Děkuji
tak až na podruhé.poprvé to psalo po skončení poznámkoví blok přístup odepřen
edit:tak se zdá že dneska to běží normálně zatím žádné okno s reklamou
FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by zzp (administrator) on ZZP-PC (24-02-2016 13:56:18)
Running from C:\Users\zzp\Desktop
Loaded Profiles: zzp (Available Profiles: zzp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\zzp\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-08] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.132.12.33 10.132.12.1
Tcpip\..\Interfaces\{EAC3B69D-5222-4165-8EF8-0BAA15277BF7}: [DhcpNameServer] 10.132.12.33 10.132.12.1
Tcpip\..\Interfaces\{F0D30C69-3929-4810-94A9-8D09C1772219}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.seznam.cz/?clid=13415
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {389B83F6-3DEA-4826-B9C7-9E530D1A3D02} URL = hxxp://
www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {3E444DCF-2A6E-42FB-9584-1BD55F9FFA2A} URL = hxxp://
www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {526EC225-2487-4D57-A3C2-9D5B71498DFD} URL = hxxp://
www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {98EA7684-A388-4820-BAEC-C1B38304B13D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {AB7077AA-DEA4-4D0C-88FE-8CDAD090EA15} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {CB12DB61-3DE6-424B-819E-3C9651C8BEA3} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {DE445115-3AB7-45C9-B76C-839599EB3511} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {E69F297E-E160-4C0E-89B8-66E7F27069C7} URL = hxxp://
www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {EFFCC6E1-91AF-4CBD-B059-FFE36951C203} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-08] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-02-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-08] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @sohu.com/npifox -> C:\Program Files (x86)\搜狐影音\npifox.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1934118852-4102935118-922685940-1001: @my.com/Games -> C:\Users\zzp\AppData\Local\MyComGames\NPMyComDetector.dll [2015-11-13] (My.com, Inc)
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-08]
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [
sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-08]
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://
www.google.com/","www.google.com","hxxp ... 1643716437"
CHR Profile: C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-21]
CHR Extension: (CacheList) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2016-02-21]
CHR Extension: (Dokumenty Google) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-21]
CHR Extension: (Vyhledávání Google) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21]
CHR Extension: (Avast Online Security) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51648 2012-07-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-08] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (
http://www.BitComet.com)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-10] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-01-11] (Duplex Secure Ltd.)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 androidusb; System32\Drivers\lgandadb.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz130; \??\C:\Users\zzp\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S3 Trufos; system32\DRIVERS\Trufos.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-24 13:56 - 2016-02-24 13:56 - 00017154 _____ C:\Users\zzp\Desktop\FRST.txt
2016-02-24 13:55 - 2016-02-24 13:56 - 00000000 ____D C:\FRST
2016-02-24 13:53 - 2016-02-24 13:53 - 00112640 _____ (forum.viry.cz) C:\Users\zzp\Desktop\FRSTLauncher.exe
2016-02-24 13:51 - 2016-02-24 13:51 - 00112640 _____ (forum.viry.cz) C:\Users\zzp\Downloads\Nepotvrzeno 191476.crdownload
2016-02-24 13:50 - 2016-02-24 13:50 - 02371072 _____ (Farbar) C:\Users\zzp\Desktop\FRST64.exe
2016-02-23 15:01 - 2016-02-23 15:01 - 06837784 _____ (Piriform Ltd) C:\Users\zzp\Downloads\ccsetup515.exe
2016-02-23 13:58 - 2016-02-23 14:07 - 00000000 ____D C:\AdwCleaner
2016-02-23 13:57 - 2016-02-23 13:58 - 01511936 _____ C:\Users\zzp\Desktop\AdwCleaner.exe
2016-02-22 21:30 - 2016-02-22 21:33 - 00000000 ____D C:\rsit
2016-02-22 21:30 - 2016-02-22 21:31 - 00000000 ____D C:\Program Files\trend micro
2016-02-22 21:30 - 2016-02-22 21:30 - 01222144 _____ C:\Users\zzp\Downloads\RSITx64.exe
2016-02-22 19:33 - 2016-02-22 19:33 - 00000000 __SHD C:\found.009
2016-02-21 22:49 - 2016-02-22 14:18 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-21 22:49 - 2016-02-22 14:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-21 22:49 - 2016-02-21 22:49 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-02-21 19:27 - 2016-02-21 21:26 - 00000000 ____D C:\Movavi files
2016-02-21 19:23 - 2016-02-21 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 9
2016-02-21 19:23 - 2016-02-21 19:23 - 00000000 ____D C:\Program Files (x86)\Movavi Video Converter 9
2016-02-21 19:22 - 2016-02-21 19:22 - 00000000 ____D C:\Users\zzp\AppData\Local\Downloaded Installations
