Hodně pomaly počítač
Napsal: 12 lis 2016 21:40
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Marek a Ivetka (administrator) on MAREKAIVETKA-PC (12-11-2016 21:06:22)
Running from C:\Users\Marek a Ivetka\Desktop
Loaded Profiles: Marek a Ivetka (Available Profiles: Marek a Ivetka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Marek a Ivetka\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-10] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: {340c60b5-1449-11e6-9ff7-7ede2bb7932d} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: {3de5d45f-c5ee-11e5-9d7d-74de2bb7b3b5} - F:\autorun.exe
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: {3de5d8e4-c5ee-11e5-9d7d-74de2bb7b3b5} - F:\autorun.exe
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: {c4e0cc72-3c6a-11e1-ac1b-74de2bb7b3b5} - F:\Startme.exe
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-11-10] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.193
Tcpip\..\Interfaces\{B844AAE0-7FED-4CC0-86EF-DF6E0159F1B4}: [DhcpNameServer] 192.168.20.193
Internet Explorer:
==================
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=14875
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ASUT
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {05F0DA16-14A5-4094-97AF-365BB40F2102} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {4B3325EB-9A24-4E6C-8FB1-E03CC53A1BCF} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {56D5A27C-9DBF-4B8F-AA58-37193B4912A7} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {648AA89E-3655-4590-80FD-9274F602D617} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {671A4FDC-C6A6-4901-9C21-8D091F459643} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {6FBD4BDC-A6D9-45A9-A12A-8128700932DB} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {90D3E7CC-1376-4F96-8AA9-2BB36699CA97} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {FA341740-612B-43B4-9303-3AC684367E0E} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {FF9C0A3A-2577-492A-BEEB-B964AEA1379B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_14875
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-10] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF ProfilePath: C:\Users\Marek a Ivetka\AppData\Roaming\Mozilla\Firefox\Profiles\afy4wzfk.default [2016-11-12]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\afy4wzfk.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\afy4wzfk.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\afy4wzfk.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\afy4wzfk.default -> hxxps://www.seznam.cz/?clid=22668
FF Keyword.URL: Mozilla\Firefox\Profiles\afy4wzfk.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF NetworkProxy: Mozilla\Firefox\Profiles\afy4wzfk.default -> type", 0
FF Extension: (Seznam lištička) - C:\Users\Marek a Ivetka\AppData\Roaming\Mozilla\Firefox\Profiles\afy4wzfk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-10-03]
FF SearchPlugin: C:\Users\Marek a Ivetka\AppData\Roaming\Mozilla\Firefox\Profiles\afy4wzfk.default\searchplugins\seznam-avast.xml [2014-12-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-10] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default [2016-11-12]
CHR Extension: (Dokumenty Google) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Avast SafePrice) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-10]
CHR Extension: (Avast Online Security) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-17]
CHR Extension: (Chrome Media Router) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-12-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-11-10] (AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-11-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-11-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-11-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-11-10] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-11-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-10] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-12 21:06 - 2016-11-12 21:08 - 00017098 _____ C:\Users\Marek a Ivetka\Desktop\FRST.txt
2016-11-12 21:06 - 2016-11-12 21:06 - 00000000 ____D C:\FRST
2016-11-12 21:04 - 2016-11-12 21:04 - 00112640 _____ (forum.viry.cz) C:\Users\Marek a Ivetka\Desktop\FRSTLauncher.exe
2016-11-12 21:01 - 2016-11-12 21:00 - 02411520 _____ (Farbar) C:\Users\Marek a Ivetka\Desktop\FRST64.exe
2016-11-12 21:00 - 2016-11-12 21:00 - 02411520 _____ (Farbar) C:\Users\Marek a Ivetka\Downloads\FRST64.exe
2016-11-12 18:24 - 2016-11-12 18:24 - 00000000 ____D C:\Windows\pss
2016-11-11 16:51 - 2016-11-11 16:51 - 00000000 ___RD C:\Users\Marek a Ivetka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-11-10 20:30 - 2016-11-10 20:30 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Local\ESET
2016-11-10 20:30 - 2016-10-24 21:40 - 06760064 _____ (ESET spol. s r.o.) C:\Users\Marek a Ivetka\Desktop\ESETOnlineScanner_CSY.exe
2016-11-10 15:41 - 2016-11-10 15:46 - 00000000 ____D C:\Users\Marek a Ivetka\Downloads\ccleaner
