Software
2015-11-02 07:45 - 2015-07-10 10:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-11-02 07:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\System
2015-11-02 07:38 - 2015-07-30 23:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-11-02 07:30 - 2015-07-10 06:13 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-11-02 07:30 - 2015-07-10 04:36 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-11-02 07:30 - 2015-07-10 04:36 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-11-02 07:30 - 2015-07-10 04:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-11-02 07:30 - 2015-07-10 04:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-11-02 07:30 - 2015-07-10 04:20 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-11-02 07:29 - 2015-07-10 06:02 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-11-02 07:29 - 2015-07-10 04:36 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-11-02 07:29 - 2015-07-10 04:36 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-11-02 07:29 - 2015-07-10 04:26 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-11-02 07:29 - 2015-07-10 04:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-11-02 07:29 - 2015-07-10 04:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-11-02 07:29 - 2015-07-10 04:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-11-02 06:49 - 2012-10-20 20:24 - 00008192 __RSH C:\BOOTSECT.BAK
2015-11-02 06:47 - 2009-07-14 05:45 - 00022656 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-02 06:47 - 2009-07-14 05:45 - 00022656 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-02 06:16 - 2015-09-10 07:55 - 00000000 ___HD C:\$Windows.~BT
2015-10-23 10:30 - 2012-12-26 14:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-22 14:21 - 2012-12-25 18:40 - 00000000 ____D C:\ProgramData\Skype
2015-10-16 13:22 - 2012-10-20 21:49 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-16 13:18 - 2013-02-11 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
==================== Files in the root of some directories =======
2015-11-06 20:10 - 2015-11-06 20:10 - 0000000 _____ () C:\Program Files (x86)\Apple Software Update
2015-11-06 20:10 - 2015-11-06 20:10 - 0000000 _____ () C:\Program Files (x86)\SuperTintin for Skype
2015-11-06 20:10 - 2015-11-06 20:10 - 0000000 _____ () C:\Program Files (x86)\TomTom HOME 2
2013-08-28 22:29 - 2013-09-01 11:30 - 0000052 _____ () C:\Users\NOSTROMO\AppData\Roaming\WB.CFG
2013-08-28 22:29 - 2013-09-01 11:30 - 0000005 _____ () C:\Users\NOSTROMO\AppData\Roaming\WBPU-TTL.DAT
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Program Files\Bonjour:Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Office:Win32App
AlternateDataStreams: C:\Program Files (x86)\AmIcoSingLun:Win32App
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App
AlternateDataStreams: C:\Program Files (x86)\ICQ7M:Win32App
AlternateDataStreams: C:\Program Files (x86)\JetAudio:Win32App
AlternateDataStreams: C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Visual Studio 8:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSBuild:Win32App
AlternateDataStreams: C:\Program Files (x86)\PDF Architect:Win32App
AlternateDataStreams: C:\Program Files (x86)\SuperTintin for Skype:Win32App
AlternateDataStreams: C:\Program Files (x86)\TomTom HOME 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\WinRAR:Win32App
AlternateDataStreams: C:\Program Files\Common Files\DESIGNER:Win32App
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\Users\NOSTROMO\Downloads\JAD8103_BASIC.exe:Win32App
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\NOSTROMO\Desktop" je 4 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"D:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Moc prosím o kontrolu, Strešně pomalý noťas
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu, Strešně pomalý noťas
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu, Strešně pomalý noťas
# AdwCleaner v5.018 - Logfile created 07/11/2015 at 13:16:51
# Updated 05/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 10 Home (x64)
# Username : NOSTROMO - NOSTROMO-PC
# Running from : C:\Users\NOSTROMO\Desktop\adwcleaner_5.018.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : Guard.Mail.ru
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\Guard-ICQ
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : DSite
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Guard.Mail.ru.gui]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKCU\Software\ICQ\ICQToolbar
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\72AFCA5951474F3FB2DC5D9193E5F225
***** [ Web browsers ] *****
[-] [C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ifohbjbgfchkkfhphahclmkpgejiplfo
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2727 bytes] ##########
# Updated 05/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 10 Home (x64)
# Username : NOSTROMO - NOSTROMO-PC
# Running from : C:\Users\NOSTROMO\Desktop\adwcleaner_5.018.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : Guard.Mail.ru
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\Guard-ICQ
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : DSite
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Guard.Mail.ru.gui]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKCU\Software\ICQ\ICQToolbar
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\72AFCA5951474F3FB2DC5D9193E5F225
***** [ Web browsers ] *****
[-] [C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ifohbjbgfchkkfhphahclmkpgejiplfo
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2727 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu, Strešně pomalý noťas
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu, Strešně pomalý noťas
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by NOSTROMO (administrator) on NOSTROMO-PC (07-11-2015 17:45:31)
Running from C:\Users\NOSTROMO\Desktop
