Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by Kateřina (administrator) on KATEŘINA-NB (19-01-2016 23:55:25)
Running from C:\Users\Kateřina\Desktop
Loaded Profiles: Kateřina (Available Profiles: Kateřina & test & Internet)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(The Privoxy team -
http://www.privoxy.org) C:\Program Files (x86)\Jelbruss Secure Web\privoxy.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Kateřina\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kateřina\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8114720 2009-09-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [198160 2010-12-01] (RealNetworks, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\Run: [fsm] => [X]
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kateřina\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kateřina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\Run: [Hoolapp Android] => "C:\Users\KATEIN~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\Run: [ICQ] => C:\Program Files (x86)\ICQ7.2\ICQ.exe [133432 2011-01-05] (ICQ, LLC.)
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\MountPoints2: {379d2040-133b-11e4-b833-806e6f6e6963} - F:\autorun.exe
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\MountPoints2: {aca4c9a8-3c0c-11e3-8451-20cf30341260} - E:\Startme.exe
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\...\MountPoints2: {f4971c47-ee92-11df-ae68-806e6f6e6963} - D:\InstAll.exe
HKU\S-1-5-21-1383477661-2345097757-157039919-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-27] (Microsoft Corporation)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-1383477661-2345097757-157039919-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-1383477661-2345097757-157039919-1001] => 127.0.0.1:8118
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{87AC7FB8-4AB7-4739-8A1F-78620EA8ECD7}: [DhcpNameServer] 195.113.139.94 195.113.136.35
Tcpip\..\Interfaces\{E424CA01-207F-49D3-A3F0-E96F44C990A6}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
URLSearchHook: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 -> {06D8CCDB-1E78-4528-B47F-55310EB1BC6B} URL = hxxp://
www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 -> {17B13BD1-43E8-4C9A-BDE5-A15A7DC22470} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 -> {5A66B3A6-26BC-4645-B0E9-2F5A4B5920C7} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 -> {71EB794C-6256-4762-9E9A-E42C840FF3F7} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 -> {74162FE7-373B-4C7D-A070-DF98AFC1C0C3} URL = hxxp://
www.firmy.cz/phr/{searchTerms}?sourceid ... arch_12454
SearchScopes: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 -> {D7EE0BB5-107A-4BF3-8789-9E1C51A26968} URL =
SearchScopes: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 -> {DA295DBF-7D4E-4A9C-B038-C6B05E2BCA95} URL = hxxp://
www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 -> {EBED24A3-98C0-4E36-9E63-3F8EECCC5B92} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-12-01] (RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07] (Oracle Corporation)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1383477661-2345097757-157039919-1001 -> No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll [2011-02-08] (AVG Technologies CZ, s.r.o.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll [2011-02-08] (AVG Technologies CZ, s.r.o.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Kateřina\AppData\Roaming\Mozilla\Firefox\Profiles\qlyt1jg4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2010-12-01] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=1.0.3.69 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2010-12-01] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll [2010-12-01] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-12-01] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2010-12-01] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-12-01] (RealNetworks, Inc.)
