Prosím o prevetivku
Logfile of random's system information tool 1.09 (written by random/random)
Run by Sara at 2014-12-14 21:56:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 198 GB (69%) free of 286 GB
Total RAM: 3980 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:30, on 14.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Program Files\trend micro\Sara.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: e62a1271b6524ab3b4f60ca546d3b4d20065781 - {11111111-1111-1111-1111-110611571181} - (no file)
O2 - BHO: (no name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - (no file)
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O2 - BHO: snipsmart 1.0.0.5 - {68261aaa-dc9f-4c2b-a168-c323e304c3a2} - C:\Program Files (x86)\snipsmart\snipsmartbho.dll
O2 - BHO: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - (no file)
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Sara\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418547411
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-604747513-3900254597-958073122-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} - https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{78D7FB28-5277-8D1D-027E-6A70EFBE771B}: NameServer = 93.153.117.1 93.153.117.33
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update snipsmart - Unknown owner - C:\Program Files (x86)\snipsmart\updatesnipsmart.exe
O23 - Service: Util snipsmart - Unknown owner - C:\Program Files (x86)\snipsmart\bin\utilsnipsmart.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 18747 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 34240576
\??\C:\Windows\system32\conhost.exe "951788371-979479961134767896-338040894-765038027966066834754627030125254565
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {E8D3EAA1-776A-4F5C-A69A-5A235CA635C9}
C:\Windows\System32\lpksetup.exe -v
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b05a820e-38b3-4bfd-b926-07e370fc70ce 1
\??\C:\Windows\system32\conhost.exe "-1639277905-1429862700-196065536-186202111-688435167-1635088713-1777880922499635735
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
WLIDSvcM.exe 3608
C:\Windows\SysWOW64\svchost.exe -k MbnExt
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
ngservice.exe pipeserver
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
ATKOSD.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskeng.exe {9A22586C-9D92-4656-8815-361DC998A4C3}
\??\C:\Windows\system32\conhost.exe "-998939589-308130936444981224-1401324633-841435980-2058405505-2139762326-1196240864
KBFiltr.exe
taskeng.exe {D99FE2DC-22CD-4E9F-9C42-A0A9EE4AC1B9}
WDC.exe
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
szndesktop.exe default start
"C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-400902985-64673978831141921017733722541297935030-211192711274904594881741922
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Windows\system32\igfxpers.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" -Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7a0ac725-76fb-4a7f-b540-af636da178bb -SystemEventPortName:HostProcess-d72fc2e0-fe7c-4096-a8be-9c570acdc527 -IoCancelEventPortName:HostProcess-e8ddad04-1c8d-471a-b3da-9d492d43bb14 -NonStateChangingEventPortName:HostProcess-325412dc-272b-4cb4-af9c-9c9ea1c9f3f6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e285817c-ace6-405e-8dc6-f1c98c8de971 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\snipsmart\updatesnipsmart.exe"
ctfmon.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6508.a581300.1829171701 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 6508 "\\.\pipe\gecko-crash-server-pipe.6508" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe" --proxy-stub-channel=Flash9256.62486188.499 --host-broker-channel=Flash9256.62486188.2448 --host-pid=9256 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe" --channel=7224.003CF8E0.1594793629 --proxy-stub-channel=Flash9256.62486188.499 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll" --host-npapi-version=27 --type=renderer
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 5AB07948-91C0-9489-85B7-D5E79E4AEE8F -Reinvoke
"C:\Users\Sara\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-1.job
C:\Windows\tasks\51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-11.job
C:\Windows\tasks\51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-2.job
C:\Windows\tasks\51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-3.job
C:\Windows\tasks\51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-4.job
C:\Windows\tasks\51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-5.job
C:\Windows\tasks\51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-5_user.job
C:\Windows\tasks\51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-6.job
C:\Windows\tasks\51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-7.job
C:\Windows\tasks\5de23067-ea1c-4f2e-b071-86ea20e69c6b.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\d2f402be-1c47-43c0-b1c6-b530f775c3bf.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job
C:\Windows\tasks\FCEAVYR.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\OSDFVI.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\extensions\
{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\searchplugins\
seznam-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78234974-0C4B-4111-BDEB-D9A104418772}]
ASUS Browser Extension x64 - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll [2012-07-14 20448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-25 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll [2014-12-12 500584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-10-07 886480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d8566bd-f06f-4029-a3be-ba80af5a09f3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}]
snipsmart 1.0.0.5 - C:\Program Files (x86)\snipsmart\snipsmartbho.dll [2014-12-14 250096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78234974-0C4B-4111-BDEB-D9A104418771}]