2016-11-10 15:39 - 2016-11-10 15:40 - 07165735 _____ C:\Users\Marek a Ivetka\Downloads\ccsetup523.zip
2016-11-10 15:37 - 2016-11-10 15:37 - 00035084 _____ C:\Users\Marek a Ivetka\Downloads\bookmarks-2016-11-10.json
2016-11-10 15:36 - 2016-11-10 15:37 - 00081371 _____ C:\Users\Marek a Ivetka\Downloads\bookmarks.html
2016-11-10 15:22 - 2016-11-10 15:22 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-10 15:21 - 2016-11-10 15:21 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-11-10 14:54 - 2016-11-10 14:54 - 00007602 _____ C:\Users\Marek a Ivetka\AppData\Local\Resmon.ResmonCfg
2016-11-09 21:47 - 2016-11-09 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-11-05 14:04 - 2016-11-05 14:04 - 00012076 _____ C:\Users\Marek a Ivetka\Downloads\[CzT]Dej_Vu_Deja_Vu.torrent
2016-10-27 17:55 - 2016-10-27 20:56 - 737826816 _____ C:\Users\Marek a Ivetka\Downloads\Spatnej.polda.2009.DVDRip.XviD.CZ.MY.avi
2016-10-27 17:54 - 2016-10-27 17:54 - 00014563 _____ C:\Users\Marek a Ivetka\Downloads\[CzT]Spatnej_polda_Bad_Lieutenant_2009_.torrent
2016-10-24 18:13 - 2016-10-24 18:22 - 1800767510 _____ C:\Users\Marek a Ivetka\Downloads\Spectre-2015-CZ-Dabing.avi
2016-10-24 18:12 - 2016-10-24 18:12 - 00017759 _____ C:\Users\Marek a Ivetka\Downloads\[CzT]Spectre_2015_CZ_.torrent
2016-10-16 09:11 - 2016-10-16 09:11 - 00022046 _____ C:\Users\Marek a Ivetka\Downloads\[CzT]Formule_1_Velka_cena_Japonska_2016_CZ_TvRip_720p_.torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-12 21:03 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-12 21:03 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-12 20:59 - 2013-03-23 21:44 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-12 20:11 - 2014-10-03 19:15 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-12 20:11 - 2014-10-03 19:15 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-12 19:25 - 2014-12-10 12:30 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Local\Softonic
2016-11-12 18:42 - 2011-02-19 06:36 - 10204710 _____ C:\Windows\system32\perfh005.dat
2016-11-12 18:42 - 2011-02-19 06:36 - 03500712 _____ C:\Windows\system32\perfc005.dat
2016-11-12 18:42 - 2009-07-14 06:13 - 00006560 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-12 18:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-12 18:20 - 2014-12-14 18:31 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-12 18:19 - 2012-12-15 15:17 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-11 16:56 - 2014-12-07 16:23 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Roaming\Seznam.cz
2016-11-11 16:51 - 2011-12-07 11:09 - 00000000 ___HD C:\ASUS.DAT
2016-11-11 12:09 - 2016-07-20 19:49 - 00003904 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1469040562
2016-11-11 12:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-10 17:13 - 2011-12-07 11:08 - 00000000 ____D C:\Users\Marek a Ivetka
2016-11-10 17:01 - 2011-04-01 10:19 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-11-10 17:00 - 2011-04-01 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-11-10 15:59 - 2013-03-23 21:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-10 15:59 - 2013-03-23 21:44 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-10 15:59 - 2011-12-08 10:52 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-10 15:59 - 2011-12-08 10:51 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-10 15:59 - 2011-04-01 10:19 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-10 15:50 - 2013-09-07 07:12 - 00000000 ____D C:\Windows\Minidump
2016-11-10 15:50 - 2011-12-24 10:59 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Local\CrashDumps
2016-11-10 15:50 - 2009-07-29 07:03 - 00000000 ____D C:\Windows\Panther
2016-11-10 15:26 - 2013-03-24 09:08 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-11-10 15:26 - 2012-12-15 15:17 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-11-10 15:26 - 2012-12-15 15:17 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-11-10 15:22 - 2014-10-03 18:54 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-11-10 15:22 - 2014-10-03 18:54 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-11-10 15:22 - 2013-03-24 09:08 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147878799435112
2016-11-10 15:22 - 2013-03-24 09:08 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-11-10 15:22 - 2012-12-15 15:17 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147878798897110
2016-11-10 15:22 - 2012-12-15 15:17 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-11-10 15:22 - 2012-12-15 15:17 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-11-10 15:20 - 2016-07-13 19:54 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-11-10 15:20 - 2012-12-15 15:17 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147878798042107
2016-11-10 06:33 - 2015-12-05 11:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-11-10 06:33 - 2015-04-09 17:30 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-11-10 06:33 - 2015-04-09 17:30 - 00000000 ___SD C:\Windows\system32\GWX