2016-02-21 19:21 - 2016-02-21 19:21 - 00000000 ____D C:\Users\zzp\Downloads\MOVAVI-VIDEO-CONVERTER-V-9.0+CRACK
2016-02-21 19:00 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-02-21 19:00 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-02-21 19:00 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-02-21 18:59 - 2016-02-21 19:11 - 00000000 ____D C:\Windows\erdnt
2016-02-21 18:59 - 2016-02-21 19:00 - 00000000 ____D C:\Qoobox
2016-02-21 18:42 - 2016-02-21 19:46 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-21 14:42 - 2016-02-21 14:42 - 00000000 ____D C:\Users\zzp\.fontconfig
2016-02-21 14:41 - 2016-02-21 14:41 - 00000000 ____D C:\Users\zzp\AppData\Local\Movavi
2016-02-21 14:41 - 2016-02-21 14:41 - 00000000 ____D C:\Users\zzp\AppData\Local\converter
2016-02-21 14:41 - 2016-02-21 14:41 - 00000000 ____D C:\ProgramData\Movavi
2016-02-21 14:40 - 2016-02-21 14:40 - 00000000 ____D C:\ProgramData\Movavi Video Converter 16
2016-02-20 15:24 - 2016-02-20 15:24 - 00000000 ____D C:\Users\zzp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2016-02-20 15:24 - 2016-02-20 15:24 - 00000000 ____D C:\Program Files (x86)\Drakensang Online
2016-02-15 17:35 - 2016-02-15 18:09 - 00000000 ____D C:\Users\zzp\Documents\American Truck Simulator
2016-02-13 17:13 - 2016-02-13 17:13 - 00000000 ____D C:\Users\zzp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2016-02-13 17:04 - 2016-02-13 17:13 - 00000000 ____D C:\Fraps
2016-02-13 15:03 - 2016-02-13 15:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-02-13 15:02 - 2016-02-13 15:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-13 14:29 - 2016-02-10 16:57 - 00110176 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-02-13 11:22 - 2016-02-13 11:22 - 00000000 ____D C:\Users\zzp\AppData\Local\LoiLo
2016-02-08 20:05 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-08 20:05 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-08 20:05 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-08 20:05 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-08 20:05 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-08 20:05 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-08 20:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-08 20:05 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-08 20:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-08 19:46 - 2016-02-08 19:49 - 00000000 ____D C:\Program Files (x86)\SmartPCFixer
2016-02-08 17:21 - 2016-02-08 17:21 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-08 17:21 - 2016-02-08 17:21 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-02 15:38 - 2016-02-18 12:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-30 16:46 - 2016-01-30 18:55 - 2256297690 _____ C:\Users\zzp\Downloads\Harry-Potter-a-Fénixův-řád---CZ-(A)---H264--720p.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-24 13:52 - 2014-04-07 08:18 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-24 13:45 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-24 13:45 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-24 13:39 - 2015-03-01 18:20 - 00067072 ___SH C:\Users\zzp\Desktop\Thumbs.db
2016-02-24 13:38 - 2014-04-07 08:18 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-24 13:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-23 19:42 - 2015-02-08 18:12 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-23 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-23 19:35 - 2013-12-19 22:18 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-23 19:28 - 2015-12-15 18:33 - 00000000 ___SD C:\Users\zzp\AppData\LocalLow\Temp
2016-02-23 17:21 - 2015-12-27 16:37 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-23 15:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-23 15:01 - 2013-12-18 22:06 - 00000000 ___RD C:\Users\zzp\Desktop\Programy
2016-02-22 19:50 - 2014-11-02 10:00 - 00000000 ____D C:\Users\zzp\AppData\Roaming\vlc
2016-02-22 19:13 - 2013-12-18 21:54 - 00000000 ____D C:\Users\zzp
2016-02-22 13:48 - 2015-11-22 09:08 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-22 13:48 - 2015-09-05 17:55 - 00000000 ____D C:\Users\zzp\.oracle_jre_usage
2016-02-22 13:48 - 2014-10-18 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-22 13:47 - 2014-07-29 15:07 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-21 22:51 - 2015-12-03 19:05 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-21 19:51 - 2013-12-19 00:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-21 19:46 - 2015-10-17 19:32 - 00000621 _____ C:\Users\Public\Desktop\WarThunderDev.lnk
2016-02-21 19:46 - 2013-12-18 21:54 - 00001443 _____ C:\Users\zzp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-21 19:46 - 2013-12-18 21:54 - 00001369 _____ C:\Users\zzp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-02-21 18:42 - 2013-12-18 21:56 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-21 18:40 - 2013-12-18 21:56 - 00000000 ____D C:\Users\zzp\AppData\Local\Deployment
2016-02-21 18:39 - 2013-12-18 21:56 - 00000000 ____D C:\Users\zzp\AppData\Local\Apps\2.0
2016-02-20 15:24 - 2013-12-18 23:15 - 00000000 ___RD C:\Users\zzp\Desktop\Hry
