Prosím o kontrolu
Napsal: 06 kvě 2017 11:43
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-05-2017
Ran by Venda (administrator) on KLUCI (06-05-2017 12:18:36)
Running from C:\Documents and Settings\Venda\Dokumenty\Stažené soubory
Loaded Profiles: Venda (Available Profiles: Táta & Martik & Standa & Venda & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\WINDOWS\system32\acs.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
() C:\Program Files\TP-LINK\TWCU\TWCU.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Jet Detection] => C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [28672 2001-11-29] ()
HKLM\...\Run: [TWCU] => C:\Program Files\TP-LINK\TWCU\TWCU.exe [364544 2006-03-29] ()
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3281600 2016-03-03] (Disc Soft Ltd)
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1951336 2017-05-06] (Lavasoft)
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: E - E:\Loader.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {11f9ce38-0352-11e7-a32f-001478116eb5} - E:\Launcher.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {797e0632-9124-11e6-a2a7-001478116eb5} - F:\Launcher.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {8c2043a6-e22c-11e5-a1ed-001478116eb5} - G:\setup.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {a519f92e-f822-11e5-a20f-001478116eb5} - H:\AutoRun.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {a519f92f-f822-11e5-a20f-001478116eb5} - I:\AutoRun.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {ca9ff4a7-06fd-11e7-a336-001478116eb5} - H:\Launcher.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AF1FE740-D627-48A1-9AFB-7F4CFEED706E}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-484763869-2146948623-682003330-1006\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-484763869-2146948623-682003330-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10181_1310_170415__yaie
HKU\S-1-5-21-484763869-2146948623-682003330-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=147 ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=147 ... earchTerms}
SearchScopes: HKU\S-1-5-21-484763869-2146948623-682003330-1006 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=147 ... earchTerms}
SearchScopes: HKU\S-1-5-21-484763869-2146948623-682003330-1006 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=147 ... earchTerms}
SearchScopes: HKU\S-1-5-21-484763869-2146948623-682003330-1006 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10181_1310_170415__yaie&p={searchTerms}
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 [2017-05-06]
FF NewTab: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10181_1310_170415__yaff
FF DefaultSearchEngine: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> Yahoo®
FF SelectedSearchEngine: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> Yahoo®
FF Homepage: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> about:home
FF Session Restore: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> is enabled.
FF NetworkProxy: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> type", 0
FF SearchPlugin: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390\searchplugins\yahoo-lavasoft.xml [2017-04-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-11-20] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-03-01] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-484763869-2146948623-682003330-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Venda\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies ApS)
Opera:
=======
OPR StartupUrls:
OPR Session Restore: -> is enabled.
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACS; C:\WINDOWS\System32\acs.exe [36864 2005-12-30] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082560 2016-03-03] (Disc Soft Ltd) [File not signed]
R2 GubedZL; C:\Program Files\Gubed\GubedZL.dll [120832 2017-01-12] () [File not signed]
S3 iThemes5; C:\Program Files\Common Files\Services\iThemes.dll [820224 2016-12-30] () [File not signed] <==== ATTENTION
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2759784 2017-05-06] (Lavasoft Limited)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 WCAssistantService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25192 2017-05-06] ()
S4 unchecky; no ImagePath
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2016-03-01] (Meetinghouse Data Communications) [File not signed]
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [470048 2005-12-21] (Atheros Communications, Inc.) [File not signed]
S3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [26168 2016-06-11] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\DRIVERS\dtliteusbbus.sys [40504 2016-06-11] (Disc Soft Ltd)
S3 emu10k; C:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
S3 emu10k1; C:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
S3 hidgame; C:\WINDOWS\System32\DRIVERS\hidgame.sys [8576 2001-08-17] (Microsoft Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [129312 2014-08-11] (NVIDIA Corporation)
R2 PfModNT; C:\WINDOWS\System32\PfModNT.sys [6752 1999-12-17] (Creative Technology Ltd.) [File not signed]
