zapnuta funkce obnovení (bez bodu), odinst Java, zde je log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-11-2015
Ran by User (administrator) on PC-DOMA (24-11-2015 17:43:07)
Running from C:\Users\User\Desktop
Loaded Profiles: User & jokap_000 (Available Profiles: User & jokap_000)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Promethean Technologies Group Ltd) C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
() C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15361.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [ActivControl] => C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe [1233704 2010-03-23] (Promethean Technologies Group Ltd)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-01] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1323776 2014-09-24] (Bogdan Sharkov)
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKU\S-1-5-21-1922288985-3080455679-864892862-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jokap_000\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1922288985-3080455679-864892862-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jokap_000\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1922288985-3080455679-864892862-1005\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk [2014-11-26]
ShortcutTarget: Device Detector 3.lnk -> C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.)
Startup: C:\Users\jokap_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2015-02-27]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2014-04-09]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{43d41386-4362-4c04-8fe4-029f269b67e2}: [DhcpNameServer] 10.24.2.1 10.0.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1922288985-3080455679-864892862-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.seznam.cz/?clid=16194
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://
www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1001 -> {871612CB-B585-4228-9E7E-51DA23183C46} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1005 -> {1CAB2FF4-C45E-432C-8D0C-AAC418D9AFC7} URL = hxxp://
www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1005 -> {289EA65F-912D-4C06-905D-06EF44420CB6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1005 -> {2E4C6D28-512B-4054-A715-79E1FB339F30} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1005 -> {61263693-2719-47C1-B3D8-3FE7404FDAF7} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1005 -> {7670BA68-5485-4526-B2F2-FF3DEE7599EF} URL = hxxp://
www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1005 -> {837CAB37-955A-4737-B5FA-19C259CD9934} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1005 -> {A7877AD7-15BE-4E6F-88C8-4AF347BA3ABC} URL = hxxp://
www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1005 -> {C92BFD08-7FBA-4821-A663-16AD94D4330E} URL = hxxp://
www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-1922288985-3080455679-864892862-1005 -> {D86B80CD-6D6C-4DA3-B901-D8D83EA4DDA9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default
FF DefaultSearchUrl: hxxp://
www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.3:
FF Homepage: hxxps://accounts.google.com/ServiceLogin?service=mail&continue=hxxps://mail.google.com/mail/&hl=cs
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] ( )
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll [No File]
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1922288985-3080455679-864892862-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1922288985-3080455679-864892862-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jokap_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-13] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\searchplugins\privitize.xml [2015-01-17]
FF Extension: FlashGot - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-05-27]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.google.com/
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Dokumenty Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-27]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Vyhledávání Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Tabulky Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-29]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-12] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-01] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-01] (BlueStack Systems, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ActivHidSerMini; C:\Windows\System32\drivers\activhidsermini.sys [65152 2009-05-05] (Promethean Technologies Ltd)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-24] (Avira Operations GmbH & Co. KG)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-01] (BlueStack Systems)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 prmvmouse; C:\Windows\System32\drivers\activmouse.sys [8152 2009-10-05] (Promethean Technologies Ltd)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] ()