ASUS Browser Extension x86 - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll [2012-07-14 18400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-05-30 52352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-25 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro.dll [2014-12-12 418664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-10-14 710352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{1d8566bd-f06f-4029-a3be-ba80af5a09f3}
{30F9B915-B755-4826-820B-08FBA6BD249D}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-22 398616]
"ASUS Quick Gesture (x86)"=C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [2012-07-14 17376]
"ASUS TP Center (x64)"=C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [2012-07-14 235488]
"ASUS Quick Gesture (x64)"=C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [2012-07-14 19424]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-05-26 361984]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [2012-05-30 1023616]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [2012-05-30 801920]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-16 2462536]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-10-16 2800296]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-12 138096]
"SkyDrive"=C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-09-25 277672]
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2014-12-12 1988456]
"cz.seznam.software.autoupdate"=C:\Users\Sara\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1418547411 []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-02-24 3331312]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-26 291608]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-04-02 5138032]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25 322208]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-06-19 174752]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-21 102568]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-12 5227112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2014-12-12 1988456]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-22 430080]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-14 09:42:37 ----A---- C:\Windows\SYSWOW64\sho4F1D.tmp
2014-12-14 09:37:26 ----D---- C:\Program Files (x86)\Seznam.cz
2014-12-14 09:36:37 ----D---- C:\Users\Sara\AppData\Roaming\Seznam.cz
2014-12-14 09:28:12 ----A---- C:\Windows\system32\drivers\{9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw64.sys
2014-12-14 09:20:58 ----D---- C:\Program Files (x86)\snipsmart
2014-12-14 09:17:38 ----A---- C:\Users\Sara\AppData\Roaming\OSDFVI.exe
2014-12-14 09:17:10 ----D---- C:\Program Files (x86)\fdae2477-f171-42d1-b453-7fc29192d768
2014-12-14 09:16:56 ----A---- C:\Users\Sara\AppData\Roaming\FCEAVYR.exe
2014-12-14 09:16:41 ----D---- C:\Program Files (x86)\globalUpdate
2014-12-14 09:16:33 ----D---- C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.12
2014-12-14 09:14:35 ----D---- C:\ProgramData\ShopperPro
2014-12-14 09:13:14 ----D---- C:\Program Files (x86)\YTDownloader
2014-12-14 09:12:47 ----D---- C:\Program Files (x86)\ShopperPro
2014-12-13 08:51:10 ----A---- C:\Windows\SYSWOW64\shoCBAA.tmp
2014-12-12 16:09:42 ----D---- C:\Windows\system32\appraiser
2014-12-11 17:09:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-11 16:57:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-11 16:57:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-11 16:57:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 16:57:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 16:57:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 16:57:02 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 16:57:02 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 16:57:02 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 16:57:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 16:57:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-11 16:56:59 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 16:56:59 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 16:56:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 16:56:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 16:56:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-11 16:56:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 16:56:49 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 16:56:48 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 16:56:47 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 16:56:46 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-11 16:56:46 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 16:56:45 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-11 16:56:45 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-11 16:56:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 16:56:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-11 16:56:42 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 16:56:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-11 16:56:41 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 16:56:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 16:56:37 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 16:56:36 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 16:56:32 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 16:56:29 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-11 16:56:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 16:56:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 16:56:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 16:56:26 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 16:56:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-11 16:56:24 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-11 16:56:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 16:56:21 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 16:56:20 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 16:56:19 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 16:56:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 16:56:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 16:56:14 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 16:56:13 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 16:56:11 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 16:56:10 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 16:56:07 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 16:56:07 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 16:56:03 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 16:54:01 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-11 16:54:00 ----A---- C:\Windows\system32\appraiser.dll