S3 sfman; C:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [13120 2016-02-21] ()
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2017-01-14] ()
S4 IntelIde; no ImagePath
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-06 12:17 - 2017-05-06 12:17 - 00000000 ____D C:\Program Files\Thrustmaster
2017-05-06 12:17 - 2017-05-06 12:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Thrustmaster
2017-05-06 12:17 - 2015-07-16 16:38 - 00035840 _____ (Thrustmaster) C:\WINDOWS\system32\tmffbdrv.dll
2017-05-06 12:17 - 2012-09-27 11:59 - 00238592 _____ (Thrustmaster) C:\WINDOWS\system32\tmffbcpl.dll
2017-05-06 12:03 - 2017-05-06 12:14 - 00000000 ____D C:\FRST
2017-05-06 12:03 - 2017-05-06 12:03 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\TweakBit
2017-05-06 12:02 - 2017-05-06 12:02 - 00023989 _____ C:\rsit_log.txt
2017-05-06 11:35 - 2017-05-06 11:35 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Wise Registry Cleaner
2017-05-06 11:35 - 2017-05-06 11:35 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Wise Euask
2017-05-06 11:32 - 2017-05-06 11:33 - 00000000 ___SD C:\ComboFix
2017-05-06 11:14 - 2017-05-06 11:54 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\Táta\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\Standa\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\Martik\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp
2017-05-06 10:52 - 2017-05-06 10:52 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Opera Software
2017-05-06 10:52 - 2017-05-06 10:52 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Opera Software
2017-05-06 10:22 - 2017-05-06 11:32 - 00000000 ____D C:\Qoobox
2017-05-06 10:22 - 2017-05-06 11:13 - 00000000 ____D C:\WINDOWS\erdnt
2017-05-06 10:22 - 2017-05-06 10:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Nástroje pro správu
2017-05-06 10:22 - 2017-05-06 10:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty\Filmy
2017-05-06 10:22 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2017-05-06 10:22 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2017-05-06 10:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2017-05-06 10:21 - 2017-05-06 10:22 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory
2017-05-06 10:21 - 2017-05-06 10:21 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2017-05-06 10:21 - 2017-05-06 10:21 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Adobe
2017-05-06 10:03 - 2017-05-06 10:04 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Mozilla
2017-05-06 10:03 - 2017-05-06 10:03 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla
2017-05-06 09:59 - 2017-05-06 09:59 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty\Obrázky
2017-05-06 09:59 - 2017-05-06 09:59 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty\Hudba
2017-05-06 09:59 - 2017-05-06 09:59 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\NVIDIA
2017-05-06 09:32 - 2017-05-06 09:32 - 00353384 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService.dll
2017-05-06 09:32 - 2017-05-06 09:32 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Lavasoft
2017-04-28 19:58 - 2017-04-28 19:58 - 00000636 _____ C:\Documents and Settings\All Users\Plocha\Insane.lnk
2017-04-28 19:56 - 2017-04-28 19:59 - 00000000 ____D C:\Codemasters
2017-04-28 18:14 - 2017-05-06 11:41 - 00000000 ____D C:\Program Files\Steam
2017-04-28 18:14 - 2017-04-28 18:14 - 00000638 _____ C:\Documents and Settings\All Users\Plocha\Steam.lnk
2017-04-28 18:14 - 2017-04-28 18:14 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Steam
2017-04-22 09:59 - 2017-04-22 09:59 - 00001950 _____ C:\Documents and Settings\Venda\Plocha\Priserky, s.r.o., Strasidelny ostrov.lnk
2017-04-22 09:56 - 2017-04-22 09:56 - 00000199 _____ C:\WINDOWS\disneysy.ini
2017-04-15 19:53 - 2017-05-06 10:59 - 00263216 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2017-04-15 19:48 - 2017-04-15 19:48 - 00001727 _____ C:\Documents and Settings\Venda\Plocha\Kačer Donald vrací úder.lnk
2017-04-15 19:46 - 2017-04-15 19:46 - 00000000 ____D C:\Program Files\Ligos
2017-04-15 19:46 - 2000-06-22 13:09 - 00056320 ____N C:\WINDOWS\system32\iyvu9_32.dll
2017-04-15 19:45 - 2017-04-15 19:45 - 00000000 ____D C:\Program Files\Lavasoft
2017-04-15 19:45 - 2017-04-15 19:45 - 00000000 ____D C:\Documents and Settings\Venda\Local Settings\Data aplikací\Lavasoft
2017-04-15 19:45 - 2017-04-15 19:45 - 00000000 ____D C:\Documents and Settings\Venda\Data aplikací\Lavasoft
2017-04-15 19:43 - 2017-04-15 19:43 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2017-04-15 19:43 - 2016-05-08 11:27 - 03613696 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw.dll
2017-04-15 19:43 - 2015-10-24 18:00 - 00112128 _____ C:\WINDOWS\system32\ff_vfw.dll
2017-04-15 19:43 - 2015-02-25 18:27 - 00473088 _____ (hxxp://www.mp3dev.org/) C:\WINDOWS\system32\lameACM.acm
2017-04-15 19:43 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2017-04-15 19:43 - 2012-05-21 23:48 - 00000415 _____ C:\WINDOWS\system32\lame_acm.xml
2017-04-15 19:43 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2017-04-15 19:43 - 2011-06-22 16:14 - 00000714 _____ C:\WINDOWS\system32\ff_vfw.dll.manifest