S3 VNUSB; C:\Windows\System32\Drivers\VNUSB.sys [22528 2009-09-29] (OLYMPUS IMAGING CORP.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-24 17:43 - 2015-11-24 17:43 - 00024325 _____ C:\Users\User\Desktop\FRST.txt
2015-11-24 17:39 - 2015-11-24 13:14 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2015-11-24 17:37 - 2015-11-24 17:37 - 00016148 _____ C:\WINDOWS\system32\PC-DOMA_User_HistoryPrediction.bin
2015-11-24 13:28 - 2015-11-24 13:28 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-24 13:21 - 2015-11-24 13:21 - 00000000 ____D C:\Users\User\Desktop\FRST-OlderVersion
2015-11-23 23:13 - 2015-11-23 23:13 - 00016148 _____ C:\WINDOWS\system32\PC-DOMA_jokap_000_HistoryPrediction.bin
2015-11-23 22:26 - 2015-11-23 22:26 - 00000000 _____ C:\Program Files (x86)\gta-san-andreas-crack
2015-11-23 22:26 - 2015-11-23 22:26 - 00000000 _____ C:\Program Files (x86)\Free Screen Recorder
2015-11-23 22:18 - 2015-11-23 22:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-11-23 22:15 - 2015-11-23 22:15 - 00000000 ____D C:\Users\User\AppData\Local\PackageAware
2015-11-23 22:07 - 2015-11-23 22:07 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2015-11-23 14:52 - 2015-11-23 21:36 - 00000000 ____D C:\AdwCleaner
2015-11-23 13:10 - 2015-11-23 13:08 - 01733632 _____ C:\Users\User\Desktop\AdwCleaner.exe
2015-11-22 09:44 - 2015-11-22 09:49 - 00000000 ____D C:\Users\User\Desktop\vice soboru
2015-11-21 13:20 - 2015-11-24 17:43 - 00000000 ____D C:\FRST
2015-11-21 13:10 - 2015-11-24 13:21 - 02348544 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-11-20 21:50 - 2015-11-20 21:50 - 00000000 ____D C:\Users\jokap_000\AppData\LocalLow\Luminy Studios
2015-11-20 20:54 - 2015-11-20 20:54 - 00000222 _____ C:\Users\jokap_000\Desktop\Bloodwood Reload.url
2015-11-16 22:05 - 2015-11-16 22:06 - 00000000 ____D C:\Users\jokap_000\Desktop\hlavka
2015-11-14 21:30 - 2015-11-14 23:01 - 01471242 _____ C:\Users\jokap_000\Downloads\Excision & Datsik - Swagga (1).mp3.opdownload
2015-11-12 15:01 - 2015-11-12 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-12 15:01 - 2015-11-12 15:01 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-11 17:52 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 17:52 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 17:52 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 17:52 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 17:52 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 17:52 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 17:52 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 17:52 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 17:52 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 17:52 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 17:52 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 17:52 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 17:52 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 17:52 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 17:52 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 17:52 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 17:52 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 17:52 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 17:52 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 17:52 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 17:52 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 17:52 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 17:52 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 17:52 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 17:52 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 17:52 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 17:52 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 17:52 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 17:52 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 17:52 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 17:52 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 17:52 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 17:52 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 17:52 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 17:52 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 17:52 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 17:52 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 17:52 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 17:52 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 17:52 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 17:52 