Loaded Profiles: NOSTROMO (Available Profiles: NOSTROMO)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) D:\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(TomTom) D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVAST Software) D:\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-12-21] (Alcor Micro Corp.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-11-02] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\Run: [icq] => C:\Users\NOSTROMO\AppData\Roaming\ICQM\icq.exe [34947592 2014-08-19] (ICQ)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\RunOnce: [Uninstall C:\Users\NOSTROMO\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\NOSTROMO\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Avast\ashShA64.dll [2015-09-29] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b6544d7f-7f3b-4fff-a411-88f902b30126}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-ww
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast\aswWebRepIE64.dll [2015-09-12] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast\aswWebRepIE.dll [2015-09-12] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Avast\WebRep\FF [2015-09-29] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
Chrome:
=======
CHR Profile: C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-02]
CHR Extension: (Avast Online Security) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-07]
CHR Extension: (Skype Click to Call) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - D:\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-12]
CHR HKLM-x32\...\Chrome\Extension: [fgjhclagfljhianddbigacbhmbipokjl] - C:\ProgramData\SaveByclick\fgjhclagfljhianddbigacbhmbipokjl.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; D:\Avast\AvastSvc.exe [146600 2015-09-29] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-11-02] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-11-02] (Synaptics Incorporated)
R2 TomTomHOMEService; D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93040 2014-12-19] (TomTom)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-11-02] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-11-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-29] (AVAST Software)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-11-02] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-11-02] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-07 17:44 - 2015-11-07 17:44 - 00016148 _____ C:\WINDOWS\system32\NOSTROMO-PC_NOSTROMO_HistoryPrediction.bin
2015-11-07 13:12 - 2015-11-07 13:12 - 01713664 _____ C:\Users\NOSTROMO\Desktop\adwcleaner_5.018.exe
2015-11-07 12:45 - 2015-11-07 12:46 - 00029939 _____ C:\Users\NOSTROMO\Desktop\Addition.txt
2015-11-07 12:44 - 2015-11-07 17:45 - 00015071 _____ C:\Users\NOSTROMO\Desktop\FRST.txt
2015-11-07 12:43 - 2015-11-07 17:45 - 00000000 ____D C:\FRST
2015-11-07 12:43 - 2015-11-07 12:43 - 00015327 _____ C:\Users\NOSTROMO\Desktop\LM.bat
2015-11-07 12:41 - 2015-11-07 12:43 - 00112640 _____ (forum.viry.cz) C:\Users\NOSTROMO\Desktop\FRSTLauncher.exe
2015-11-07 12:41 - 2015-11-07 12:41 - 00112640 _____ (forum.viry.cz) C:\Users\NOSTROMO\Downloads\Nepotvrzeno 706987.crdownload
2015-11-07 12:41 - 2015-11-07 12:41 - 00112640 _____ (forum.viry.cz) C:\Users\NOSTROMO\Downloads\Nepotvrzeno 442989.crdownload
2015-11-07 12:39 - 2015-11-07 12:54 - 02198528 _____ (Farbar) C:\Users\NOSTROMO\Desktop\FRST64.exe
2015-11-07 12:34 - 2015-11-07 12:34 - 00000711 _____ C:\Users\NOSTROMO\Desktop\Fotky – zástupce.lnk
2015-11-07 11:13 - 2015-11-07 11:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Users\NOSTROMO\Downloads\JAD8103_BASIC.exe
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Program Files (x86)\TomTom HOME 2
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Program Files (x86)\SuperTintin for Skype
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Program Files (x86)\Apple Software Update
2015-11-06 20:09 - 2015-11-06 20:09 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-11-06 19:51 - 2015-11-06 19:51 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-11-03 12:50 - 2015-11-03 12:50 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Macromedia
2015-11-03 12:36 - 2015-11-03 12:37 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\Comms
2015-11-03 12:35 - 2015-11-03 12:35 - 00001710 _____ C:\Users\NOSTROMO\Desktop\Pošta.lnk
2015-11-02 18:30 - 2015-11-02 18:30 - 00000436 _____ C:\Users\NOSTROMO\Desktop\Tento počítač – zástupce.lnk
2015-11-02 18:13 - 2015-11-07 12:41 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\MicrosoftEdge
2015-11-02 17:45 - 2015-11-02 17:46 - 00002412 _____ C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 17:45 - 2015-11-02 17:46 - 00000000 ___RD C:\Users\NOSTROMO\OneDrive
2015-11-02 17:35 - 2015-11-02 17:35 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\Publishers
2015-11-02 17:34 - 2015-11-02 17:34 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\NetworkTiles
2015-11-02 17:32 - 2015-07-09 20:39 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-11-02 17:32 - 2015-07-09 20:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-11-02 17:32 - 2015-07-09 20:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-11-02 17:32 - 2015-07-09 20:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-11-02 17:32 - 2015-07-09 20:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-11-02 17:31 - 2015-11-02 17:31 - 00001051 _____ C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2015-11-02 08:11 - 2015-11-02 08:11 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-11-02 08:11 - 2015-11-02 08:11 - 00255176 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo29.dll
2015-11-02 08:11 - 2015-11-02 08:11 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-11-02 08:11 - 2015-11-02 08:11 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-11-02 08:10 - 2015-11-02 08:10 - 00042328 _____ (Lenovo Corporation) C:\WINDOWS\system32\Drivers\AcpiVpc.sys
2015-11-02 08:07 - 2015-11-07 13:33 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\Packages
2015-11-02 08:07 - 2015-11-02 08:07 - 00000020 ___SH C:\Users\NOSTROMO\ntuser.ini