FF Extension: Adblock Plus - C:\Users\Kateřina\AppData\Roaming\Mozilla\Firefox\Profiles\qlyt1jg4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-23]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files (x86)\Real\RealPlayer\browserrecord
FF Extension: RealPlayer Browser Record Plugin - C:\Program Files (x86)\Real\RealPlayer\browserrecord [2010-12-01] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG10\Firefox4
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\Firefox4 [2014-12-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [avg@igeared] - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared => not found
Chrome:
=======
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (AVG Internet Security) - C:\Users\Kateřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Kateřina\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Kateřina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Kateřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kateřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-13]
CHR HKLM-x32\...\Chrome\Extension: [odbbfaealmlpnodchplhdomkgpdkeeal] - C:\Program Files (x86)\RebateInformer\Chrome\rebateinformer_c.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2710816 2014-11-04] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 PrivoxyService; C:\Program Files (x86)\Jelbruss Secure Web\privoxy.exe [371200 2016-01-18] (The Privoxy team -
http://www.privoxy.org) [File not signed] <==== ATTENTION
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57696 2010-07-12] (AVG Technologies CZ, s.r.o.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [312160 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [380192 2014-11-04] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-09-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-19] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-08-12] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-07-24] (Duplex Secure Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-19 23:55 - 2016-01-19 23:55 - 00021196 _____ C:\Users\Kateřina\Desktop\FRST.txt
2016-01-19 23:54 - 2016-01-19 23:55 - 00000000 ____D C:\FRST
2016-01-19 23:54 - 2016-01-19 23:03 - 00112640 ____N (forum.viry.cz) C:\Users\Kateřina\Desktop\FRSTLauncher.exe
2016-01-19 22:54 - 2016-01-19 22:54 - 00112640 _____ (forum.viry.cz) C:\Users\Kateřina\Downloads\Nepotvrzeno 909027.crdownload
2016-01-19 22:51 - 2016-01-19 22:51 - 00112640 _____ (forum.viry.cz) C:\Users\Kateřina\Downloads\Nepotvrzeno 397017.crdownload
2016-01-19 22:47 - 2016-01-19 22:47 - 00112640 _____ (forum.viry.cz) C:\Users\Kateřina\Downloads\Nepotvrzeno 176012.crdownload
2016-01-19 22:44 - 2016-01-19 22:44 - 02370560 _____ (Farbar) C:\Users\Kateřina\Desktop\FRST64.exe
2016-01-19 21:39 - 2016-01-19 21:40 - 00000000 ____D C:\rsit
2016-01-19 21:39 - 2016-01-19 21:39 - 00000000 ____D C:\Program Files\trend micro
2016-01-19 21:38 - 2016-01-19 21:38 - 01222144 _____ C:\Users\Kateřina\Downloads\RSITx64.exe
2016-01-19 12:50 - 2016-01-19 12:50 - 00001187 _____ C:\Users\KateáŁ
2016-01-18 22:54 - 2016-01-18 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renault Karosa Citybus 12M - Omnibus Simulator
2016-01-18 22:09 - 2016-01-18 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolní Kounice v2.0
2016-01-18 17:12 - 2016-01-19 12:50 - 00003292 _____ C:\Windows\System32\Tasks\Jelbruss Secure Web Task
2016-01-18 17:12 - 2016-01-18 17:12 - 00001187 _____ C:\Users\Kateá6
2016-01-18 17:12 - 2016-01-18 17:12 - 00000000 ____D C:\Program Files (x86)\Jelbruss Secure Web
2016-01-18 11:35 - 2016-01-19 21:21 - 00000000 ____D C:\OMSI 2
2016-01-16 10:45 - 2016-01-16 10:45 - 00053503 _____ C:\Users\Kateřina\Downloads\DPP SvP Vychovatel 2016 V.I.P..pdf