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 17:52 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 17:52 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 17:52 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 17:52 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 17:52 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 17:52 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 17:52 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 17:52 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 17:52 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 17:52 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 17:52 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 17:52 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-08 18:43 - 2015-11-08 18:44 - 00000000 ____D C:\Users\TEMP.PC-DOMA.001
2015-11-08 18:43 - 2015-11-08 18:43 - 00000000 ____D C:\Users\TEMP.PC-DOMA.001\AppData\Local\TileDataLayer
2015-10-30 11:44 - 2015-10-30 11:44 - 00001030 _____ C:\Users\User\Desktop\MP4 Converter.lnk
2015-10-30 11:44 - 2015-10-30 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4 Converter
2015-10-30 11:43 - 2015-10-30 11:44 - 00000000 ____D C:\Program Files (x86)\MP4 Converter
2015-10-30 11:43 - 2015-10-30 11:43 - 02782113 _____ (mp4-converter.com ) C:\Users\jokap_000\Downloads\mp4cset.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-24 17:42 - 2014-10-22 13:05 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-24 17:41 - 2015-08-06 14:58 - 01765712 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-24 17:41 - 2015-07-10 17:02 - 00746444 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-24 17:41 - 2015-07-10 17:02 - 00149880 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-24 17:30 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-24 17:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-11-24 17:17 - 2014-11-16 13:34 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-24 13:28 - 2015-01-31 08:11 - 00000829 _____ C:\Users\User\rgut
2015-11-24 13:27 - 2014-10-22 13:05 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-24 13:27 - 2014-06-14 15:44 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn Hamachi
2015-11-24 13:26 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-24 13:26 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-24 13:17 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-24 13:17 - 2014-03-13 15:44 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-11-24 13:12 - 2014-03-13 14:30 - 00004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4C6D52C8-5349-4374-9EBF-60F50FD82937}
2015-11-23 23:42 - 2015-05-27 20:11 - 00000000 ____D C:\Users\User\AppData\Roaming\AIMP3
2015-11-23 23:13 - 2015-02-20 21:52 - 00000000 ___RD C:\Users\jokap_000\OneDrive
2015-11-23 23:13 - 2014-03-23 19:52 - 00000000 ____D C:\ProgramData\Skype
2015-11-23 22:29 - 2015-02-20 21:50 - 00000000 ____D C:\Users\jokap_000\AppData\Local\Packages
2015-11-23 22:16 - 2015-05-15 19:47 - 00000000 ____D C:\ProgramData\Apple Computer
2015-11-23 22:16 - 2014-11-29 20:59 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-11-23 22:15 - 2014-11-08 07:57 - 00000000 ____D C:\Users\User\AppData\Local\Mixxx
2015-11-23 22:07 - 2015-05-11 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-11-23 22:07 - 2015-05-11 13:56 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-11-23 22:07 - 2014-06-07 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-11-23 22:06 - 2014-03-23 19:52 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-11-23 22:01 - 2015-02-20 21:53 - 00000000 ____D C:\Users\jokap_000\AppData\Roaming\Seznam.cz
2015-11-23 22:00 - 2015-02-27 19:20 - 00000000 ____D C:\Users\jokap_000\AppData\Roaming\Skype
2015-11-23 21:57 - 2015-02-20 21:54 - 00000829 _____ C:\Users\jokap_000\rgut
2015-11-23 21:56 - 2015-03-30 19:31 - 00000000 ____D C:\Users\jokap_000\AppData\Local\Adobe
2015-11-23 21:56 - 2015-02-20 21:53 - 00000000 ____D C:\Users\jokap_000\AppData\Local\LogMeIn Hamachi
2015-11-23 21:33 - 2014-03-13 14:11 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2015-11-23 21:29 - 2014-03-13 14:52 - 00000000 ____D C:\Program Files\WinRAR
2015-11-23 15:21 - 2014-03-13 14:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-23 15:18 - 2014-11-28 20:58 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2015-11-23 15:16 - 2015-03-11 21:14 - 00000000 ____D C:\ProgramData\Synetic
2015-11-23 15:15 - 2015-05-15 19:47 - 00000000 ____D C:\ProgramData\Apple
2015-11-23 15:10 - 2014-11-14 20:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-11-23 15:09 - 2014-11-14 20:31 - 00000000 ____D C:\Program Files (x86)\DSPRobotics
2015-11-23 15:07 - 2014-11-28 21:18 - 00000000 ____D C:\Program Files\NewBlue