2017-04-15 19:43 - 2004-05-18 20:16 - 00039936 _____ (Disappearing Inc.) C:\WINDOWS\system32\huffyuv.dll
2017-04-15 19:42 - 2017-04-15 19:43 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2017-04-15 19:29 - 2017-04-15 19:29 - 00000000 ____D C:\WINDOWS\UbiSoft
2017-04-15 18:33 - 2017-04-15 18:33 - 00000000 ____D C:\Documents and Settings\Venda\Local Settings\Data aplikací\Rovio
2017-04-15 12:22 - 2017-04-19 18:36 - 00000000 ____D C:\Documents and Settings\Venda\Data aplikací\Rovio
2017-04-15 12:22 - 2017-04-15 12:22 - 00000000 ____D C:\Program Files (x86)
2017-04-15 12:21 - 2017-04-15 18:32 - 00002429 _____ C:\Documents and Settings\All Users\Plocha\Bad Piggies.lnk
2017-04-15 12:20 - 2017-04-15 12:20 - 00001972 _____ C:\Documents and Settings\All Users\Plocha\Angry Birds Seasons.lnk
2017-04-15 12:19 - 2017-04-15 12:19 - 00001944 _____ C:\Documents and Settings\All Users\Plocha\Angry Birds Space.lnk
2017-04-15 12:18 - 2017-04-15 12:18 - 00001916 _____ C:\Documents and Settings\All Users\Plocha\Angry Birds Rio.lnk
2017-04-15 12:16 - 2017-04-15 12:16 - 00001867 _____ C:\Documents and Settings\All Users\Plocha\Angry Birds.lnk
2017-04-15 12:15 - 2017-04-15 12:21 - 00000000 ____D C:\Program Files\Rovio Entertainment Ltd
2017-04-15 12:15 - 2017-04-15 12:21 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Rovio Entertainment Ltd
2017-04-15 12:14 - 2017-04-15 19:13 - 00000000 ____D C:\Documents and Settings\Venda\Data aplikací\Rovio Entertainment Ltd
2017-04-15 12:13 - 2017-04-15 12:13 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Disney Interactive
2017-04-15 12:10 - 2017-04-15 12:10 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\w95inf32.dll
2017-04-15 12:10 - 2017-04-15 12:10 - 00002272 _____ (Microsoft Corporation) C:\WINDOWS\system32\w95inf16.dll
2017-04-15 12:10 - 1998-09-02 10:02 - 00194320 _____ (Microsoft Corporation) C:\WINDOWS\system32\qcut.dll
2017-04-15 12:10 - 1998-08-27 06:51 - 00182032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft3.dll
2017-04-15 12:10 - 1998-08-17 11:21 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciqtz.drv
2017-04-15 12:10 - 1998-08-17 11:21 - 00010240 _____ C:\WINDOWS\system32\vidx16.dll
2017-04-15 12:10 - 1998-08-17 11:21 - 00005672 _____ C:\WINDOWS\system32\quartz.vxd
2017-04-10 16:42 - 2017-04-10 16:42 - 00000184 _____ C:\Documents and Settings\Venda\Plocha\Zástupce - Jedotka CD-ROM.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-06 12:19 - 2016-03-02 19:55 - 00000000 ____D C:\Documents and Settings\Venda\Local Settings\Temp
2017-05-06 12:17 - 2016-03-01 21:00 - 00021030 _____ C:\WINDOWS\system32\nvAppTimestamps
2017-05-06 12:17 - 2016-03-01 19:25 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-05-06 12:17 - 2016-03-01 18:24 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2017-05-06 12:15 - 2016-03-02 19:55 - 00000000 ____D C:\Documents and Settings\Venda\Plocha
2017-05-06 12:08 - 2016-03-04 19:26 - 00000000 ____D C:\Documents and Settings\Venda\Dokumenty\Stažené soubory
2017-05-06 12:08 - 2016-03-01 18:18 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2017-05-06 12:03 - 2016-03-01 18:24 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2017-05-06 12:02 - 2016-09-05 18:22 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2017-05-06 11:54 - 2017-02-03 14:56 - 00000000 ____D C:\Program Files\trend micro
2017-05-06 11:41 - 2017-02-03 17:08 - 00000550 _____ C:\WINDOWS\Tasks\Tweaking.com - Windows Repair Tray Icon.job
2017-05-06 11:41 - 2016-04-01 18:32 - 00000400 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1459528337.job
2017-05-06 11:41 - 2016-03-02 18:34 - 00000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2017-05-06 11:41 - 2016-03-01 17:42 - 00032508 _____ C:\WINDOWS\SchedLgU.Txt
2017-05-06 11:41 - 2016-03-01 17:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-06 11:40 - 2016-03-01 19:34 - 00016420 _____ C:\WINDOWS\system32\BMXStateBkp-{00000004-00000000-00000002-00001102-00000002-80281102}.rfx
2017-05-06 11:40 - 2016-03-01 19:34 - 00016420 _____ C:\WINDOWS\system32\BMXState-{00000004-00000000-00000002-00001102-00000002-80281102}.rfx
2017-05-06 11:40 - 2016-03-01 19:34 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2017-05-06 11:40 - 2016-03-01 19:34 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2017-05-06 11:40 - 2016-03-01 19:34 - 00000024 _____ C:\WINDOWS\system32\DVCStateBkp-{00000004-00000000-00000002-00001102-00000002-80281102}.dat
2017-05-06 11:40 - 2016-03-01 19:34 - 00000024 _____ C:\WINDOWS\system32\DVCState-{00000004-00000000-00000002-00001102-00000002-80281102}.dat
2017-05-06 11:40 - 2016-03-01 19:31 - 00024672 _____ C:\WINDOWS\system32\BMXCtrlState-{00000004-00000000-00000002-00001102-00000002-80281102}.rfx
2017-05-06 11:40 - 2016-03-01 19:31 - 00024672 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000004-00000000-00000002-00001102-00000002-80281102}.rfx
2017-05-06 11:39 - 2016-09-05 18:22 - 00000000 ____D C:\Documents and Settings\Administrator
2017-05-06 11:35 - 2016-09-05 18:22 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2017-05-06 11:14 - 2016-03-01 17:42 - 00000000 __SHD C:\Documents and Settings\NetworkService