2015-11-02 08:07 - 2015-11-02 08:07 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\TileDataLayer
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Šablony
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Poslední
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Okolní síť
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Dokumenty
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Data aplikací
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2015-11-02 08:00 - 2015-11-02 08:00 - 00022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-11-02 07:53 - 2015-11-02 07:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-02 07:49 - 2015-11-02 07:49 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-11-02 07:47 - 2015-11-03 13:09 - 00000000 ____D C:\Users\NOSTROMO
2015-11-02 07:47 - 2015-11-02 08:07 - 00000000 ___RD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Šablony
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Soubory cookie
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Poslední
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Okolní tiskárny
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Okolní síť
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Nabídka Start
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Dokumenty
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Documents\Obrázky
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Documents\Hudba
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Documents\Filmy
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Data aplikací
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\AppData\Local\Data aplikací
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 __RSD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-02 07:45 - 2015-11-07 17:03 - 02030050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-02 07:45 - 2015-11-02 07:46 - 00021209 _____ C:\WINDOWS\iis.log
2015-11-02 07:45 - 2015-11-02 07:45 - 01940726 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-11-02 07:43 - 2015-11-02 07:43 - 00000000 ____D C:\Program Files (x86)\USB Camera
2015-11-02 07:42 - 2015-11-02 07:43 - 00000529 _____ C:\WINDOWS\Synaptics.PD.log
2015-11-02 07:42 - 2015-11-02 07:43 - 00000529 _____ C:\WINDOWS\Synaptics.log
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files\Synaptics
2015-11-02 07:41 - 2015-11-02 07:41 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-11-02 07:41 - 2015-11-02 07:41 - 00000000 ____D C:\Program Files\Realtek
2015-11-02 07:39 - 2015-11-02 07:40 - 00023141 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-11-02 07:38 - 2015-11-02 08:07 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-02 07:37 - 2015-11-02 07:45 - 00000000 __SHD C:\Recovery
2015-11-02 07:34 - 2015-11-02 07:34 - 00000000 ____D C:\Windows.old
2015-11-02 07:33 - 2015-11-02 07:33 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-11-02 07:30 - 2015-11-02 07:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\Program Files\MSBuild
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\inetpub
2015-11-02 07:29 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-11-02 07:29 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-02 07:29 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-11-02 07:28 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-11-02 07:28 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-02 07:28 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-11-02 06:49 - 2015-03-27 22:33 - 00000001 ___SH C:\BOOTNXT
2015-11-02 06:45 - 2015-11-02 08:01 - 00006537 _____ C:\WINDOWS\comsetup.log
2015-11-02 06:42 - 2015-11-02 08:01 - 00010442 _____ C:\WINDOWS\diagerr.xml
2015-11-02 06:42 - 2015-11-02 08:01 - 00009528 _____ C:\WINDOWS\diagwrn.xml
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-07 17:35 - 2014-04-02 10:17 - 00000952 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a.job
2015-11-07 17:22 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-07 17:03 - 2015-09-10 06:05 - 00840160 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-07 17:03 - 2015-09-10 06:05 - 00191114 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-07 17:00 - 2015-07-30 22:50 - 00026786 _____ C:\WINDOWS\setupact.log
2015-11-07 16:09 - 2012-12-26 18:15 - 00000000 ____D C:\Users\NOSTROMO\Documents\Soubory aplikace Outlook
2015-11-07 13:33 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-07 13:26 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-07 13:24 - 2012-10-20 20:26 - 00003536 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-11-07 13:22 - 2012-10-20 19:27 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-07 13:20 - 2012-10-20 20:06 - 00000948 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 13:18 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-07 13:17 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-07 13:16 - 2013-09-01 17:05 - 00000000 ____D C:\AdwCleaner
2015-11-07 11:54 - 2012-12-25 18:41 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Skype
2015-11-06 19:52 - 2013-11-10 15:42 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-11-06 19:52 - 2013-11-10 15:42 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-11-06 19:46 - 2014-01-23 11:33 - 00004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BBB860A7-8F9D-420A-8B1C-6193EF0075BF}
2015-11-06 19:32 - 2015-09-12 13:57 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-11-06 19:32 - 2015-09-12 13:57 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-11-03 13:09 - 2012-12-26 17:45 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\ICQ
2015-11-03 12:34 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\appcompat
2015-11-02 18:01 - 2015-09-09 21:32 - 00001872 _____ C:\WINDOWS\PFRO.log
2015-11-02 17:33 - 2015-09-10 06:09 - 00000000 ____D C:\WINDOWS\OCR