2015-11-23 15:07 - 2014-11-28 21:18 - 00000000 ____D C:\Program Files (x86)\NewBlue
2015-11-23 15:03 - 2014-06-07 16:34 - 00000000 ____D C:\The KMPlayer
2015-11-23 14:51 - 2014-12-25 20:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Seznam.cz
2015-11-23 14:49 - 2015-05-26 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vovoid VSXu 0.5.0
2015-11-23 14:47 - 2015-02-13 20:27 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live
2015-11-22 23:07 - 2015-05-27 20:11 - 00000000 ____D C:\Users\jokap_000\AppData\Roaming\AIMP3
2015-11-22 20:37 - 2015-02-28 09:43 - 00000000 ____D C:\Users\jokap_000\AppData\Local\Paint.NET
2015-11-22 20:34 - 2015-02-27 21:41 - 00006656 _____ C:\Users\jokap_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-22 19:46 - 2015-02-28 06:58 - 00000000 ____D C:\Users\jokap_000\AppData\Roaming\Audacity
2015-11-22 19:10 - 2015-02-20 21:54 - 00004202 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{306E9E6C-E1C0-4309-AA94-18AFDCCC18FB}
2015-11-19 20:29 - 2015-07-23 20:32 - 00004174 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1437679936
2015-11-19 20:29 - 2015-07-23 20:32 - 00001469 _____ C:\Users\jokap_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-19 17:37 - 2014-06-03 15:54 - 00003938 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396102601
2015-11-19 17:37 - 2014-03-29 15:16 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-19 17:37 - 2014-03-29 15:16 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-17 20:54 - 2015-05-08 18:28 - 00000000 ____D C:\Users\jokap_000\AppData\Roaming\.minecraft
2015-11-15 17:32 - 2015-07-10 13:20 - 05161488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-15 17:31 - 2014-04-06 13:57 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-11-15 17:08 - 2014-05-08 14:34 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-11-15 17:07 - 2014-04-02 16:47 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2015-11-13 15:56 - 2014-03-13 14:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 15:49 - 2014-03-13 14:50 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-13 13:30 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-12 16:07 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-12 16:07 - 2014-03-13 15:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-12 15:12 - 2014-06-01 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-09 19:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-09 18:43 - 2015-08-06 14:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-08 21:55 - 2015-04-02 20:24 - 00000132 _____ C:\Users\jokap_000\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-11-08 18:45 - 2014-03-20 14:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-08 12:38 - 2014-03-20 14:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-06 23:47 - 2015-08-06 14:50 - 00000000 ____D C:\Users\jokap_000
2015-11-06 17:17 - 2014-11-16 13:34 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-03 22:28 - 2015-10-10 06:41 - 00000000 ____D C:\Users\jokap_000\AppData\Roaming\OBS
2015-11-03 19:20 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 18:42 - 2015-08-06 18:03 - 00002392 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-03 18:42 - 2015-08-06 18:03 - 00000000 ___RD C:\Users\User\OneDrive
2015-11-02 22:26 - 2015-08-06 15:02 - 00002407 _____ C:\Users\jokap_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-30 22:40 - 2015-07-02 19:04 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 12:51 - 2015-04-29 17:32 - 00000000 ____D C:\Users\jokap_000\AppData\Roaming\Rainmeter
2015-10-26 19:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
==================== Files in the root of some directories =======
2015-08-07 11:23 - 2015-08-07 11:23 - 0000000 _____ () C:\Program Files (x86)\Euro Truck Simulator 2
2015-11-23 22:26 - 2015-11-23 22:26 - 0000000 _____ () C:\Program Files (x86)\Free Screen Recorder
2015-11-23 22:26 - 2015-11-23 22:26 - 0000000 _____ () C:\Program Files (x86)\gta-san-andreas-crack
2015-08-07 11:23 - 2015-08-07 11:23 - 0000000 _____ () C:\Program Files (x86)\Nodebeat
2015-08-07 11:23 - 2015-08-07 11:23 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2014-03-24 20:38 - 2014-05-10 15:28 - 0000096 _____ () C:\Users\User\AppData\Roaming\Camdata.ini
2014-03-24 20:38 - 2014-05-10 15:28 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini
2014-03-24 20:38 - 2014-05-10 15:28 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini
2014-03-24 20:38 - 2014-05-10 15:28 - 0004535 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg
2014-03-24 20:38 - 2014-05-10 15:23 - 0000096 _____ () C:\Users\User\AppData\Roaming\version2.xml