2016-11-10 06:33 - 2014-12-12 15:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-11-10 06:33 - 2014-12-07 10:52 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Roaming\uTorrent
2016-11-10 06:33 - 2014-05-10 16:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-11-10 06:33 - 2012-05-12 15:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-10 06:33 - 2011-11-08 09:44 - 00000000 ____D C:\ProgramData\P4G
2016-11-10 06:33 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-11-10 06:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-11-06 16:10 - 2013-07-15 10:12 - 00000000 ____D C:\Windows\system32\MRT
2016-10-26 17:44 - 2014-10-03 19:15 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-26 17:44 - 2014-10-03 19:15 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-22 16:27 - 2016-10-03 13:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Files in the root of some directories =======
2016-11-10 14:54 - 2016-11-10 14:54 - 0007602 _____ () C:\Users\Marek a Ivetka\AppData\Local\Resmon.ResmonCfg
2016-01-25 09:11 - 2016-01-25 09:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-01 10:21 - 2010-07-07 00:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2012-05-28 14:39 - 2012-05-28 14:52 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2011-11-08 09:51 - 2011-11-08 09:53 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-11-08 09:51 - 2011-11-08 09:51 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marek a Ivetka\Desktop" je 8 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP
"C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Marek a Ivetka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Marek a Ivetka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl
%ProgramFiles%\Elantech\ETDCtrl.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ihhwsinesw
wscript.exe //B "C:\Users\MAREKA~1\AppData\Local\Temp\ihhwsinesw.vbs" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuance PDF Reader-reminder
"C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Softonic for Windows
"C:\Users\Marek a Ivetka\AppData\Local\Softonic\Softonic.exe" -minimize [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE /start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marek a Ivetka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk
C:\Users\MAREKA~1\AppData\Roaming\GAMERA~1\GAMERA~1\GAMERA~1.EXE /autostart [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Marek a Ivetka (administrator) on MAREKAIVETKA-PC (12-11-2016 21:06:22)
Running from C:\Users\Marek a Ivetka\Desktop
Loaded Profiles: Marek a Ivetka (Available Profiles: Marek a Ivetka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Marek a Ivetka\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-10] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: {340c60b5-1449-11e6-9ff7-7ede2bb7932d} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: {3de5d45f-c5ee-11e5-9d7d-74de2bb7b3b5} - F:\autorun.exe
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: {3de5d8e4-c5ee-11e5-9d7d-74de2bb7b3b5} - F:\autorun.exe
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\...\MountPoints2: {c4e0cc72-3c6a-11e1-ac1b-74de2bb7b3b5} - F:\Startme.exe
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-11-10] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.193
Tcpip\..\Interfaces\{B844AAE0-7FED-4CC0-86EF-DF6E0159F1B4}: [DhcpNameServer] 192.168.20.193
Internet Explorer:
==================
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=14875
HKU\S-1-5-21-2519637471-2579528457-1636235950-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ASUT
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {05F0DA16-14A5-4094-97AF-365BB40F2102} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {4B3325EB-9A24-4E6C-8FB1-E03CC53A1BCF} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {56D5A27C-9DBF-4B8F-AA58-37193B4912A7} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {648AA89E-3655-4590-80FD-9274F602D617} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {671A4FDC-C6A6-4901-9C21-8D091F459643} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {6FBD4BDC-A6D9-45A9-A12A-8128700932DB} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {90D3E7CC-1376-4F96-8AA9-2BB36699CA97} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {FA341740-612B-43B4-9303-3AC684367E0E} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_14875
SearchScopes: HKU\S-1-5-21-2519637471-2579528457-1636235950-1002 -> {FF9C0A3A-2577-492A-BEEB-B964AEA1379B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_14875
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-10] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF ProfilePath: C:\Users\Marek a Ivetka\AppData\Roaming\Mozilla\Firefox\Profiles\afy4wzfk.default [2016-11-12]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\afy4wzfk.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\afy4wzfk.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\afy4wzfk.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\afy4wzfk.default -> hxxps://www.seznam.cz/?clid=22668