2015-11-02 17:26 - 2015-07-30 22:49 - 00332720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-02 08:11 - 2015-08-21 20:18 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-11-02 08:11 - 2015-08-21 20:18 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-11-02 08:11 - 2015-08-21 20:18 - 00613576 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-11-02 08:11 - 2015-08-21 20:18 - 00267976 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-11-02 08:11 - 2015-08-21 20:18 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-11-02 08:10 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Registration
2015-11-02 08:06 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-11-02 08:02 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Windows NT
2015-11-02 08:02 - 2015-07-10 10:47 - 00000000 __RHD C:\Users\Default
2015-11-02 08:01 - 2015-09-12 13:57 - 00004234 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-02 08:01 - 2014-12-26 11:07 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-02 08:01 - 2014-04-02 10:17 - 00004058 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a
2015-11-02 08:01 - 2013-08-28 21:51 - 00002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-02 08:01 - 2013-08-28 21:45 - 00003300 _____ C:\WINDOWS\System32\Tasks\{1EDAD3D7-3C1D-4C80-A46E-9BA035709BE5}
2015-11-02 08:01 - 2013-08-20 15:37 - 00003102 _____ C:\WINDOWS\System32\Tasks\{49D8D266-A7DE-4544-9E34-988B3FAD5294}
2015-11-02 08:01 - 2013-07-23 08:50 - 00003200 _____ C:\WINDOWS\System32\Tasks\{01FD7442-EDDB-41C6-BB10-B922175DAADF}
2015-11-02 08:01 - 2013-07-23 08:49 - 00003156 _____ C:\WINDOWS\System32\Tasks\{CC33DA33-E6BF-4BC7-9064-0391869D65F6}
2015-11-02 08:01 - 2012-10-20 20:06 - 00003806 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-02 08:00 - 2015-07-30 23:42 - 00000000 __RSD C:\WINDOWS\Media
2015-11-02 08:00 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-02 07:54 - 2015-09-12 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-11-02 07:54 - 2015-09-10 06:20 - 00000000 ____D C:\WINDOWS\ShellNew
2015-11-02 07:54 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:54 - 2015-07-25 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jetAudio
2015-11-02 07:54 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-02 07:54 - 2015-03-29 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-11-02 07:54 - 2014-07-29 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-02 07:54 - 2014-07-22 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-11-02 07:54 - 2014-04-03 18:24 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-11-02 07:54 - 2013-09-01 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICatch (VI) PC Camera
2015-11-02 07:54 - 2013-08-28 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-11-02 07:54 - 2012-12-26 18:06 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-02 07:54 - 2012-12-26 14:40 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CZShare
2015-11-02 07:54 - 2012-12-25 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-11-02 07:54 - 2012-10-20 20:11 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-02 07:54 - 2012-10-20 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-02 07:54 - 2012-10-20 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-11-02 07:54 - 2012-10-20 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-02 07:54 - 2012-10-20 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-02 07:53 - 2015-07-30 23:43 - 00005307 _____ C:\WINDOWS\DtcInstall.log
2015-11-02 07:53 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:53 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:53 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\IME
2015-11-02 07:51 - 2013-08-16 07:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-02 07:51 - 2012-12-25 15:50 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-11-02 07:50 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\schemas
2015-11-02 07:50 - 2012-12-25 15:38 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-11-02 07:49 - 2015-08-21 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-02 07:49 - 2013-11-10 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-02 07:49 - 2012-12-25 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-11-02 07:49 - 2009-07-14 16:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-02 07:49 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-02 07:49 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-02 07:48 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-11-02 07:48 - 2012-12-25 16:42 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spacejock Software
2015-11-02 07:45 - 2015-07-10 10:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-11-02 07:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\System
2015-11-02 07:38 - 2015-07-30 23:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-11-02 07:30 - 2015-07-10 06:13 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-11-02 07:30 - 2015-07-10 04:36 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-11-02 07:30 - 2015-07-10 04:36 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-11-02 07:30 - 2015-07-10 04:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-11-02 07:30 - 2015-07-10 04:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-11-02 07:30 - 2015-07-10 04:20 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-11-02 07:29 - 2015-07-10 06:02 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-11-02 07:29 - 2015-07-10 04:36 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-11-02 07:29 - 2015-07-10 04:36 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-11-02 07:29 - 2015-07-10 04:26 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-11-02 07:29 - 2015-07-10 04:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-11-02 07:29 - 2015-07-10 04:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-11-02 07:29 - 2015-07-10 04:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-11-02 06:49 - 2012-10-20 20:24 - 00008192 __RSH C:\BOOTSECT.BAK
2015-11-02 06:47 - 2009-07-14 05:45 - 00022656 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-02 06:47 - 2009-07-14 05:45 - 00022656 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-02 06:16 - 2015-09-10 07:55 - 00000000 ___HD C:\$Windows.~BT