2014-08-17 06:40 - 2015-03-15 18:06 - 0006656 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-14 20:21 - 2015-07-07 21:49 - 0007605 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2014-03-23 19:19 - 2014-03-23 19:21 - 0000317 _____ () C:\ProgramData\hpzinstall.log
2015-04-21 21:02 - 2015-04-21 21:02 - 0004966 _____ () C:\ProgramData\wmzddnmb.cix
Files to move or delete:
====================
C:\Users\User\xobglu16.dll
C:\Users\User\xobglu32.dll
Some files in TEMP:
====================
C:\Users\jokap_000\AppData\Local\Temp\avgnt.exe
C:\Users\jokap_000\AppData\Local\Temp\SkypeSetup.exe
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\User\AppData\Local\Temp\sqlite3.dll
C:\Users\User\AppData\Local\Temp\Uninstall.exe
C:\Users\User\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-22 17:29
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:118.9 GB) (Free:18.13 GB) NTFS
Drive d: (Data) (Fixed) (Total:465.76 GB) (Free:254.02 GB) NTFS
Drive g: (FLASH15) (Removable) (Total:15.09 GB) (Free:6.4 GB) FAT32
Available physical RAM: 2169.58 MB
Total physical RAM: 4038.31 MB
Percentage of memory in use: 46%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: CB709CCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F181D239)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows XP) (Size: 15.1 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=15.1 GB) - (Type=0C)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\25d35c485ebec9b18dd36cab9dfc:Win32App
AlternateDataStreams: C:\7c710bfa42cb0f00030d1ae9d3:Win32App
AlternateDataStreams: C:\ProgramData:Win32App
AlternateDataStreams: C:\The KMPlayer:Win32App
AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App
AlternateDataStreams: C:\Program Files\Classic Shell:Win32App
AlternateDataStreams: C:\Program Files\Defraggler:Win32App
AlternateDataStreams: C:\Program Files\Medicopter 4:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\SUPERAntiSpyware:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files\Zune:Win32App
AlternateDataStreams: C:\Program Files (x86)\Adobe:Win32App
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\BlueStacks:Win32App
AlternateDataStreams: C:\Program Files (x86)\CCleaner:Win32App
AlternateDataStreams: C:\Program Files (x86)\DVDVideoSoft:Win32App
AlternateDataStreams: C:\Program Files (x86)\Euro Truck Simulator 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Free Screen Recorder:Win32App
AlternateDataStreams: C:\Program Files (x86)\GameforgeLive:Win32App
AlternateDataStreams: C:\Program Files (x86)\GIGABYTE:Win32App
AlternateDataStreams: C:\Program Files (x86)\gta-san-andreas-crack:Win32App
AlternateDataStreams: C:\Program Files (x86)\K-Lite Codec Pack:Win32App
AlternateDataStreams: C:\Program Files (x86)\Kyodai Mahjongg 2006:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lame For Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\LogMeIn Hamachi:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Expression:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Office:Win32App
AlternateDataStreams: C:\Program Files (x86)\Mozilla Firefox:Win32App
AlternateDataStreams: C:\Program Files (x86)\MP4 Converter:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSBuild:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSXML 4.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\Nodebeat:Win32App
AlternateDataStreams: C:\Program Files (x86)\Opera:Win32App
AlternateDataStreams: C:\Program Files (x86)\PC Connectivity Solution:Win32App
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App
AlternateDataStreams: C:\Program Files (x86)\SystemRequirementsLab:Win32App
AlternateDataStreams: C:\WINDOWS\My Product Name:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64\Adobe:Win32App
AlternateDataStreams: C:\Users\All Users:Win32App
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\ProgramData\Application Data:Win32App
AlternateDataStreams: C:\ProgramData\BlueStacks:Win32App
AlternateDataStreams: C:\ProgramData\Data aplikací:Win32App
AlternateDataStreams: C:\ProgramData\Microsoft:Win32App
AlternateDataStreams: C:\ProgramData\regid.1995-08.com.techsmith:Win32App
AlternateDataStreams: C:\ProgramData\TechSmith:Win32App
AlternateDataStreams: C:\Users\jokap_000\AppData\Local\Temp:Win32App
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:Win32App
==================== Security Center ==================
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\User\Desktop" je 20 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Pokud je Vas log dlouhy a nevejde se do jednoho prispevku (je delsi nez 10.000 znaku), pridejte do nazvu tematu informaci o tom, ze je log dlouhy a je rozdelen do vice casti (napr. "virus, 3 posty"). Primarne resime temata bez odpovedi, takze ve Vasem pripade to vypada, ze se Vam jiz nektery z kolegu venuje a tema snadno zapadne.
radši se ptám.