2016-01-16 10:44 - 2016-01-16 10:45 - 00050097 _____ C:\Users\Kateřina\Downloads\Instrukce_ke_smlouve_Vychovatel_2016.pdf
2016-01-16 10:44 - 2016-01-16 10:45 - 00039957 _____ C:\Users\Kateřina\Downloads\Dohoda_o_srazkach_z_odmeny_UNI_2016.pdf
2016-01-15 08:14 - 2016-01-15 08:14 - 00000921 _____ C:\Users\Kateřina\Downloads\export.csv
2016-01-13 19:06 - 2016-01-13 19:07 - 25068282 _____ C:\Users\Kateřina\Downloads\Citybus_Great_Grundorf.rar
2016-01-13 19:05 - 2016-01-13 19:05 - 00468886 _____ C:\Users\Kateřina\Downloads\Grundorf.7z
2016-01-10 19:36 - 2016-01-10 19:36 - 00007350 _____ C:\Users\Kateřina\Downloads\Twin Peaks (Angelo Badalamenti).mid
2016-01-10 19:35 - 2016-01-10 19:35 - 00013894 _____ C:\Users\Kateřina\Downloads\X-Files (Mark Snow).mid
2016-01-10 19:34 - 2016-01-10 19:34 - 00011997 _____ C:\Users\Kateřina\Downloads\Terminator (Brad Fiedel).mid
2016-01-10 19:33 - 2016-01-10 19:33 - 00030176 _____ C:\Users\Kateřina\Downloads\Starwars - The Rebel Fleet - End Title (John Williams).mid
2016-01-10 19:33 - 2016-01-10 19:33 - 00011226 _____ C:\Users\Kateřina\Downloads\Superman (John Williams).mid
2016-01-10 19:32 - 2016-01-10 19:32 - 00070831 _____ C:\Users\Kateřina\Downloads\Star Wars - Remix.mid
2016-01-10 19:31 - 2016-01-10 19:31 - 00013483 _____ C:\Users\Kateřina\Downloads\Star Trek - Next Generation (Dennis McCarthy).mid
2016-01-10 19:30 - 2016-01-10 19:30 - 00009521 _____ C:\Users\Kateřina\Downloads\Space Rangers (Hans Zimmer & Mark Mancina).mid
2016-01-10 19:29 - 2016-01-10 19:29 - 00039240 _____ C:\Users\Kateřina\Downloads\Simpsons (Danny Elfman).mid
2016-01-10 19:28 - 2016-01-10 19:28 - 00025926 _____ C:\Users\Kateřina\Downloads\Robin Hood (Michael Kamen).mid
2016-01-10 19:26 - 2016-01-10 19:26 - 00038699 _____ C:\Users\Kateřina\Downloads\Mission Impossible (Lalo Schifrin).mid
2016-01-10 19:25 - 2016-01-10 19:25 - 00023734 _____ C:\Users\Kateřina\Downloads\Mac Gyver (Randy Edelman).mid
2016-01-10 19:24 - 2016-01-10 19:24 - 00020413 _____ C:\Users\Kateřina\Downloads\Lion King - Hakuna Matata (Hans Zimmer).mid
2016-01-10 19:23 - 2016-01-10 19:23 - 00071575 _____ C:\Users\Kateřina\Downloads\Indiana Jones - Raiders March (John Williams).mid
2016-01-10 19:22 - 2016-01-10 19:22 - 00009709 _____ C:\Users\Kateřina\Downloads\Emergency Room Theme (James Newton Howard).mid
2016-01-10 19:20 - 2016-01-10 19:20 - 00036159 _____ C:\Users\Kateřina\Downloads\Crockett Theme.mid
2016-01-10 19:19 - 2016-01-10 19:19 - 00026015 _____ C:\Users\Kateřina\Downloads\Beetlejuce (Danny Elfman).mid
2016-01-10 19:17 - 2016-01-10 19:17 - 00006064 _____ C:\Users\Kateřina\Downloads\Armageddon (Trevor Jones).mid
2016-01-10 16:47 - 2016-01-10 16:47 - 00030029 _____ C:\Users\Kateřina\Downloads\Back To Future (Alan Silvestri).mid
2016-01-09 16:52 - 2016-01-09 16:52 - 00001233 _____ C:\Users\Public\Desktop\Dokumentace k mapě Dolní Kounice.lnk
2016-01-05 18:57 - 2016-01-18 17:12 - 00002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-05 18:55 - 2016-01-19 23:00 - 00000956 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-05 18:55 - 2016-01-19 19:00 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-05 18:55 - 2016-01-05 18:55 - 00927824 _____ (Google Inc.) C:\Users\Kateřina\Downloads\ChromeSetup(1).exe
2016-01-05 18:55 - 2016-01-05 18:55 - 00003952 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-05 18:55 - 2016-01-05 18:55 - 00003700 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-05 09:42 - 2016-01-05 09:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-04 22:12 - 2016-01-19 21:26 - 00003034 _____ C:\Windows\System32\Tasks\MSIAfterburner
2016-01-03 21:36 - 2016-01-03 21:36 - 00163367 _____ C:\Users\Kateřina\Downloads\Forrest_Gump.pdf
2016-01-01 14:16 - 2016-01-01 14:16 - 00460512 _____ C:\Users\Kateřina\Downloads\restaurace-kocanda-jidelni-napojovy-listek-se-seznamem-alergenu-2015-09.pdf