2015-10-23 10:30 - 2012-12-26 14:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-22 14:21 - 2012-12-25 18:40 - 00000000 ____D C:\ProgramData\Skype
2015-10-16 13:22 - 2012-10-20 21:49 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-16 13:18 - 2013-02-11 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
==================== Files in the root of some directories =======
2015-11-06 20:10 - 2015-11-06 20:10 - 0000000 _____ () C:\Program Files (x86)\Apple Software Update
2015-11-06 20:10 - 2015-11-06 20:10 - 0000000 _____ () C:\Program Files (x86)\SuperTintin for Skype
2015-11-06 20:10 - 2015-11-06 20:10 - 0000000 _____ () C:\Program Files (x86)\TomTom HOME 2
2013-08-28 22:29 - 2013-09-01 11:30 - 0000052 _____ () C:\Users\NOSTROMO\AppData\Roaming\WB.CFG
2013-08-28 22:29 - 2013-09-01 11:30 - 0000005 _____ () C:\Users\NOSTROMO\AppData\Roaming\WBPU-TTL.DAT
Some files in TEMP:
====================
C:\Users\NOSTROMO\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-02 07:39
==================== End of FRST.txt ============================
Ran by NOSTROMO (administrator) on NOSTROMO-PC (07-11-2015 17:45:31)
Running from C:\Users\NOSTROMO\Desktop
Loaded Profiles: NOSTROMO (Available Profiles: NOSTROMO)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) D:\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(TomTom) D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVAST Software) D:\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-12-21] (Alcor Micro Corp.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-11-02] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\Run: [icq] => C:\Users\NOSTROMO\AppData\Roaming\ICQM\icq.exe [34947592 2014-08-19] (ICQ)
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\...\RunOnce: [Uninstall C:\Users\NOSTROMO\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\NOSTROMO\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Avast\ashShA64.dll [2015-09-29] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b6544d7f-7f3b-4fff-a411-88f902b30126}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKU\S-1-5-21-3059860613-3158309770-3600734986-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-ww
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast\aswWebRepIE64.dll [2015-09-12] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast\aswWebRepIE.dll [2015-09-12] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Avast\WebRep\FF [2015-09-29] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
Chrome:
=======
CHR Profile: C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-02]
CHR Extension: (Avast Online Security) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-07]
CHR Extension: (Skype Click to Call) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\NOSTROMO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - D:\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-12]
CHR HKLM-x32\...\Chrome\Extension: [fgjhclagfljhianddbigacbhmbipokjl] - C:\ProgramData\SaveByclick\fgjhclagfljhianddbigacbhmbipokjl.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; D:\Avast\AvastSvc.exe [146600 2015-09-29] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-11-02] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-11-02] (Synaptics Incorporated)
R2 TomTomHOMEService; D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93040 2014-12-19] (TomTom)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-11-02] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-11-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-29] (AVAST Software)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-11-02] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-11-02] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-07 17:44 - 2015-11-07 17:44 - 00016148 _____ C:\WINDOWS\system32\NOSTROMO-PC_NOSTROMO_HistoryPrediction.bin
2015-11-07 13:12 - 2015-11-07 13:12 - 01713664 _____ C:\Users\NOSTROMO\Desktop\adwcleaner_5.018.exe
2015-11-07 12:45 - 2015-11-07 12:46 - 00029939 _____ C:\Users\NOSTROMO\Desktop\Addition.txt
2015-11-07 12:44 - 2015-11-07 17:45 - 00015071 _____ C:\Users\NOSTROMO\Desktop\FRST.txt
2015-11-07 12:43 - 2015-11-07 17:45 - 00000000 ____D C:\FRST
2015-11-07 12:43 - 2015-11-07 12:43 - 00015327 _____ C:\Users\NOSTROMO\Desktop\LM.bat
2015-11-07 12:41 - 2015-11-07 12:43 - 00112640 _____ (forum.viry.cz) C:\Users\NOSTROMO\Desktop\FRSTLauncher.exe
2015-11-07 12:41 - 2015-11-07 12:41 - 00112640 _____ (forum.viry.cz) C:\Users\NOSTROMO\Downloads\Nepotvrzeno 706987.crdownload
2015-11-07 12:41 - 2015-11-07 12:41 - 00112640 _____ (forum.viry.cz) C:\Users\NOSTROMO\Downloads\Nepotvrzeno 442989.crdownload
2015-11-07 12:39 - 2015-11-07 12:54 - 02198528 _____ (Farbar) C:\Users\NOSTROMO\Desktop\FRST64.exe
2015-11-07 12:34 - 2015-11-07 12:34 - 00000711 _____ C:\Users\NOSTROMO\Desktop\Fotky – zástupce.lnk
2015-11-07 11:13 - 2015-11-07 11:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Users\NOSTROMO\Downloads\JAD8103_BASIC.exe
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Program Files (x86)\TomTom HOME 2
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Program Files (x86)\SuperTintin for Skype
2015-11-06 20:10 - 2015-11-06 20:10 - 00000000 _____ C:\Program Files (x86)\Apple Software Update
2015-11-06 20:09 - 2015-11-06 20:09 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-11-06 19:51 - 2015-11-06 19:51 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-11-03 12:50 - 2015-11-03 12:50 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Macromedia
2015-11-03 12:36 - 2015-11-03 12:37 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\Comms
2015-11-03 12:35 - 2015-11-03 12:35 - 00001710 _____ C:\Users\NOSTROMO\Desktop\Pošta.lnk
2015-11-02 18:30 - 2015-11-02 18:30 - 00000436 _____ C:\Users\NOSTROMO\Desktop\Tento počítač – zástupce.lnk
2015-11-02 18:13 - 2015-11-07 12:41 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\MicrosoftEdge