2016-02-19 14:54 - 2014-08-31 05:38 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-16 18:37 - 2016-01-09 16:33 - 00000000 ____D C:\Users\zzp\AppData\Roaming\avidemux
2016-02-16 18:35 - 2016-01-09 18:53 - 00000000 ____D C:\Users\zzp\Downloads\VIDEO
2016-02-13 14:40 - 2013-12-18 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-13 14:35 - 2013-12-18 22:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-13 14:31 - 2014-07-16 14:43 - 00000000 ____D C:\Users\zzp\Desktop\foto domů
2016-02-13 14:20 - 2013-12-18 22:19 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-13 11:25 - 2011-04-12 09:34 - 00668672 _____ C:\Windows\system32\perfh005.dat
2016-02-13 11:25 - 2011-04-12 09:34 - 00141330 _____ C:\Windows\system32\perfc005.dat
2016-02-13 11:25 - 2009-07-14 06:13 - 01583772 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-12 23:46 - 2013-12-18 22:16 - 01557806 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-02-10 20:50 - 2014-12-06 18:37 - 00000000 ____D C:\Users\zzp\AppData\LocalLow\Unity
2016-02-10 20:50 - 2014-12-06 18:37 - 00000000 ____D C:\Users\zzp\AppData\Local\Unity
2016-02-10 20:49 - 2013-12-24 17:16 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-02-10 20:48 - 2015-08-25 15:39 - 00000000 ____D C:\Program Files (x86)\Canon
2016-02-10 20:42 - 2013-12-24 17:14 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2016-02-10 16:57 - 2015-11-22 09:25 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-10 16:57 - 2015-11-22 09:23 - 00000000 ____D C:\Program Files\Java
2016-02-10 15:35 - 2013-12-19 22:18 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 15:35 - 2013-12-19 22:18 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-10 15:35 - 2013-12-19 22:18 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 13:28 - 2015-12-27 16:37 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-09 14:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-08 21:33 - 2014-04-07 08:17 - 00000000 ____D C:\Users\zzp\AppData\Local\ElevatedDiagnostics
2016-02-08 21:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-02-08 17:21 - 2015-12-27 16:37 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-05 11:34 - 2015-02-08 18:44 - 00000000 ____D C:\Users\zzp\Documents\Euro Truck Simulator 2
2016-02-02 15:58 - 2015-06-25 15:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-02-02 15:39 - 2013-12-29 22:50 - 00000000 ____D C:\Users\zzp\AppData\Local\Adobe
2016-02-02 15:38 - 2015-11-07 10:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-01 19:47 - 2014-04-07 08:18 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 19:47 - 2014-04-07 08:18 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-30 21:16 - 2013-12-27 16:27 - 00000000 ____D C:\Users\zzp\AppData\Roaming\SpinTires
==================== Files in the root of some directories =======
2016-02-08 19:21 - 2016-02-08 19:37 - 0000115 _____ () C:\Users\zzp\AppData\Roaming\LogFile.txt
2013-12-20 00:15 - 2014-12-01 13:36 - 0007606 _____ () C:\Users\zzp\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\zzp\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Available physical RAM: 2492.58 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 39%
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfeaa716346cd2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d000433b66de46.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\zzp\Desktop" je 6803 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup
"C:\Users\zzp\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by zzp (administrator) on ZZP-PC (24-02-2016 14:00:01)
Running from C:\Users\zzp\Desktop
Loaded Profiles: zzp (Available Profiles: zzp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\zzp\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-08] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.132.12.33 10.132.12.1
Tcpip\..\Interfaces\{EAC3B69D-5222-4165-8EF8-0BAA15277BF7}: [DhcpNameServer] 10.132.12.33 10.132.12.1
Tcpip\..\Interfaces\{F0D30C69-3929-4810-94A9-8D09C1772219}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.seznam.cz/?clid=13415
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {389B83F6-3DEA-4826-B9C7-9E530D1A3D02} URL = hxxp://
www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {3E444DCF-2A6E-42FB-9584-1BD55F9FFA2A} URL = hxxp://
www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {526EC225-2487-4D57-A3C2-9D5B71498DFD} URL = hxxp://
www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {98EA7684-A388-4820-BAEC-C1B38304B13D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {AB7077AA-DEA4-4D0C-88FE-8CDAD090EA15} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {CB12DB61-3DE6-424B-819E-3C9651C8BEA3} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {DE445115-3AB7-45C9-B76C-839599EB3511} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {E69F297E-E160-4C0E-89B8-66E7F27069C7} URL = hxxp://