2017-05-06 11:11 - 2001-10-25 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2017-05-06 11:04 - 2016-03-01 18:24 - 01179306 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-06 11:04 - 2001-10-25 14:00 - 00488378 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-06 11:04 - 2001-10-25 14:00 - 00097034 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-06 10:59 - 2016-03-01 20:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-06 10:59 - 2016-03-01 17:42 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2017-05-06 10:46 - 2016-06-19 12:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-06 10:37 - 2016-03-02 19:55 - 00000178 ___SH C:\Documents and Settings\Venda\ntuser.ini
2017-05-06 10:22 - 2016-09-05 18:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2017-05-06 10:22 - 2016-09-05 18:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty
2017-05-06 10:03 - 2016-09-05 18:22 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2017-05-06 09:59 - 2016-09-05 18:32 - 00014416 _____ C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2017-05-06 09:59 - 2016-09-05 18:22 - 00000792 _____ C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
2017-05-06 09:59 - 2016-09-05 18:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Oblíbené položky
2017-05-06 09:59 - 2016-09-05 18:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2017-05-06 09:59 - 2016-04-24 09:13 - 00000178 ___SH C:\Documents and Settings\Martik\ntuser.ini
2017-05-06 09:58 - 2016-04-24 09:13 - 00000792 _____ C:\Documents and Settings\Martik\Nabídka Start\Programy\Windows Media Player.lnk
2017-05-06 09:58 - 2016-04-24 09:13 - 00000000 ___RD C:\Documents and Settings\Martik\Nabídka Start\Programy
2017-05-06 09:58 - 2016-03-01 17:43 - 00000178 ___SH C:\Documents and Settings\Táta\ntuser.ini
2017-05-06 09:48 - 2016-03-01 20:54 - 00000000 ____D C:\Documents and Settings\Táta\Dokumenty\Stažené soubory
2017-05-06 09:43 - 2016-10-12 19:10 - 00000157 _____ C:\error.txt
2017-05-06 09:19 - 2001-10-25 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-04-29 11:57 - 2016-12-25 16:28 - 00000000 ____D C:\Documents and Settings\Venda\Dokumenty\NFS Most Wanted
2017-04-29 08:06 - 2016-03-02 21:02 - 00561894 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-484763869-2146948623-682003330-1006-0.dat
2017-04-29 08:06 - 2016-03-02 18:53 - 00088590 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2017-04-29 07:17 - 2017-01-22 12:21 - 00000000 ____D C:\Documents and Settings\Venda\Data aplikací\Seznam.cz
2017-04-28 19:59 - 2016-10-13 11:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Codemasters
2017-04-28 19:58 - 2016-03-01 18:24 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-04-28 19:54 - 2016-03-01 18:24 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2017-04-28 18:31 - 2016-03-02 19:55 - 00000000 ___RD C:\Documents and Settings\Venda\Dokumenty
2017-04-22 09:58 - 2016-10-14 16:41 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Disney Interactive
2017-04-22 09:58 - 2016-10-14 16:38 - 00003890 _____ C:\WINDOWS\disney.ini
2017-04-22 09:56 - 2016-10-14 16:39 - 00000000 ____D C:\Program Files\Disney Interactive
2017-04-22 09:55 - 2016-03-02 19:56 - 00000000 ____D C:\Documents and Settings\Venda\Plocha\hry
2017-04-21 16:41 - 2016-03-01 18:18 - 00000000 ___HD C:\WINDOWS\inf
2017-04-15 19:45 - 2016-03-02 19:55 - 00000000 __RHD C:\Documents and Settings\Venda\Data aplikací
2017-04-15 19:45 - 2016-03-02 19:55 - 00000000 ___HD C:\Documents and Settings\Venda\Local Settings\Data aplikací
2017-04-15 19:45 - 2016-03-01 18:23 - 00000000 ____D C:\Documents and Settings\All Users
2017-04-15 12:10 - 2016-03-02 19:55 - 00000792 _____ C:\Documents and Settings\Venda\Nabídka Start\Programy\Windows Media Player.lnk
2017-04-15 12:10 - 2016-03-02 19:55 - 00000000 ___RD C:\Documents and Settings\Venda\Nabídka Start\Programy
2017-04-15 12:10 - 2016-03-01 18:18 - 00000000 ____D C:\WINDOWS\Help
2017-04-15 12:10 - 2016-03-01 17:39 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2017-04-15 12:10 - 2016-03-01 17:39 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2017-04-07 16:30 - 2017-02-06 19:30 - 00000000 ____D C:\Documents and Settings\Venda\Dokumenty\Euro Truck Simulator
==================== Files in the root of some directories =======
2016-07-29 12:52 - 2016-08-24 12:41 - 5840879 _____ (Update) C:\Program Files\SSFK.exe
Some files in TEMP:
====================
2017-04-28 18:30 - 2003-03-18 23:28 - 0274432 _____ (Electronic Arts, Inc.) C:\Documents and Settings\Venda\Local Settings\Temp\eauninstall.exe
2017-04-28 18:30 - 2003-02-26 19:05 - 0086016 _____ (EA) C:\Documents and Settings\Venda\Local Settings\Temp\F1 Challenge 99-02_uninst.exe
2017-05-06 09:35 - 2017-05-06 09:35 - 0728536 _____ (adaware) C:\Documents and Settings\Venda\Local Settings\Temp\wcupdater.exe
2017-04-28 19:00 - 2017-04-28 19:00 - 0534528 _____ () C:\Documents and Settings\Venda\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Ran by Venda (administrator) on KLUCI (06-05-2017 12:18:36)