2015-11-02 17:45 - 2015-11-02 17:46 - 00002412 _____ C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 17:45 - 2015-11-02 17:46 - 00000000 ___RD C:\Users\NOSTROMO\OneDrive
2015-11-02 17:35 - 2015-11-02 17:35 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\Publishers
2015-11-02 17:34 - 2015-11-02 17:34 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\NetworkTiles
2015-11-02 17:32 - 2015-07-09 20:39 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-11-02 17:32 - 2015-07-09 20:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-11-02 17:32 - 2015-07-09 20:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-11-02 17:32 - 2015-07-09 20:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-11-02 17:32 - 2015-07-09 20:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-11-02 17:31 - 2015-11-02 17:31 - 00001051 _____ C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2015-11-02 08:11 - 2015-11-02 08:11 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-11-02 08:11 - 2015-11-02 08:11 - 00255176 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo29.dll
2015-11-02 08:11 - 2015-11-02 08:11 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-11-02 08:11 - 2015-11-02 08:11 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-11-02 08:10 - 2015-11-02 08:10 - 00042328 _____ (Lenovo Corporation) C:\WINDOWS\system32\Drivers\AcpiVpc.sys
2015-11-02 08:07 - 2015-11-07 13:33 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\Packages
2015-11-02 08:07 - 2015-11-02 08:07 - 00000020 ___SH C:\Users\NOSTROMO\ntuser.ini
2015-11-02 08:07 - 2015-11-02 08:07 - 00000000 ____D C:\Users\NOSTROMO\AppData\Local\TileDataLayer
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Šablony
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Poslední
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Okolní síť
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Dokumenty
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\Data aplikací
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-02 08:02 - 2015-11-02 08:02 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2015-11-02 08:00 - 2015-11-02 08:00 - 00022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-11-02 07:53 - 2015-11-02 07:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-02 07:49 - 2015-11-02 07:49 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-11-02 07:47 - 2015-11-03 13:09 - 00000000 ____D C:\Users\NOSTROMO
2015-11-02 07:47 - 2015-11-02 08:07 - 00000000 ___RD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Šablony
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Soubory cookie
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Poslední
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Okolní tiskárny
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Okolní síť
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Nabídka Start
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Dokumenty
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Documents\Obrázky
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Documents\Hudba
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Documents\Filmy
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\Data aplikací
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-02 07:47 - 2015-11-02 07:47 - 00000000 _SHDL C:\Users\NOSTROMO\AppData\Local\Data aplikací
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 __RSD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-02 07:47 - 2015-07-30 23:42 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-02 07:45 - 2015-11-07 17:03 - 02030050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-02 07:45 - 2015-11-02 07:46 - 00021209 _____ C:\WINDOWS\iis.log
2015-11-02 07:45 - 2015-11-02 07:45 - 01940726 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-11-02 07:43 - 2015-11-02 07:43 - 00000000 ____D C:\Program Files (x86)\USB Camera
2015-11-02 07:42 - 2015-11-02 07:43 - 00000529 _____ C:\WINDOWS\Synaptics.PD.log
2015-11-02 07:42 - 2015-11-02 07:43 - 00000529 _____ C:\WINDOWS\Synaptics.log
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files\Synaptics
2015-11-02 07:41 - 2015-11-02 07:41 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-11-02 07:41 - 2015-11-02 07:41 - 00000000 ____D C:\Program Files\Realtek
2015-11-02 07:39 - 2015-11-02 07:40 - 00023141 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-11-02 07:38 - 2015-11-02 08:07 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-02 07:37 - 2015-11-02 07:45 - 00000000 __SHD C:\Recovery
2015-11-02 07:34 - 2015-11-02 07:34 - 00000000 ____D C:\Windows.old
2015-11-02 07:33 - 2015-11-02 07:33 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-11-02 07:30 - 2015-11-02 07:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\Program Files\MSBuild
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-11-02 07:30 - 2015-11-02 07:30 - 00000000 ____D C:\inetpub
2015-11-02 07:29 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-11-02 07:29 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-02 07:29 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-11-02 07:28 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-11-02 07:28 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-02 07:28 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-11-02 06:49 - 2015-03-27 22:33 - 00000001 ___SH C:\BOOTNXT
2015-11-02 06:45 - 2015-11-02 08:01 - 00006537 _____ C:\WINDOWS\comsetup.log
2015-11-02 06:42 - 2015-11-02 08:01 - 00010442 _____ C:\WINDOWS\diagerr.xml
2015-11-02 06:42 - 2015-11-02 08:01 - 00009528 _____ C:\WINDOWS\diagwrn.xml
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-07 17:35 - 2014-04-02 10:17 - 00000952 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a.job
2015-11-07 17:22 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-07 17:03 - 2015-09-10 06:05 - 00840160 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-07 17:03 - 2015-09-10 06:05 - 00191114 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-07 17:00 - 2015-07-30 22:50 - 00026786 _____ C:\WINDOWS\setupact.log