www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> {EFFCC6E1-91AF-4CBD-B059-FFE36951C203} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-08] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-02-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-08] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1934118852-4102935118-922685940-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @sohu.com/npifox -> C:\Program Files (x86)\搜狐影音\npifox.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1934118852-4102935118-922685940-1001: @my.com/Games -> C:\Users\zzp\AppData\Local\MyComGames\NPMyComDetector.dll [2015-11-13] (My.com, Inc)
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-08]
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [
sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-08]
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://
www.google.com/","www.google.com","hxxp ... 1643716437"
CHR Profile: C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-21]
CHR Extension: (CacheList) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2016-02-21]
CHR Extension: (Dokumenty Google) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-21]
CHR Extension: (Vyhledávání Google) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21]
CHR Extension: (Avast Online Security) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\zzp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51648 2012-07-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-08] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (
http://www.BitComet.com)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-10] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-01-11] (Duplex Secure Ltd.)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 androidusb; System32\Drivers\lgandadb.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz130; \??\C:\Users\zzp\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S3 Trufos; system32\DRIVERS\Trufos.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-24 14:00 - 2016-02-24 14:00 - 00017154 _____ C:\Users\zzp\Desktop\FRST.txt
2016-02-24 13:57 - 2016-02-24 13:57 - 00034783 _____ C:\Users\zzp\Desktop\FRST3.txt
2016-02-24 13:55 - 2016-02-24 14:00 - 00000000 ____D C:\FRST
2016-02-24 13:53 - 2016-02-24 13:53 - 00112640 _____ (forum.viry.cz) C:\Users\zzp\Desktop\FRSTLauncher.exe
2016-02-24 13:51 - 2016-02-24 13:51 - 00112640 _____ (forum.viry.cz) C:\Users\zzp\Downloads\Nepotvrzeno 191476.crdownload
2016-02-24 13:50 - 2016-02-24 13:50 - 02371072 _____ (Farbar) C:\Users\zzp\Desktop\FRST64.exe
2016-02-23 15:01 - 2016-02-23 15:01 - 06837784 _____ (Piriform Ltd) C:\Users\zzp\Downloads\ccsetup515.exe
2016-02-23 13:58 - 2016-02-23 14:07 - 00000000 ____D C:\AdwCleaner
2016-02-23 13:57 - 2016-02-23 13:58 - 01511936 _____ C:\Users\zzp\Desktop\AdwCleaner.exe
2016-02-22 21:30 - 2016-02-22 21:33 - 00000000 ____D C:\rsit
2016-02-22 21:30 - 2016-02-22 21:31 - 00000000 ____D C:\Program Files\trend micro
2016-02-22 21:30 - 2016-02-22 21:30 - 01222144 _____ C:\Users\zzp\Downloads\RSITx64.exe
2016-02-22 19:33 - 2016-02-22 19:33 - 00000000 __SHD C:\found.009
2016-02-21 22:49 - 2016-02-22 14:18 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-21 22:49 - 2016-02-22 14:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-21 22:49 - 2016-02-21 22:49 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-02-21 19:27 - 2016-02-21 21:26 - 00000000 ____D C:\Movavi files
2016-02-21 19:23 - 2016-02-21 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 9
2016-02-21 19:23 - 2016-02-21 19:23 - 00000000 ____D C:\Program Files (x86)\Movavi Video Converter 9
2016-02-21 19:22 - 2016-02-21 19:22 - 00000000 ____D C:\Users\zzp\AppData\Local\Downloaded Installations
2016-02-21 19:21 - 2016-02-21 19:21 - 00000000 ____D C:\Users\zzp\Downloads\MOVAVI-VIDEO-CONVERTER-V-9.0+CRACK
2016-02-21 19:00 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-02-21 19:00 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-02-21 19:00 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-02-21 19:00 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-02-21 18:59 - 2016-02-21 19:11 - 00000000 ____D C:\Windows\erdnt
2016-02-21 18:59 - 2016-02-21 19:00 - 00000000 ____D C:\Qoobox
2016-02-21 18:42 - 2016-02-21 19:46 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-21 14:42 - 2016-02-21 14:42 - 00000000 ____D C:\Users\zzp\.fontconfig
2016-02-21 14:41 - 2016-02-21 14:41 - 00000000 ____D C:\Users\zzp\AppData\Local\Movavi
2016-02-21 14:41 - 2016-02-21 14:41 - 00000000 ____D C:\Users\zzp\AppData\Local\converter
2016-02-21 14:41 - 2016-02-21 14:41 - 00000000 ____D C:\ProgramData\Movavi
2016-02-21 14:40 - 2016-02-21 14:40 - 00000000 ____D C:\ProgramData\Movavi Video Converter 16
2016-02-20 15:24 - 2016-02-20 15:24 - 00000000 ____D C:\Users\zzp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2016-02-20 15:24 - 2016-02-20 15:24 - 00000000 ____D C:\Program Files (x86)\Drakensang Online
2016-02-15 17:35 - 2016-02-15 18:09 - 00000000 ____D C:\Users\zzp\Documents\American Truck Simulator
2016-02-13 17:13 - 2016-02-13 17:13 - 00000000 ____D C:\Users\zzp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2016-02-13 17:04 - 2016-02-13 17:13 - 00000000 ____D C:\Fraps