Running from C:\Documents and Settings\Venda\Dokumenty\Stažené soubory
Loaded Profiles: Venda (Available Profiles: Táta & Martik & Standa & Venda & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\WINDOWS\system32\acs.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
() C:\Program Files\TP-LINK\TWCU\TWCU.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Jet Detection] => C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [28672 2001-11-29] ()
HKLM\...\Run: [TWCU] => C:\Program Files\TP-LINK\TWCU\TWCU.exe [364544 2006-03-29] ()
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3281600 2016-03-03] (Disc Soft Ltd)
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1951336 2017-05-06] (Lavasoft)
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: E - E:\Loader.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {11f9ce38-0352-11e7-a32f-001478116eb5} - E:\Launcher.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {797e0632-9124-11e6-a2a7-001478116eb5} - F:\Launcher.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {8c2043a6-e22c-11e5-a1ed-001478116eb5} - G:\setup.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {a519f92e-f822-11e5-a20f-001478116eb5} - H:\AutoRun.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {a519f92f-f822-11e5-a20f-001478116eb5} - I:\AutoRun.exe
HKU\S-1-5-21-484763869-2146948623-682003330-1006\...\MountPoints2: {ca9ff4a7-06fd-11e7-a336-001478116eb5} - H:\Launcher.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AF1FE740-D627-48A1-9AFB-7F4CFEED706E}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-484763869-2146948623-682003330-1006\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-484763869-2146948623-682003330-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10181_1310_170415__yaie
HKU\S-1-5-21-484763869-2146948623-682003330-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=147 ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=147 ... earchTerms}
SearchScopes: HKU\S-1-5-21-484763869-2146948623-682003330-1006 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=147 ... earchTerms}
SearchScopes: HKU\S-1-5-21-484763869-2146948623-682003330-1006 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=147 ... earchTerms}
SearchScopes: HKU\S-1-5-21-484763869-2146948623-682003330-1006 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10181_1310_170415__yaie&p={searchTerms}
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 [2017-05-06]
FF NewTab: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10181_1310_170415__yaff
FF DefaultSearchEngine: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> Yahoo®
FF SelectedSearchEngine: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> Yahoo®
FF Homepage: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> about:home
FF Session Restore: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> is enabled.
FF NetworkProxy: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390 -> type", 0
FF SearchPlugin: C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\ma3toya7.default-1484416157390\searchplugins\yahoo-lavasoft.xml [2017-04-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-11-20] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-03-01] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-484763869-2146948623-682003330-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Venda\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies ApS)
Opera:
=======
OPR StartupUrls:
OPR Session Restore: -> is enabled.
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACS; C:\WINDOWS\System32\acs.exe [36864 2005-12-30] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082560 2016-03-03] (Disc Soft Ltd) [File not signed]
R2 GubedZL; C:\Program Files\Gubed\GubedZL.dll [120832 2017-01-12] () [File not signed]
S3 iThemes5; C:\Program Files\Common Files\Services\iThemes.dll [820224 2016-12-30] () [File not signed] <==== ATTENTION
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2759784 2017-05-06] (Lavasoft Limited)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 WCAssistantService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25192 2017-05-06] ()
S4 unchecky; no ImagePath
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2016-03-01] (Meetinghouse Data Communications) [File not signed]
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [470048 2005-12-21] (Atheros Communications, Inc.) [File not signed]
S3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [26168 2016-06-11] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\DRIVERS\dtliteusbbus.sys [40504 2016-06-11] (Disc Soft Ltd)
S3 emu10k; C:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
S3 emu10k1; C:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
S3 hidgame; C:\WINDOWS\System32\DRIVERS\hidgame.sys [8576 2001-08-17] (Microsoft Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [129312 2014-08-11] (NVIDIA Corporation)
R2 PfModNT; C:\WINDOWS\System32\PfModNT.sys [6752 1999-12-17] (Creative Technology Ltd.) [File not signed]
S3 sfman; C:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [13120 2016-02-21] ()