2016-01-01 13:53 - 2016-01-01 13:53 - 00763122 _____ C:\Users\Kateřina\Downloads\Na Rychte_jidelni listek_10_2015_CZ_web.pdf
2015-12-30 17:09 - 2015-12-30 17:09 - 00030845 _____ C:\Users\Kateřina\Downloads\MIDIrar.rar
2015-12-27 17:47 - 2015-12-27 17:47 - 00006908 _____ C:\Users\Kateřina\Downloads\00088-04.mid
2015-12-27 17:44 - 2015-12-27 17:44 - 00002819 _____ C:\Users\Kateřina\Downloads\00588-03.mid
2015-12-26 11:08 - 2015-12-26 11:08 - 00298398 _____ C:\Users\Kateřina\Downloads\20-Guitar_Pro-Drum_Patterns.zip
2015-12-25 11:48 - 2015-12-25 11:48 - 00030146 _____ C:\Users\Kateřina\Downloads\Frank_Sinatra_-_My_Way.mid
2015-12-24 11:32 - 2015-12-24 12:40 - 1218386282 _____ C:\Users\Kateřina\Downloads\Omsi-1.04(Full-Version).rar
2015-12-24 11:26 - 2015-12-24 11:26 - 01942458 _____ C:\Users\Kateřina\Downloads\fa66cw_764d_v100.zip
2015-12-24 11:23 - 2015-12-24 11:30 - 121929962 _____ C:\Users\Kateřina\Downloads\Nepotvrzeno 462501.crdownload
2015-12-23 13:51 - 2015-12-23 13:52 - 00927824 _____ (Google Inc.) C:\Users\Kateřina\Downloads\ChromeSetup.exe
2015-12-22 17:12 - 2016-01-19 12:50 - 00000055 _____ C:\Users\Kate
2015-12-22 08:37 - 2015-12-22 08:37 - 00000000 ____D C:\Users\Kateřina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-12-22 08:36 - 2015-12-22 08:37 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-12-22 08:36 - 2015-12-22 08:36 - 00001086 _____ C:\Users\Kateřina\Desktop\MSI Afterburner.lnk
2015-12-22 08:36 - 2015-12-22 08:36 - 00000000 ____D C:\Users\Kateřina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-12-22 08:35 - 2016-01-19 21:26 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-12-22 08:33 - 2015-12-22 08:34 - 38095191 _____ C:\Users\Kateřina\Downloads\[Guru3D]-MSIAfterburner.zip
2015-12-21 14:55 - 2015-12-21 14:57 - 76738918 _____ C:\Users\Kateřina\Downloads\Mercedes-O520-Cito-OMSI-v1.zip
2015-12-21 14:55 - 2015-12-21 14:55 - 00474787 _____ C:\Users\Kateřina\Downloads\Texture.zip
2015-12-21 13:54 - 2015-12-21 13:59 - 237804311 _____ C:\Users\Kateřina\Downloads\Karosa_B93X_1.1.rar
2015-12-21 13:50 - 2015-12-21 13:51 - 06937995 _____ C:\Users\Kateřina\Downloads\Zvuky.rar
2015-12-21 13:50 - 2015-12-21 13:50 - 00076924 _____ C:\Users\Kateřina\Downloads\IBIS-2.osc
2015-12-21 13:50 - 2015-12-21 13:50 - 00010470 _____ C:\Users\Kateřina\Downloads\B931_nafta.rar
2015-12-21 13:49 - 2015-12-21 13:53 - 180557025 _____ C:\Users\Kateřina\Downloads\Karosa_B931.rar
2015-12-21 13:47 - 2015-12-21 13:49 - 107667074 _____ C:\Users\Kateřina\Downloads\Karosa B732 1.0 (1).rar
2015-12-21 13:43 - 2015-12-21 13:43 - 22751163 _____ C:\Users\Kateřina\Downloads\SU_doors_15_10_mod_NightHauler.rar
2015-12-21 12:52 - 2015-12-21 12:52 - 00009135 _____ C:\Users\Kateřina\Downloads\VbusBlog.ru.rar
2015-12-21 12:49 - 2015-12-21 12:49 - 00000673 _____ C:\Users\Kateřina\Downloads\st01.rar
2015-12-21 12:38 - 2015-12-21 12:38 - 02403299 _____ C:\Users\Kateřina\Downloads\Sceneryobjects.rar
2015-12-21 12:36 - 2015-12-21 12:36 - 06560523 _____ C:\Users\Kateřina\Downloads\CZmod.rar
2015-12-21 11:31 - 2015-12-21 11:40 - 181994504 _____ C:\Users\Kateřina\Downloads\UL_objekty_vse (1).rar
2015-12-21 11:31 - 2015-12-21 11:39 - 160607402 _____ C:\Users\Kateřina\Downloads\ul_addon (1).rar
2015-12-21 11:31 - 2015-12-21 11:37 - 90149658 _____ C:\Users\Kateřina\Downloads\rencitybus.rar
2015-12-21 11:31 - 2015-12-21 11:32 - 09957213 _____ C:\Users\Kateřina\Downloads\patch_unl_map (1).rar
2015-12-21 11:31 - 2015-12-21 11:31 - 00046230 _____ C:\Users\Kateřina\Downloads\citybus_oth.rar
2015-12-21 11:31 - 2015-12-21 11:31 - 00019912 _____ C:\Users\Kateřina\Downloads\HOF_Usti (1).rar
2015-12-21 11:31 - 2015-12-21 11:31 - 00014461 _____ C:\Users\Kateřina\Downloads\patch_citybus.rar