2016-02-13 15:03 - 2016-02-13 15:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-02-13 15:02 - 2016-02-13 15:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-13 14:29 - 2016-02-10 16:57 - 00110176 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-02-13 11:22 - 2016-02-13 11:22 - 00000000 ____D C:\Users\zzp\AppData\Local\LoiLo
2016-02-08 20:05 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-08 20:05 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-08 20:05 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-08 20:05 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-08 20:05 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-08 20:05 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-08 20:05 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-08 20:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-08 20:05 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-08 20:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-08 19:46 - 2016-02-08 19:49 - 00000000 ____D C:\Program Files (x86)\SmartPCFixer
2016-02-08 17:21 - 2016-02-08 17:21 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-08 17:21 - 2016-02-08 17:21 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-02 15:38 - 2016-02-18 12:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-30 16:46 - 2016-01-30 18:55 - 2256297690 _____ C:\Users\zzp\Downloads\Harry-Potter-a-Fénixův-řád---CZ-(A)---H264--720p.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-24 13:52 - 2014-04-07 08:18 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-24 13:45 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-24 13:45 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-24 13:39 - 2015-03-01 18:20 - 00067072 ___SH C:\Users\zzp\Desktop\Thumbs.db
2016-02-24 13:38 - 2014-04-07 08:18 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-24 13:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-23 19:42 - 2015-02-08 18:12 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-23 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-23 19:35 - 2013-12-19 22:18 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-23 19:28 - 2015-12-15 18:33 - 00000000 ___SD C:\Users\zzp\AppData\LocalLow\Temp
2016-02-23 17:21 - 2015-12-27 16:37 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-23 15:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-23 15:01 - 2013-12-18 22:06 - 00000000 ___RD C:\Users\zzp\Desktop\Programy
2016-02-22 19:50 - 2014-11-02 10:00 - 00000000 ____D C:\Users\zzp\AppData\Roaming\vlc
2016-02-22 19:13 - 2013-12-18 21:54 - 00000000 ____D C:\Users\zzp
2016-02-22 13:48 - 2015-11-22 09:08 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-22 13:48 - 2015-09-05 17:55 - 00000000 ____D C:\Users\zzp\.oracle_jre_usage
2016-02-22 13:48 - 2014-10-18 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-22 13:47 - 2014-07-29 15:07 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-21 22:51 - 2015-12-03 19:05 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-21 19:51 - 2013-12-19 00:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-21 19:46 - 2015-10-17 19:32 - 00000621 _____ C:\Users\Public\Desktop\WarThunderDev.lnk
2016-02-21 19:46 - 2013-12-18 21:54 - 00001443 _____ C:\Users\zzp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-21 19:46 - 2013-12-18 21:54 - 00001369 _____ C:\Users\zzp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-02-21 18:42 - 2013-12-18 21:56 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-21 18:40 - 2013-12-18 21:56 - 00000000 ____D C:\Users\zzp\AppData\Local\Deployment
2016-02-21 18:39 - 2013-12-18 21:56 - 00000000 ____D C:\Users\zzp\AppData\Local\Apps\2.0
2016-02-20 15:24 - 2013-12-18 23:15 - 00000000 ___RD C:\Users\zzp\Desktop\Hry
2016-02-19 14:54 - 2014-08-31 05:38 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-16 18:37 - 2016-01-09 16:33 - 00000000 ____D C:\Users\zzp\AppData\Roaming\avidemux
2016-02-16 18:35 - 2016-01-09 18:53 - 00000000 ____D C:\Users\zzp\Downloads\VIDEO
2016-02-13 14:40 - 2013-12-18 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-13 14:35 - 2013-12-18 22:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-13 14:31 - 2014-07-16 14:43 - 00000000 ____D C:\Users\zzp\Desktop\foto domů
2016-02-13 14:20 - 2013-12-18 22:19 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-13 11:25 - 2011-04-12 09:34 - 00668672 _____ C:\Windows\system32\perfh005.dat
2016-02-13 11:25 - 2011-04-12 09:34 - 00141330 _____ C:\Windows\system32\perfc005.dat
2016-02-13 11:25 - 2009-07-14 06:13 - 01583772 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-12 23:46 - 2013-12-18 22:16 - 01557806 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-02-10 20:50 - 2014-12-06 18:37 - 00000000 ____D C:\Users\zzp\AppData\LocalLow\Unity
2016-02-10 20:50 - 2014-12-06 18:37 - 00000000 ____D C:\Users\zzp\AppData\Local\Unity
2016-02-10 20:49 - 2013-12-24 17:16 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-02-10 20:48 - 2015-08-25 15:39 - 00000000 ____D C:\Program Files (x86)\Canon