2015-11-07 16:09 - 2012-12-26 18:15 - 00000000 ____D C:\Users\NOSTROMO\Documents\Soubory aplikace Outlook
2015-11-07 13:33 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-07 13:26 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-07 13:24 - 2012-10-20 20:26 - 00003536 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-11-07 13:22 - 2012-10-20 19:27 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-07 13:20 - 2012-10-20 20:06 - 00000948 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 13:18 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-07 13:17 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-07 13:16 - 2013-09-01 17:05 - 00000000 ____D C:\AdwCleaner
2015-11-07 11:54 - 2012-12-25 18:41 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Skype
2015-11-06 19:52 - 2013-11-10 15:42 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-11-06 19:52 - 2013-11-10 15:42 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-11-06 19:46 - 2014-01-23 11:33 - 00004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BBB860A7-8F9D-420A-8B1C-6193EF0075BF}
2015-11-06 19:32 - 2015-09-12 13:57 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-11-06 19:32 - 2015-09-12 13:57 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-11-03 13:09 - 2012-12-26 17:45 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\ICQ
2015-11-03 12:34 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\appcompat
2015-11-02 18:01 - 2015-09-09 21:32 - 00001872 _____ C:\WINDOWS\PFRO.log
2015-11-02 17:33 - 2015-09-10 06:09 - 00000000 ____D C:\WINDOWS\OCR
2015-11-02 17:26 - 2015-07-30 22:49 - 00332720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-02 08:11 - 2015-08-21 20:18 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-11-02 08:11 - 2015-08-21 20:18 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-11-02 08:11 - 2015-08-21 20:18 - 00613576 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-11-02 08:11 - 2015-08-21 20:18 - 00267976 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-11-02 08:11 - 2015-08-21 20:18 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-11-02 08:10 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Registration
2015-11-02 08:06 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-11-02 08:02 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Windows NT
2015-11-02 08:02 - 2015-07-10 10:47 - 00000000 __RHD C:\Users\Default
2015-11-02 08:01 - 2015-09-12 13:57 - 00004234 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-02 08:01 - 2014-12-26 11:07 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-02 08:01 - 2014-04-02 10:17 - 00004058 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a
2015-11-02 08:01 - 2013-08-28 21:51 - 00002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-02 08:01 - 2013-08-28 21:45 - 00003300 _____ C:\WINDOWS\System32\Tasks\{1EDAD3D7-3C1D-4C80-A46E-9BA035709BE5}
2015-11-02 08:01 - 2013-08-20 15:37 - 00003102 _____ C:\WINDOWS\System32\Tasks\{49D8D266-A7DE-4544-9E34-988B3FAD5294}
2015-11-02 08:01 - 2013-07-23 08:50 - 00003200 _____ C:\WINDOWS\System32\Tasks\{01FD7442-EDDB-41C6-BB10-B922175DAADF}
2015-11-02 08:01 - 2013-07-23 08:49 - 00003156 _____ C:\WINDOWS\System32\Tasks\{CC33DA33-E6BF-4BC7-9064-0391869D65F6}
2015-11-02 08:01 - 2012-10-20 20:06 - 00003806 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-02 08:00 - 2015-07-30 23:42 - 00000000 __RSD C:\WINDOWS\Media
2015-11-02 08:00 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-02 07:54 - 2015-09-12 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-11-02 07:54 - 2015-09-10 06:20 - 00000000 ____D C:\WINDOWS\ShellNew
2015-11-02 07:54 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:54 - 2015-07-25 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jetAudio
2015-11-02 07:54 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-02 07:54 - 2015-03-29 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-11-02 07:54 - 2014-07-29 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-02 07:54 - 2014-07-22 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-11-02 07:54 - 2014-04-03 18:24 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-11-02 07:54 - 2013-09-01 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICatch (VI) PC Camera
2015-11-02 07:54 - 2013-08-28 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-11-02 07:54 - 2012-12-26 18:06 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-02 07:54 - 2012-12-26 14:40 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CZShare
2015-11-02 07:54 - 2012-12-25 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-11-02 07:54 - 2012-10-20 20:11 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-02 07:54 - 2012-10-20 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-02 07:54 - 2012-10-20 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-11-02 07:54 - 2012-10-20 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-02 07:54 - 2012-10-20 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-02 07:53 - 2015-07-30 23:43 - 00005307 _____ C:\WINDOWS\DtcInstall.log
2015-11-02 07:53 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:53 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 07:53 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-02 07:51 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\IME
2015-11-02 07:51 - 2013-08-16 07:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-02 07:51 - 2012-12-25 15:50 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-11-02 07:50 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\schemas
2015-11-02 07:50 - 2012-12-25 15:38 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-11-02 07:49 - 2015-08-21 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-02 07:49 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-02 07:49 - 2013-11-10 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-02 07:49 - 2012-12-25 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-11-02 07:49 - 2009-07-14 16:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-02 07:49 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-02 07:49 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-02 07:48 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-11-02 07:48 - 2012-12-25 16:42 - 00000000 ____D C:\Users\NOSTROMO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spacejock Software