2015-12-21 11:23 - 2015-12-21 11:27 - 73578015 _____ C:\Users\Kateřina\Downloads\Omsi2-Mercedes_o530G.7z
2015-12-20 17:51 - 2015-12-20 17:51 - 00000000 ____D C:\Users\Kateřina\Documents\REAPER Media
2015-12-20 15:39 - 2015-12-20 17:42 - 2201046572 _____ C:\Users\Kateřina\Downloads\OMSI-2-Karlovy-Vary-4.0-full-standart-version.7z
2015-12-20 15:34 - 2015-12-20 15:36 - 26782009 _____ C:\Users\Kateřina\Downloads\KAROSA_B952E.rar
2015-12-20 15:24 - 2015-12-20 18:27 - 00000000 ____D C:\Users\Kateřina\AppData\Roaming\REAPER
2015-12-20 15:21 - 2015-12-20 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER
2015-12-20 15:20 - 2015-12-21 10:40 - 00000000 ____D C:\Program Files (x86)\REAPER
2015-12-20 10:03 - 2015-12-20 10:03 - 00002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-12-20 10:03 - 2015-12-20 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-20 10:02 - 2016-01-04 22:12 - 00000000 ____D C:\Program Files\CCleaner
2015-12-20 10:01 - 2015-12-20 10:01 - 06805512 _____ (Piriform Ltd) C:\Users\Kateřina\Downloads\ccsetup512pro.exe
2015-12-20 09:15 - 2015-12-20 09:22 - 128180619 _____ C:\Users\Kateřina\Downloads\Irisbus_Citybus_18M.rar
2015-12-20 08:12 - 2015-12-20 08:14 - 70157388 _____ C:\Users\Kateřina\Downloads\IKARUS_280_02.7z
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-19 23:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-19 22:33 - 2015-08-13 14:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-19 12:49 - 2009-07-14 05:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-19 12:49 - 2009-07-14 05:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-19 12:46 - 2013-03-19 08:00 - 00000000 ____D C:\Users\Kateřina\AppData\Roaming\Seznam.cz
2016-01-19 12:44 - 2015-12-07 21:57 - 00003112 _____ C:\Windows\System32\Tasks\RDReminder
2016-01-19 12:40 - 2013-01-24 19:31 - 00000354 _____ C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2016-01-19 12:40 - 2010-11-30 12:34 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-19 12:40 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-18 23:32 - 2012-01-25 21:16 - 00003994 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F8DB9CC9-B2DA-4578-B80B-0A6994178AFE}
2016-01-17 22:50 - 2010-11-12 13:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-17 22:40 - 2014-07-28 09:37 - 00000000 ____D C:\Users\Kateřina\Desktop\Vašek
2016-01-16 17:13 - 2015-09-12 11:07 - 00000298 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2016-01-14 21:40 - 2014-12-25 10:49 - 00000016 _____ C:\Windows\SysWOW64\w3data.vss
2016-01-14 21:40 - 2014-12-25 10:49 - 00000016 _____ C:\Windows\SysWOW64\msvcsv60.dll
2016-01-14 21:40 - 2014-12-25 10:49 - 00000016 _____ C:\Windows\msocreg32.dat
2016-01-13 18:34 - 2015-05-17 14:58 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-13 18:33 - 2015-05-17 14:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-09 17:41 - 2010-11-16 18:39 - 00000000 ____D C:\Users\Kateřina\AppData\Roaming\Skype
2016-01-06 19:13 - 2015-09-12 11:07 - 00000282 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2016-01-05 18:52 - 2010-11-16 17:18 - 00000000 ____D C:\Users\Kateřina\AppData\Roaming\ICQ
2016-01-05 18:18 - 2015-05-17 15:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-05 09:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-31 14:00 - 2014-10-21 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aerosoft
2015-12-23 22:35 - 2010-11-16 19:11 - 00000000 ____D C:\Users\Kateřina\Documents\Fotky
2015-12-23 14:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Vss
2015-12-22 13:18 - 2015-12-13 20:47 - 00000000 ____D C:\Users\Kateřina\Documents\Bandicam
2015-12-22 12:08 - 2015-09-13 16:09 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Seznam.cz