2016-02-10 20:42 - 2013-12-24 17:14 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2016-02-10 16:57 - 2015-11-22 09:25 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-10 16:57 - 2015-11-22 09:23 - 00000000 ____D C:\Program Files\Java
2016-02-10 15:35 - 2013-12-19 22:18 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 15:35 - 2013-12-19 22:18 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-10 15:35 - 2013-12-19 22:18 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 13:28 - 2015-12-27 16:37 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-09 14:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-08 21:33 - 2014-04-07 08:17 - 00000000 ____D C:\Users\zzp\AppData\Local\ElevatedDiagnostics
2016-02-08 21:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-02-08 17:21 - 2015-12-27 16:37 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-08 17:21 - 2015-12-27 16:37 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-05 11:34 - 2015-02-08 18:44 - 00000000 ____D C:\Users\zzp\Documents\Euro Truck Simulator 2
2016-02-02 15:58 - 2015-06-25 15:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-02-02 15:39 - 2013-12-29 22:50 - 00000000 ____D C:\Users\zzp\AppData\Local\Adobe
2016-02-02 15:38 - 2015-11-07 10:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-01 19:47 - 2014-04-07 08:18 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 19:47 - 2014-04-07 08:18 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-30 21:16 - 2013-12-27 16:27 - 00000000 ____D C:\Users\zzp\AppData\Roaming\SpinTires
==================== Files in the root of some directories =======
2016-02-08 19:21 - 2016-02-08 19:37 - 0000115 _____ () C:\Users\zzp\AppData\Roaming\LogFile.txt
2013-12-20 00:15 - 2014-12-01 13:36 - 0007606 _____ () C:\Users\zzp\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\zzp\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-02-18 12:31
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:244.14 GB) (Free:26.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:200.2 GB) (Free:144.68 GB) NTFS
Drive e: () (Fixed) (Total:221.61 GB) (Free:55.27 GB) NTFS
Drive f: () (Fixed) (Total:97.88 GB) (Free:25.74 GB) NTFS
Available physical RAM: 2481.41 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 39%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 25272527)
Partition 1: (Active) - (Size=200.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.9 GB) - (Type=OF Extended)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.6 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.6 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfeaa716346cd2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d000433b66de46.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\zzp\Desktop" je 6804 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup
"C:\Users\zzp\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
addition log
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
Ran by zzp (2016-02-24 14:00:22)
Running from C:\Users\zzp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-18 20:54:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1934118852-4102935118-922685940-500 - Administrator - Disabled)
Guest (S-1-5-21-1934118852-4102935118-922685940-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1934118852-4102935118-922685940-1002 - Limited - Enabled)
zzp (S-1-5-21-1934118852-4102935118-922685940-1001 - Administrator - Enabled) => C:\Users\zzp
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.34 - GIGABYTE)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Aktualizace NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
American Truck Simulator Demo (HKLM-x32\...\Steam App 441960) (Version: - SCS Software)
Assassin's Creed III (HKLM-x32\...\Assassin's Creed III_is1) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.10.150607 - )
BitComet 1.36 (HKLM-x32\...\BitComet) (Version: 1.36 - CometNetwork)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Data Lifeguard Diagnostic for Windows 1.25 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
Energy Saver Advance B8.0905.1 (HKLM-x32\...\{7ED169D4-5053-4166-93DF-53B12AE6C539}) (Version: 1.10.0000 - GIGABYTE)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: - )
Farming Simulator 2015 verze 1.0.0.0 (HKLM-x32\...\Farming Simulator 2015_is1) (Version: 1.0.0.0 - CupraTDi)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - Gigabyte Technology Corp.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}) (Version: 1.0.19.76 - Google)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movavi Video Converter 9 (HKLM-x32\...\{4D92FD47-5138-48D2-B68B-9D0CCFA21CD7}) (Version: 9.00.000 - Movavi)
MP3 2 Ogg Lab 2004 (HKLM-x32\...\MP3 2 Ogg Lab 2004_is1) (Version: - MP3 Surgeon)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
My.com Game Center (HKU\S-1-5-21-1934118852-4102935118-922685940-1001\...\MyComGames) (Version: 3.156 - My.com B.V.)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Ovládací panel NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0022 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - Canon Inc.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