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2017-01-14] ()
S4 IntelIde; no ImagePath
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-06 12:17 - 2017-05-06 12:17 - 00000000 ____D C:\Program Files\Thrustmaster
2017-05-06 12:17 - 2017-05-06 12:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Thrustmaster
2017-05-06 12:17 - 2015-07-16 16:38 - 00035840 _____ (Thrustmaster) C:\WINDOWS\system32\tmffbdrv.dll
2017-05-06 12:17 - 2012-09-27 11:59 - 00238592 _____ (Thrustmaster) C:\WINDOWS\system32\tmffbcpl.dll
2017-05-06 12:03 - 2017-05-06 12:14 - 00000000 ____D C:\FRST
2017-05-06 12:03 - 2017-05-06 12:03 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\TweakBit
2017-05-06 12:02 - 2017-05-06 12:02 - 00023989 _____ C:\rsit_log.txt
2017-05-06 11:35 - 2017-05-06 11:35 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Wise Registry Cleaner
2017-05-06 11:35 - 2017-05-06 11:35 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Wise Euask
2017-05-06 11:32 - 2017-05-06 11:33 - 00000000 ___SD C:\ComboFix
2017-05-06 11:14 - 2017-05-06 11:54 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\Táta\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\Standa\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\Martik\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2017-05-06 11:14 - 2017-05-06 11:14 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp
2017-05-06 10:52 - 2017-05-06 10:52 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Opera Software
2017-05-06 10:52 - 2017-05-06 10:52 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Opera Software
2017-05-06 10:22 - 2017-05-06 11:32 - 00000000 ____D C:\Qoobox
2017-05-06 10:22 - 2017-05-06 11:13 - 00000000 ____D C:\WINDOWS\erdnt
2017-05-06 10:22 - 2017-05-06 10:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Nástroje pro správu
2017-05-06 10:22 - 2017-05-06 10:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty\Filmy
2017-05-06 10:22 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2017-05-06 10:22 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2017-05-06 10:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2017-05-06 10:22 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2017-05-06 10:21 - 2017-05-06 10:22 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory
2017-05-06 10:21 - 2017-05-06 10:21 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2017-05-06 10:21 - 2017-05-06 10:21 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Adobe
2017-05-06 10:03 - 2017-05-06 10:04 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Mozilla
2017-05-06 10:03 - 2017-05-06 10:03 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla
2017-05-06 09:59 - 2017-05-06 09:59 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty\Obrázky
2017-05-06 09:59 - 2017-05-06 09:59 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty\Hudba
2017-05-06 09:59 - 2017-05-06 09:59 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\NVIDIA
2017-05-06 09:32 - 2017-05-06 09:32 - 00353384 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService.dll
2017-05-06 09:32 - 2017-05-06 09:32 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Lavasoft
2017-04-28 19:58 - 2017-04-28 19:58 - 00000636 _____ C:\Documents and Settings\All Users\Plocha\Insane.lnk
2017-04-28 19:56 - 2017-04-28 19:59 - 00000000 ____D C:\Codemasters
2017-04-28 18:14 - 2017-05-06 11:41 - 00000000 ____D C:\Program Files\Steam
2017-04-28 18:14 - 2017-04-28 18:14 - 00000638 _____ C:\Documents and Settings\All Users\Plocha\Steam.lnk
2017-04-28 18:14 - 2017-04-28 18:14 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Steam
2017-04-22 09:59 - 2017-04-22 09:59 - 00001950 _____ C:\Documents and Settings\Venda\Plocha\Priserky, s.r.o., Strasidelny ostrov.lnk
2017-04-22 09:56 - 2017-04-22 09:56 - 00000199 _____ C:\WINDOWS\disneysy.ini
2017-04-15 19:53 - 2017-05-06 10:59 - 00263216 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2017-04-15 19:48 - 2017-04-15 19:48 - 00001727 _____ C:\Documents and Settings\Venda\Plocha\Kačer Donald vrací úder.lnk
2017-04-15 19:46 - 2017-04-15 19:46 - 00000000 ____D C:\Program Files\Ligos
2017-04-15 19:46 - 2000-06-22 13:09 - 00056320 ____N C:\WINDOWS\system32\iyvu9_32.dll
2017-04-15 19:45 - 2017-04-15 19:45 - 00000000 ____D C:\Program Files\Lavasoft
2017-04-15 19:45 - 2017-04-15 19:45 - 00000000 ____D C:\Documents and Settings\Venda\Local Settings\Data aplikací\Lavasoft
2017-04-15 19:45 - 2017-04-15 19:45 - 00000000 ____D C:\Documents and Settings\Venda\Data aplikací\Lavasoft
2017-04-15 19:43 - 2017-04-15 19:43 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2017-04-15 19:43 - 2016-05-08 11:27 - 03613696 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw.dll
2017-04-15 19:43 - 2015-10-24 18:00 - 00112128 _____ C:\WINDOWS\system32\ff_vfw.dll
2017-04-15 19:43 - 2015-02-25 18:27 - 00473088 _____ (hxxp://www.mp3dev.org/) C:\WINDOWS\system32\lameACM.acm
2017-04-15 19:43 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2017-04-15 19:43 - 2012-05-21 23:48 - 00000415 _____ C:\WINDOWS\system32\lame_acm.xml