FF Keyword.URL: Mozilla\Firefox\Profiles\afy4wzfk.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF NetworkProxy: Mozilla\Firefox\Profiles\afy4wzfk.default -> type", 0
FF Extension: (Seznam lištička) - C:\Users\Marek a Ivetka\AppData\Roaming\Mozilla\Firefox\Profiles\afy4wzfk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-10-03]
FF SearchPlugin: C:\Users\Marek a Ivetka\AppData\Roaming\Mozilla\Firefox\Profiles\afy4wzfk.default\searchplugins\seznam-avast.xml [2014-12-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-10] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default [2016-11-12]
CHR Extension: (Dokumenty Google) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Avast SafePrice) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-10]
CHR Extension: (Avast Online Security) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-17]
CHR Extension: (Chrome Media Router) - C:\Users\Marek a Ivetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-12-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-11-10] (AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-11-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-11-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-11-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-11-10] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-11-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-10] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-12 21:06 - 2016-11-12 21:08 - 00017098 _____ C:\Users\Marek a Ivetka\Desktop\FRST.txt
2016-11-12 21:06 - 2016-11-12 21:06 - 00000000 ____D C:\FRST
2016-11-12 21:04 - 2016-11-12 21:04 - 00112640 _____ (forum.viry.cz) C:\Users\Marek a Ivetka\Desktop\FRSTLauncher.exe
2016-11-12 21:01 - 2016-11-12 21:00 - 02411520 _____ (Farbar) C:\Users\Marek a Ivetka\Desktop\FRST64.exe
2016-11-12 21:00 - 2016-11-12 21:00 - 02411520 _____ (Farbar) C:\Users\Marek a Ivetka\Downloads\FRST64.exe
2016-11-12 18:24 - 2016-11-12 18:24 - 00000000 ____D C:\Windows\pss
2016-11-11 16:51 - 2016-11-11 16:51 - 00000000 ___RD C:\Users\Marek a Ivetka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-11-10 20:30 - 2016-11-10 20:30 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Local\ESET
2016-11-10 20:30 - 2016-10-24 21:40 - 06760064 _____ (ESET spol. s r.o.) C:\Users\Marek a Ivetka\Desktop\ESETOnlineScanner_CSY.exe
2016-11-10 15:41 - 2016-11-10 15:46 - 00000000 ____D C:\Users\Marek a Ivetka\Downloads\ccleaner
2016-11-10 15:39 - 2016-11-10 15:40 - 07165735 _____ C:\Users\Marek a Ivetka\Downloads\ccsetup523.zip
2016-11-10 15:37 - 2016-11-10 15:37 - 00035084 _____ C:\Users\Marek a Ivetka\Downloads\bookmarks-2016-11-10.json
2016-11-10 15:36 - 2016-11-10 15:37 - 00081371 _____ C:\Users\Marek a Ivetka\Downloads\bookmarks.html
2016-11-10 15:22 - 2016-11-10 15:22 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-10 15:21 - 2016-11-10 15:21 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-11-10 14:54 - 2016-11-10 14:54 - 00007602 _____ C:\Users\Marek a Ivetka\AppData\Local\Resmon.ResmonCfg
2016-11-09 21:47 - 2016-11-09 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-11-05 14:04 - 2016-11-05 14:04 - 00012076 _____ C:\Users\Marek a Ivetka\Downloads\[CzT]Dej_Vu_Deja_Vu.torrent
2016-10-27 17:55 - 2016-10-27 20:56 - 737826816 _____ C:\Users\Marek a Ivetka\Downloads\Spatnej.polda.2009.DVDRip.XviD.CZ.MY.avi
2016-10-27 17:54 - 2016-10-27 17:54 - 00014563 _____ C:\Users\Marek a Ivetka\Downloads\[CzT]Spatnej_polda_Bad_Lieutenant_2009_.torrent
2016-10-24 18:13 - 2016-10-24 18:22 - 1800767510 _____ C:\Users\Marek a Ivetka\Downloads\Spectre-2015-CZ-Dabing.avi
2016-10-24 18:12 - 2016-10-24 18:12 - 00017759 _____ C:\Users\Marek a Ivetka\Downloads\[CzT]Spectre_2015_CZ_.torrent
2016-10-16 09:11 - 2016-10-16 09:11 - 00022046 _____ C:\Users\Marek a Ivetka\Downloads\[CzT]Formule_1_Velka_cena_Japonska_2016_CZ_TvRip_720p_.torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-12 21:03 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-12 21:03 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-12 20:59 - 2013-03-23 21:44 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-12 20:11 - 2014-10-03 19:15 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-12 20:11 - 2014-10-03 19:15 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-12 19:25 - 2014-12-10 12:30 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Local\Softonic
2016-11-12 18:42 - 2011-02-19 06:36 - 10204710 _____ C:\Windows\system32\perfh005.dat
2016-11-12 18:42 - 2011-02-19 06:36 - 03500712 _____ C:\Windows\system32\perfc005.dat
2016-11-12 18:42 - 2009-07-14 06:13 - 00006560 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-12 18:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-12 18:20 - 2014-12-14 18:31 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-12 18:19 - 2012-12-15 15:17 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-11 16:56 - 2014-12-07 16:23 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Roaming\Seznam.cz