skyforge_mycom (HKU\S-1-5-21-1934118852-4102935118-922685940-1001\...\skyforge_mycom) (Version: 1.53 - My.com B.V.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
War Thunder Launcher 1.0.1.335 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
War Thunder Launcher 1.0.1.340 (HKLM-x32\...\{abc8eea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1934118852-4102935118-922685940-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00E2D337-2089-467B-8F3F-C915028A56C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {17078DF0-06E1-4FC6-AAF3-3E93E9BEDAC9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {40DD09BC-024B-4018-A09C-3BA089E469A5} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask
Task: {4EB69AB0-1128-4B04-AE63-0B199E7CB8DA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-18] (AVAST Software)
Task: {5FC0BAC5-E050-49BD-A427-4229B42B481D} - System32\Tasks\{15C08C7D-FD05-46BC-B32B-FF9500B1C8E4} => C:\Program Files (x86)\Drakensang Online\thinclient.exe [2016-02-15] (Bigpoint GmbH)
Task: {6D44B3A0-682A-4E19-82F9-600CC47C7F35} - System32\Tasks\{06958254-71C2-45CC-AA37-08161C034EDE} => pcalua.exe -a C:\ProgramData\LGMOBILEAX\LGMLauncher.exe -d C:\ProgramData\LGMOBILEAX
Task: {6D8D1C70-A7B2-488F-9381-F88FECF57CAF} - System32\Tasks\{09FDD1DA-FC06-41BC-8EF1-5AFA754C38B3} => pcalua.exe -a C:\Users\zzp\Downloads\sp41644.exe -d C:\Users\zzp\Downloads
Task: {8ACFBC54-9383-4809-8F7F-6031D915FED4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-08] (AVAST Software)
Task: {98746D6C-5037-464D-9A8C-0A3A1FA4682C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {AD5EF3AE-417C-418B-A990-56D946BCF294} - System32\Tasks\{1922852A-A057-4466-8979-295D2594E0B2} => pcalua.exe -a C:\Users\zzp\Downloads\B2CAppSetup.exe -d C:\Users\zzp\Downloads
Task: {B5B7E84C-AEA4-4A2C-AF9A-627942384AEC} - System32\Tasks\{56C21CD7-D5BD-475E-969E-3E91CDD9CD1A} => pcalua.exe -a "C:\Users\zzp\Downloads\WWII-Battle-Tanks---T-34-vs.-Tiger\WWII Battle Tanks - T-34 vs. Tiger\setup.exe" -d "C:\Users\zzp\Downloads\WWII-Battle-Tanks---T-34-vs.-Tiger\WWII Battle Tanks - T-34 vs. Tiger"
Task: {B85ABFBC-D0CF-4ED3-A032-7B0F4CD657C7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask
Task: {D1C6735C-1C90-4CEB-8960-7FC7BAC67DB6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {DD900D06-A832-467B-94C5-D70D8A474872} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfeaa716346cd2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d000433b66de46.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-02-12 22:13 - 2016-02-12 22:13 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-02-08 17:21 - 2016-02-08 17:21 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-08 17:21 - 2016-02-08 17:21 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-23 13:40 - 2016-02-23 13:40 - 02834432 _____ () C:\Program Files\AVAST Software\Avast\defs\16022300\algo.dll
2016-02-08 17:21 - 2016-02-08 17:21 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-24 13:40 - 2016-02-24 13:40 - 02836480 _____ () C:\Program Files\AVAST Software\Avast\defs\16022400\algo.dll
2015-12-27 16:37 - 2015-12-27 16:37 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-02-21 18:42 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-21 18:42 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2016-02-22 19:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1934118852-4102935118-922685940-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zzp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.132.12.33 - 10.132.12.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\zzp\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{323E160C-59D0-4374-A845-4064FF8AEC4C}E:\hry\spintires\spintires.exe] => (Allow) E:\hry\spintires\spintires.exe
FirewallRules: [UDP Query User{D30A01FB-4950-419D-AB7C-B7022A14EC4A}E:\hry\spintires\spintires.exe] => (Allow) E:\hry\spintires\spintires.exe
FirewallRules: [{24766A0E-7F52-4038-BF68-676E499A7D52}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A3FEAC87-BB03-409C-A0E0-6B4A7EF30ED3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{2018A2AD-34E7-440E-B4D7-44BF29DB423C}C:\hry\assassin's creed iii\ac3sp.exe] => (Allow) C:\hry\assassin's creed iii\ac3sp.exe
FirewallRules: [UDP Query User{2FFA698C-03EA-4547-98DB-B28D11DDC99F}C:\hry\assassin's creed iii\ac3sp.exe] => (Allow) C:\hry\assassin's creed iii\ac3sp.exe
FirewallRules: [{84CC5A30-F742-413F-8548-F21E0DF9A010}] => (Allow) E:\HRY\WarThunder\launcher.exe
FirewallRules: [{695F2741-5562-4635-8295-E4632E99F26A}] => (Allow) E:\HRY\WarThunder\launcher.exe
FirewallRules: [{32723CA8-B73E-4962-8F50-AB724DA8D813}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{23F59C84-78FC-45C6-AD32-854D57B7F6D3}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [TCP Query User{7C07B3E4-571D-425C-9E9E-9292AE3CDC94}E:\hry\warthunder\aces.exe] => (Allow) E:\hry\warthunder\aces.exe
FirewallRules: [UDP Query User{E4F35AD5-24D7-4823-8238-FC35071E1133}E:\hry\warthunder\aces.exe] => (Allow) E:\hry\warthunder\aces.exe