2017-04-15 19:43 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2017-04-15 19:43 - 2011-06-22 16:14 - 00000714 _____ C:\WINDOWS\system32\ff_vfw.dll.manifest
2017-04-15 19:43 - 2004-05-18 20:16 - 00039936 _____ (Disappearing Inc.) C:\WINDOWS\system32\huffyuv.dll
2017-04-15 19:42 - 2017-04-15 19:43 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2017-04-15 19:29 - 2017-04-15 19:29 - 00000000 ____D C:\WINDOWS\UbiSoft
2017-04-15 18:33 - 2017-04-15 18:33 - 00000000 ____D C:\Documents and Settings\Venda\Local Settings\Data aplikací\Rovio
2017-04-15 12:22 - 2017-04-19 18:36 - 00000000 ____D C:\Documents and Settings\Venda\Data aplikací\Rovio
2017-04-15 12:22 - 2017-04-15 12:22 - 00000000 ____D C:\Program Files (x86)
2017-04-15 12:21 - 2017-04-15 18:32 - 00002429 _____ C:\Documents and Settings\All Users\Plocha\Bad Piggies.lnk
2017-04-15 12:20 - 2017-04-15 12:20 - 00001972 _____ C:\Documents and Settings\All Users\Plocha\Angry Birds Seasons.lnk
2017-04-15 12:19 - 2017-04-15 12:19 - 00001944 _____ C:\Documents and Settings\All Users\Plocha\Angry Birds Space.lnk
2017-04-15 12:18 - 2017-04-15 12:18 - 00001916 _____ C:\Documents and Settings\All Users\Plocha\Angry Birds Rio.lnk
2017-04-15 12:16 - 2017-04-15 12:16 - 00001867 _____ C:\Documents and Settings\All Users\Plocha\Angry Birds.lnk
2017-04-15 12:15 - 2017-04-15 12:21 - 00000000 ____D C:\Program Files\Rovio Entertainment Ltd
2017-04-15 12:15 - 2017-04-15 12:21 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Rovio Entertainment Ltd
2017-04-15 12:14 - 2017-04-15 19:13 - 00000000 ____D C:\Documents and Settings\Venda\Data aplikací\Rovio Entertainment Ltd
2017-04-15 12:13 - 2017-04-15 12:13 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Disney Interactive
2017-04-15 12:10 - 2017-04-15 12:10 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\w95inf32.dll
2017-04-15 12:10 - 2017-04-15 12:10 - 00002272 _____ (Microsoft Corporation) C:\WINDOWS\system32\w95inf16.dll
2017-04-15 12:10 - 1998-09-02 10:02 - 00194320 _____ (Microsoft Corporation) C:\WINDOWS\system32\qcut.dll
2017-04-15 12:10 - 1998-08-27 06:51 - 00182032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft3.dll
2017-04-15 12:10 - 1998-08-17 11:21 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciqtz.drv
2017-04-15 12:10 - 1998-08-17 11:21 - 00010240 _____ C:\WINDOWS\system32\vidx16.dll
2017-04-15 12:10 - 1998-08-17 11:21 - 00005672 _____ C:\WINDOWS\system32\quartz.vxd
2017-04-10 16:42 - 2017-04-10 16:42 - 00000184 _____ C:\Documents and Settings\Venda\Plocha\Zástupce - Jedotka CD-ROM.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-06 12:19 - 2016-03-02 19:55 - 00000000 ____D C:\Documents and Settings\Venda\Local Settings\Temp
2017-05-06 12:17 - 2016-03-01 21:00 - 00021030 _____ C:\WINDOWS\system32\nvAppTimestamps
2017-05-06 12:17 - 2016-03-01 19:25 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-05-06 12:17 - 2016-03-01 18:24 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2017-05-06 12:15 - 2016-03-02 19:55 - 00000000 ____D C:\Documents and Settings\Venda\Plocha
2017-05-06 12:08 - 2016-03-04 19:26 - 00000000 ____D C:\Documents and Settings\Venda\Dokumenty\Stažené soubory
2017-05-06 12:08 - 2016-03-01 18:18 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2017-05-06 12:03 - 2016-03-01 18:24 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2017-05-06 12:02 - 2016-09-05 18:22 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2017-05-06 11:54 - 2017-02-03 14:56 - 00000000 ____D C:\Program Files\trend micro
2017-05-06 11:41 - 2017-02-03 17:08 - 00000550 _____ C:\WINDOWS\Tasks\Tweaking.com - Windows Repair Tray Icon.job
2017-05-06 11:41 - 2016-04-01 18:32 - 00000400 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1459528337.job
2017-05-06 11:41 - 2016-03-02 18:34 - 00000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2017-05-06 11:41 - 2016-03-01 17:42 - 00032508 _____ C:\WINDOWS\SchedLgU.Txt
2017-05-06 11:41 - 2016-03-01 17:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-06 11:40 - 2016-03-01 19:34 - 00016420 _____ C:\WINDOWS\system32\BMXStateBkp-{00000004-00000000-00000002-00001102-00000002-80281102}.rfx
2017-05-06 11:40 - 2016-03-01 19:34 - 00016420 _____ C:\WINDOWS\system32\BMXState-{00000004-00000000-00000002-00001102-00000002-80281102}.rfx
2017-05-06 11:40 - 2016-03-01 19:34 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2017-05-06 11:40 - 2016-03-01 19:34 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2017-05-06 11:40 - 2016-03-01 19:34 - 00000024 _____ C:\WINDOWS\system32\DVCStateBkp-{00000004-00000000-00000002-00001102-00000002-80281102}.dat
2017-05-06 11:40 - 2016-03-01 19:34 - 00000024 _____ C:\WINDOWS\system32\DVCState-{00000004-00000000-00000002-00001102-00000002-80281102}.dat
2017-05-06 11:40 - 2016-03-01 19:31 - 00024672 _____ C:\WINDOWS\system32\BMXCtrlState-{00000004-00000000-00000002-00001102-00000002-80281102}.rfx
2017-05-06 11:40 - 2016-03-01 19:31 - 00024672 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000004-00000000-00000002-00001102-00000002-80281102}.rfx
2017-05-06 11:39 - 2016-09-05 18:22 - 00000000 ____D C:\Documents and Settings\Administrator