2015-11-02 07:45 - 2015-07-10 10:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-11-02 07:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\System
2015-11-02 07:38 - 2015-07-30 23:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-11-02 07:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-11-02 07:30 - 2015-07-10 06:13 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-11-02 07:30 - 2015-07-10 04:36 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-11-02 07:30 - 2015-07-10 04:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-11-02 07:30 - 2015-07-10 04:36 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-11-02 07:30 - 2015-07-10 04:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-11-02 07:30 - 2015-07-10 04:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-11-02 07:30 - 2015-07-10 04:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-11-02 07:30 - 2015-07-10 04:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-11-02 07:30 - 2015-07-10 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-11-02 07:30 - 2015-07-10 04:20 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-11-02 07:29 - 2015-07-10 06:02 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-11-02 07:29 - 2015-07-10 04:36 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-11-02 07:29 - 2015-07-10 04:36 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-11-02 07:29 - 2015-07-10 04:26 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-11-02 07:29 - 2015-07-10 04:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-11-02 07:29 - 2015-07-10 04:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-11-02 07:29 - 2015-07-10 04:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-11-02 06:49 - 2012-10-20 20:24 - 00008192 __RSH C:\BOOTSECT.BAK
2015-11-02 06:47 - 2009-07-14 05:45 - 00022656 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-02 06:47 - 2009-07-14 05:45 - 00022656 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-02 06:16 - 2015-09-10 07:55 - 00000000 ___HD C:\$Windows.~BT
2015-10-23 10:30 - 2012-12-26 14:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-22 14:21 - 2012-12-25 18:40 - 00000000 ____D C:\ProgramData\Skype
2015-10-16 13:22 - 2012-10-20 21:49 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-16 13:18 - 2013-02-11 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
==================== Files in the root of some directories =======
2015-11-06 20:10 - 2015-11-06 20:10 - 0000000 _____ () C:\Program Files (x86)\Apple Software Update
2015-11-06 20:10 - 2015-11-06 20:10 - 0000000 _____ () C:\Program Files (x86)\SuperTintin for Skype
2015-11-06 20:10 - 2015-11-06 20:10 - 0000000 _____ () C:\Program Files (x86)\TomTom HOME 2
2013-08-28 22:29 - 2013-09-01 11:30 - 0000052 _____ () C:\Users\NOSTROMO\AppData\Roaming\WB.CFG
2013-08-28 22:29 - 2013-09-01 11:30 - 0000005 _____ () C:\Users\NOSTROMO\AppData\Roaming\WBPU-TTL.DAT
Some files in TEMP:
====================
C:\Users\NOSTROMO\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-02 07:39
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu, Strešně pomalý noťas
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
CHR HKLM-x32\...\Chrome\Extension: [fgjhclagfljhianddbigacbhmbipokjl] - C:\ProgramData\SaveByclick\fgjhclagfljhianddbigacbhmbipokjl.crx <not found>
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a
C:\Users\NOSTROMO\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu, Strešně pomalý noťas
Fix result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by NOSTROMO (2015-11-07 19:29:34) Run:1
Running from C:\Users\NOSTROMO\Desktop
Loaded Profiles: NOSTROMO (Available Profiles: NOSTROMO)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
CHR HKLM-x32\...\Chrome\Extension: [fgjhclagfljhianddbigacbhmbipokjl] - C:\ProgramData\SaveByclick\fgjhclagfljhianddbigacbhmbipokjl.crx <not found>
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a
C:\Users\NOSTROMO\AppData\Local\Temp
End
*****************
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fgjhclagfljhianddbigacbhmbipokjl" => key removed successfully
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
idsvc => service removed successfully
wpcsvc => service removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a => moved successfully
C:\Users\NOSTROMO\AppData\Local\Temp => moved successfully
The system needed a reboot.
==== End of Fixlog 19:29:45 ====
Ran by NOSTROMO (2015-11-07 19:29:34) Run:1
Running from C:\Users\NOSTROMO\Desktop
Loaded Profiles: NOSTROMO (Available Profiles: NOSTROMO)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
CHR HKLM-x32\...\Chrome\Extension: [fgjhclagfljhianddbigacbhmbipokjl] - C:\ProgramData\SaveByclick\fgjhclagfljhianddbigacbhmbipokjl.crx <not found>
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a
C:\Users\NOSTROMO\AppData\Local\Temp
End
*****************
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fgjhclagfljhianddbigacbhmbipokjl" => key removed successfully
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
idsvc => service removed successfully
wpcsvc => service removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf4e54633bf79a => moved successfully
C:\Users\NOSTROMO\AppData\Local\Temp => moved successfully
The system needed a reboot.
==== End of Fixlog 19:29:45 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu, Strešně pomalý noťas
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu, Strešně pomalý noťas
Děkuji, je to o velké poznání rychlejší. Děkuji za pomoc a čas. R. 
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu, Strešně pomalý noťas
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?