FirewallRules: [TCP Query User{ACAE984C-07B5-4029-B5A3-8E03BAF7EC10}C:\program files (x86)\gigabyte\energysaver\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\energysaver\updexe.exe
FirewallRules: [UDP Query User{18B68FF7-017E-4BC6-A412-F37F6B741529}C:\program files (x86)\gigabyte\energysaver\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\energysaver\updexe.exe
FirewallRules: [{466C0921-16E8-48A8-8C1B-C5ECA4743208}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A71964BB-5408-4E93-97F6-0E15D823F7EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ADA7B0C7-7511-49C6-B411-0EB6B2D2F731}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0C22F41D-F0CA-4C00-BE25-0148B11055D0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FD807CFC-6DAC-4BC7-9F1A-362C2CD125B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{2CA4225C-8B7B-46C5-A2A1-1939E1F56475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{EE27D3AB-31A0-4756-8ACF-43558DD88AEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{A7959640-CB17-4ADE-8C05-39CC4983FF25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [TCP Query User{AA2291B7-C62F-48C9-8FD8-AEA9A057F89C}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [UDP Query User{BAC4297B-21CC-4828-8EBD-89BF0207394D}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [{A57BF78E-8689-4261-BFCA-57C15F993785}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{39201302-F5A3-42F1-BA52-13D5828F12AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{C2020840-5434-4849-A6BA-E89C8E192ECF}] => (Allow) E:\WarThunderDev\launcher.exe
FirewallRules: [{B1136AD7-F1B4-4C97-A910-33A222547283}] => (Allow) E:\WarThunderDev\launcher.exe
FirewallRules: [TCP Query User{282BCB06-951E-4B98-966E-12D7A5694B9E}E:\hry\warthunder\win64\aces64.exe] => (Allow) E:\hry\warthunder\win64\aces64.exe
FirewallRules: [UDP Query User{4EEA029D-14A4-4EDF-A651-7945F338EEEC}E:\hry\warthunder\win64\aces64.exe] => (Allow) E:\hry\warthunder\win64\aces64.exe
FirewallRules: [TCP Query User{C1FA832A-435F-41AF-B4C3-E7A7BC0C8CB3}C:\users\zzp\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\zzp\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{BBF6EB15-8921-41A3-B1D2-E0B97FCCC5D2}C:\users\zzp\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\zzp\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{8BD92AC1-5A37-49D3-8850-FB8F31FC620E}E:\hry\warthunder\win64\aces.exe] => (Allow) E:\hry\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{17960CF8-A6DA-4CEC-96D1-D0406EA9214F}E:\hry\warthunder\win64\aces.exe] => (Allow) E:\hry\warthunder\win64\aces.exe
FirewallRules: [{A0D7F630-461D-40FA-BFA9-AB5B4721C99B}] => (Allow) e:\hry\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{408B9B6A-698A-48C7-BE51-0C0F8AE70EEC}] => (Allow) e:\hry\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E53870B6-CBCC-4D5A-84AB-4F6E930AE76F}] => (Allow) e:\hry\World_of_Tanks\worldoftanks.exe
FirewallRules: [{0137C751-09FB-4987-A394-B74FECC9EE1B}] => (Allow) e:\hry\World_of_Tanks\worldoftanks.exe
FirewallRules: [{B77509BE-3A7A-4C23-9437-111681A95DEF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2F691A0-12BE-4E0F-8454-DDF3831BB4EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA366660-91E7-445B-8B6E-4CADAF57D702}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{6C952D8A-73C7-4FC9-BA66-DEB5D4A3AE8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{AB4A3B6D-D0B9-4771-9C71-F97A4B3DF650}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9D3B7CD8-BC2A-417F-8335-89B6D19E2189}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{A36599AC-414F-4624-B9A0-244D61FA04E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{28A378E4-74BC-416D-8B18-18E15822D3C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{C80D0B49-318D-4E39-91D8-CC39887024F8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
22-02-2016 19:22:11 ComboFix created restore point
23-02-2016 13:52:15 AA11
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
Percentage of memory in use: 39%
Total physical RAM: 4094.49 MB
Available physical RAM: 2481.41 MB
Total Virtual: 8487.18 MB
Available Virtual: 6682.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:244.14 GB) (Free:26.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:200.2 GB) (Free:144.68 GB) NTFS
Drive e: () (Fixed) (Total:221.61 GB) (Free:55.27 GB) NTFS
Drive f: () (Fixed) (Total:97.88 GB) (Free:25.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 25272527)
Partition 1: (Active) - (Size=200.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.9 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.6 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.6 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================
Děkuji
Protoze jste pri spusteni ComboFixu souhlasil s podminkami uziti, jen se ujistim, ze jste osoba pro praci s nim vyskolena nebo Vam alespon osoba zkusena asistovala. Poprosim Vas o obsah logu z cinnosti CF, ktery se nachazi v C:\ComboFix.txt. CF mimochodem castecne smazal stopy po haveti, takze ted je log z RSIT/FRST krapet k nicemu.
Přispějete na provoz fóra?