2017-05-06 11:35 - 2016-09-05 18:22 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2017-05-06 11:14 - 2016-03-01 17:42 - 00000000 __SHD C:\Documents and Settings\NetworkService
2017-05-06 11:11 - 2001-10-25 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2017-05-06 11:04 - 2016-03-01 18:24 - 01179306 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-06 11:04 - 2001-10-25 14:00 - 00488378 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-06 11:04 - 2001-10-25 14:00 - 00097034 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-06 10:59 - 2016-03-01 20:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-06 10:59 - 2016-03-01 17:42 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2017-05-06 10:46 - 2016-06-19 12:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-06 10:37 - 2016-03-02 19:55 - 00000178 ___SH C:\Documents and Settings\Venda\ntuser.ini
2017-05-06 10:22 - 2016-09-05 18:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2017-05-06 10:22 - 2016-09-05 18:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty
2017-05-06 10:03 - 2016-09-05 18:22 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2017-05-06 09:59 - 2016-09-05 18:32 - 00014416 _____ C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2017-05-06 09:59 - 2016-09-05 18:22 - 00000792 _____ C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
2017-05-06 09:59 - 2016-09-05 18:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Oblíbené položky
2017-05-06 09:59 - 2016-09-05 18:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2017-05-06 09:59 - 2016-04-24 09:13 - 00000178 ___SH C:\Documents and Settings\Martik\ntuser.ini
2017-05-06 09:58 - 2016-04-24 09:13 - 00000792 _____ C:\Documents and Settings\Martik\Nabídka Start\Programy\Windows Media Player.lnk
2017-05-06 09:58 - 2016-04-24 09:13 - 00000000 ___RD C:\Documents and Settings\Martik\Nabídka Start\Programy
2017-05-06 09:58 - 2016-03-01 17:43 - 00000178 ___SH C:\Documents and Settings\Táta\ntuser.ini
2017-05-06 09:48 - 2016-03-01 20:54 - 00000000 ____D C:\Documents and Settings\Táta\Dokumenty\Stažené soubory
2017-05-06 09:43 - 2016-10-12 19:10 - 00000157 _____ C:\error.txt
2017-05-06 09:19 - 2001-10-25 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-04-29 11:57 - 2016-12-25 16:28 - 00000000 ____D C:\Documents and Settings\Venda\Dokumenty\NFS Most Wanted
2017-04-29 08:06 - 2016-03-02 21:02 - 00561894 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-484763869-2146948623-682003330-1006-0.dat
2017-04-29 08:06 - 2016-03-02 18:53 - 00088590 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2017-04-29 07:17 - 2017-01-22 12:21 - 00000000 ____D C:\Documents and Settings\Venda\Data aplikací\Seznam.cz
2017-04-28 19:59 - 2016-10-13 11:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Codemasters
2017-04-28 19:58 - 2016-03-01 18:24 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-04-28 19:54 - 2016-03-01 18:24 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2017-04-28 18:31 - 2016-03-02 19:55 - 00000000 ___RD C:\Documents and Settings\Venda\Dokumenty
2017-04-22 09:58 - 2016-10-14 16:41 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Disney Interactive
2017-04-22 09:58 - 2016-10-14 16:38 - 00003890 _____ C:\WINDOWS\disney.ini
2017-04-22 09:56 - 2016-10-14 16:39 - 00000000 ____D C:\Program Files\Disney Interactive
2017-04-22 09:55 - 2016-03-02 19:56 - 00000000 ____D C:\Documents and Settings\Venda\Plocha\hry
2017-04-21 16:41 - 2016-03-01 18:18 - 00000000 ___HD C:\WINDOWS\inf
2017-04-15 19:45 - 2016-03-02 19:55 - 00000000 __RHD C:\Documents and Settings\Venda\Data aplikací
2017-04-15 19:45 - 2016-03-02 19:55 - 00000000 ___HD C:\Documents and Settings\Venda\Local Settings\Data aplikací
2017-04-15 19:45 - 2016-03-01 18:23 - 00000000 ____D C:\Documents and Settings\All Users
2017-04-15 12:10 - 2016-03-02 19:55 - 00000792 _____ C:\Documents and Settings\Venda\Nabídka Start\Programy\Windows Media Player.lnk
2017-04-15 12:10 - 2016-03-02 19:55 - 00000000 ___RD C:\Documents and Settings\Venda\Nabídka Start\Programy
2017-04-15 12:10 - 2016-03-01 18:18 - 00000000 ____D C:\WINDOWS\Help
2017-04-15 12:10 - 2016-03-01 17:39 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2017-04-15 12:10 - 2016-03-01 17:39 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2017-04-07 16:30 - 2017-02-06 19:30 - 00000000 ____D C:\Documents and Settings\Venda\Dokumenty\Euro Truck Simulator
==================== Files in the root of some directories =======
2016-07-29 12:52 - 2016-08-24 12:41 - 5840879 _____ (Update) C:\Program Files\SSFK.exe
Some files in TEMP:
====================
2017-04-28 18:30 - 2003-03-18 23:28 - 0274432 _____ (Electronic Arts, Inc.) C:\Documents and Settings\Venda\Local Settings\Temp\eauninstall.exe
2017-04-28 18:30 - 2003-02-26 19:05 - 0086016 _____ (EA) C:\Documents and Settings\Venda\Local Settings\Temp\F1 Challenge 99-02_uninst.exe
2017-05-06 09:35 - 2017-05-06 09:35 - 0728536 _____ (adaware) C:\Documents and Settings\Venda\Local Settings\Temp\wcupdater.exe
2017-04-28 19:00 - 2017-04-28 19:00 - 0534528 _____ () C:\Documents and Settings\Venda\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================