2016-11-11 16:51 - 2011-12-07 11:09 - 00000000 ___HD C:\ASUS.DAT
2016-11-11 12:09 - 2016-07-20 19:49 - 00003904 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1469040562
2016-11-11 12:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-10 17:13 - 2011-12-07 11:08 - 00000000 ____D C:\Users\Marek a Ivetka
2016-11-10 17:01 - 2011-04-01 10:19 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-11-10 17:00 - 2011-04-01 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-11-10 15:59 - 2013-03-23 21:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-10 15:59 - 2013-03-23 21:44 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-10 15:59 - 2011-12-08 10:52 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-10 15:59 - 2011-12-08 10:51 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-10 15:59 - 2011-04-01 10:19 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-10 15:50 - 2013-09-07 07:12 - 00000000 ____D C:\Windows\Minidump
2016-11-10 15:50 - 2011-12-24 10:59 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Local\CrashDumps
2016-11-10 15:50 - 2009-07-29 07:03 - 00000000 ____D C:\Windows\Panther
2016-11-10 15:26 - 2013-03-24 09:08 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-11-10 15:26 - 2012-12-15 15:17 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-11-10 15:26 - 2012-12-15 15:17 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-11-10 15:22 - 2014-10-03 18:54 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-11-10 15:22 - 2014-10-03 18:54 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-11-10 15:22 - 2013-03-24 09:08 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147878799435112
2016-11-10 15:22 - 2013-03-24 09:08 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-11-10 15:22 - 2012-12-15 15:17 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147878798897110
2016-11-10 15:22 - 2012-12-15 15:17 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-11-10 15:22 - 2012-12-15 15:17 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-11-10 15:20 - 2016-07-13 19:54 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-11-10 15:20 - 2012-12-15 15:17 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147878798042107
2016-11-10 06:33 - 2015-12-05 11:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-11-10 06:33 - 2015-04-09 17:30 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-11-10 06:33 - 2015-04-09 17:30 - 00000000 ___SD C:\Windows\system32\GWX
2016-11-10 06:33 - 2014-12-12 15:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-11-10 06:33 - 2014-12-07 10:52 - 00000000 ____D C:\Users\Marek a Ivetka\AppData\Roaming\uTorrent
2016-11-10 06:33 - 2014-05-10 16:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-11-10 06:33 - 2012-05-12 15:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-10 06:33 - 2011-11-08 09:44 - 00000000 ____D C:\ProgramData\P4G
2016-11-10 06:33 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-11-10 06:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-11-10 06:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-11-06 16:10 - 2013-07-15 10:12 - 00000000 ____D C:\Windows\system32\MRT
2016-10-26 17:44 - 2014-10-03 19:15 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-26 17:44 - 2014-10-03 19:15 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-22 16:27 - 2016-10-03 13:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Files in the root of some directories =======
2016-11-10 14:54 - 2016-11-10 14:54 - 0007602 _____ () C:\Users\Marek a Ivetka\AppData\Local\Resmon.ResmonCfg
2016-01-25 09:11 - 2016-01-25 09:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-01 10:21 - 2010-07-07 00:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2012-05-28 14:39 - 2012-05-28 14:52 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2011-11-08 09:51 - 2011-11-08 09:53 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-11-08 09:51 - 2011-11-08 09:51 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marek a Ivetka\Desktop" je 8 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP
"C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Marek a Ivetka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Marek a Ivetka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl
%ProgramFiles%\Elantech\ETDCtrl.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ihhwsinesw
wscript.exe //B "C:\Users\MAREKA~1\AppData\Local\Temp\ihhwsinesw.vbs" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuance PDF Reader-reminder
"C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Softonic for Windows
"C:\Users\Marek a Ivetka\AppData\Local\Softonic\Softonic.exe" -minimize [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE /start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marek a Ivetka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk
C:\Users\MAREKA~1\AppData\Roaming\GAMERA~1\GAMERA~1\GAMERA~1.EXE /autostart [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================