2015-12-22 08:38 - 2015-03-27 16:16 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-12-22 08:38 - 2015-03-27 16:16 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-12-22 08:37 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-22 08:27 - 2010-11-12 14:41 - 00000000 ____D C:\Windows\pss
2015-12-21 13:33 - 2010-12-12 16:21 - 00000000 ____D C:\Users\Kateřina\AppData\Roaming\Software Informer
2015-12-21 13:12 - 2011-07-05 23:05 - 00000000 ____D C:\ProgramData\AVG10
2015-12-21 13:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-12-21 10:27 - 2015-04-04 17:48 - 00000000 ____D C:\Program Files\m-r-software
2015-12-20 10:54 - 2014-07-24 14:30 - 00000000 ____D C:\Users\Kateřina\AppData\Roaming\DAEMON Tools Lite
2015-12-20 10:53 - 2010-12-22 21:04 - 00000000 ____D C:\Windows\Minidump
2015-12-20 10:53 - 2010-11-12 20:27 - 00000000 ____D C:\Windows\Panther
2015-12-20 10:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2015-12-20 09:22 - 2015-08-13 14:10 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-20 09:22 - 2015-08-13 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-20 09:22 - 2015-08-13 14:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-20 09:19 - 2015-12-12 12:16 - 00000000 ____D C:\Users\Kateřina\AppData\Roaming\NCH Software
2015-12-20 09:19 - 2015-12-12 12:16 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-12-20 09:18 - 2015-12-12 12:16 - 00000000 ____D C:\ProgramData\NCH Software
2015-12-20 09:17 - 2015-12-12 12:22 - 00000000 ____D C:\Users\Kateřina\Documents\intelliScore
2015-12-20 08:16 - 2010-11-16 17:10 - 00000000 _____ C:\Users\Kateřina\AppData\LocalLow\prvlcl.dat
2015-12-20 06:30 - 2011-07-05 23:05 - 00000000 ____D C:\Windows\system32\Drivers\AVG
==================== Files in the root of some directories =======
2013-07-13 08:08 - 2013-07-13 08:08 - 4188160 _____ () C:\Program Files (x86)\GUT6CFC.tmp
2015-03-29 11:55 - 2015-03-29 11:55 - 0009662 _____ () C:\Users\Kateřina\AppData\Roaming\em_64x64.ico
2015-03-27 12:53 - 2015-03-27 12:53 - 0000000 _____ () C:\Users\Kateřina\AppData\Roaming\F14E.tmp
2015-03-27 12:53 - 2015-03-27 12:53 - 0775168 _____ () C:\Users\Kateřina\AppData\Roaming\F14E.tmp.exe
2014-08-30 17:01 - 2014-08-30 17:01 - 0000044 _____ () C:\Users\Kateřina\AppData\Roaming\s.vbs
2014-11-03 20:38 - 2014-11-03 20:38 - 0000017 _____ () C:\Users\Kateřina\AppData\Local\resmon.resmoncfg
2015-10-20 19:06 - 2015-10-20 19:06 - 0000000 _____ () C:\Users\Kateřina\AppData\Local\{0C9A916B-CEAA-45D3-ACAF-E4C6013EBC48}
2014-09-21 21:00 - 2014-09-21 21:00 - 0000000 _____ () C:\Users\Kateřina\AppData\Local\{95A8F0F6-679E-4833-9E06-7A8FDA0F0954}
2010-11-16 18:40 - 2010-11-16 18:40 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
C:\Users\Internet\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Internet\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Kateřina\AppData\Local\Temp\hp_u2_1377.exe
C:\Users\Kateřina\AppData\Local\Temp\jre-8u66-windows-au.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Space Synthesizer 2.0 (HKLM-x32\...\Space Synthesizer_is1) (Version: - )
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG Anti-Virus Business Edition 2011 (Enabled - Out of date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Business Edition 2011 (Enabled - Out of date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
FW: AVG Firewall (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Kate�ina\Desktop" je 12864 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare
C:\Program Files\Elantech\ETDCtrl.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO
"C:\ProgramData\GameXN\GameXNGO.exe" /startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer
"C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THGuard
"C:\Program Files (x86)\TrojanHunter 4.2\THGuard.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Kate�ina\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk
C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