2014-12-11 16:54:00 ----A---- C:\Windows\system32\aepic.dll
2014-12-11 16:53:59 ----A---- C:\Windows\system32\aeinv.dll
2014-12-11 16:53:58 ----A---- C:\Windows\system32\invagent.dll
2014-12-11 16:53:55 ----A---- C:\Windows\system32\generaltel.dll
2014-12-11 16:53:55 ----A---- C:\Windows\system32\devinv.dll
2014-12-11 16:53:54 ----A---- C:\Windows\system32\aepdu.dll
2014-12-11 16:53:33 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 16:53:32 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-11 16:53:31 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 16:53:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-11 16:53:21 ----A---- C:\Windows\system32\tzres.dll
2014-12-11 16:52:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 16:52:36 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 16:52:28 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 16:52:27 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-11 16:52:27 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 16:52:25 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 16:52:25 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 16:52:24 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-11 16:52:23 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-11 16:52:23 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-11 16:52:23 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-11 16:52:22 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-11 16:42:53 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-11 16:42:53 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-11 16:42:53 ----A---- C:\Windows\system32\mferror.dll
2014-12-11 16:42:52 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-11 16:42:52 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-11 16:42:52 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-11 16:42:51 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-11 16:42:51 ----A---- C:\Windows\system32\mfps.dll
2014-12-11 16:42:50 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 16:42:47 ----A---- C:\Windows\system32\mf.dll
2014-12-09 20:40:54 ----D---- C:\ProgramData\IDM
2014-12-09 20:40:43 ----D---- C:\Users\Sara\AppData\Roaming\IDM
2014-11-25 17:45:22 ----D---- C:\Windows\SYSWOW64\vbox
2014-11-25 17:45:22 ----D---- C:\Windows\system32\vbox
2014-11-25 17:38:42 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-25 17:38:33 ----A---- C:\Windows\avastSS.scr
2014-11-19 17:42:04 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 17:42:04 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 17:42:03 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 17:42:00 ----A---- C:\Windows\SYSWOW64\kerberos.dll
======List of files/folders modified in the last 1 month======
2014-12-14 21:56:27 ----D---- C:\Program Files\trend micro
2014-12-14 21:56:21 ----D---- C:\Windows\Temp
2014-12-14 21:34:40 ----D---- C:\Windows\Tasks
2014-12-14 21:34:40 ----D---- C:\Windows\system32\Tasks
2014-12-14 21:10:45 ----D---- C:\Windows\inf
2014-12-14 21:10:29 ----D---- C:\Windows
2014-12-14 13:55:04 ----A---- C:\Windows\win.ini
2014-12-14 12:44:44 ----D---- C:\Windows\system32\config
2014-12-14 10:51:25 ----D---- C:\Windows\system32\GroupPolicy
2014-12-14 09:57:54 ----D---- C:\Windows\System32
2014-12-14 09:57:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-14 09:53:04 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-14 09:49:54 ----D---- C:\Program Files\Microsoft Silverlight
2014-12-14 09:49:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-12-14 09:42:37 ----D---- C:\Windows\SysWOW64
2014-12-14 09:40:27 ----SHD---- C:\System Volume Information
2014-12-14 09:38:21 ----RD---- C:\Program Files (x86)
2014-12-14 09:32:12 ----D---- C:\Windows\ModemLogs
2014-12-14 09:32:12 ----D---- C:\Windows\debug
2014-12-14 09:28:12 ----D---- C:\Windows\system32\drivers
2014-12-14 09:20:45 ----SD---- C:\Users\Sara\AppData\Roaming\Microsoft
2014-12-14 09:17:23 ----D---- C:\Program Files (x86)\Adobe Download Assistant
2014-12-14 09:16:56 ----SHD---- C:\Windows\Installer
2014-12-14 09:14:35 ----HD---- C:\ProgramData
2014-12-14 09:13:30 ----D---- C:\Program Files\Common Files\System
2014-12-13 15:08:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 16:34:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-12 16:17:33 ----D---- C:\Windows\winsxs
2014-12-12 16:09:43 ----SD---- C:\Windows\system32\CompatTel
2014-12-12 16:09:43 ----D---- C:\Windows\AppCompat
2014-12-12 16:09:42 ----SD---- C:\ProgramData\Microsoft
2014-12-12 16:09:42 ----D---- C:\Program Files\Internet Explorer
2014-12-12 16:09:41 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-12 16:09:41 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-12 16:09:41 ----D---- C:\Windows\system32\en-US
2014-12-12 16:09:41 ----D---- C:\Windows\system32\cs-CZ
2014-12-12 16:09:41 ----D---- C:\Windows\PolicyDefinitions
2014-12-12 16:09:40 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-11 17:01:52 ----D---- C:\Windows\system32\MRT
2014-12-11 16:47:23 ----D---- C:\Windows\system32\catroot2
2014-12-11 16:47:23 ----D---- C:\Windows\system32\catroot
2014-12-11 16:43:24 ----A---- C:\Windows\system32\MRT.exe
2014-12-06 18:38:47 ----A---- C:\IFRToolLog.txt
2014-11-25 20:58:30 ----D---- C:\Windows\Prefetch
2014-11-23 12:14:27 ----D---- C:\Windows\rescache
2014-11-23 10:59:24 ----D---- C:\Users\Sara\AppData\Roaming\Skype
2014-11-16 13:37:02 ----D---- C:\Windows\Microsoft.NET
2014-11-16 13:33:40 ----RSD---- C:\Windows\assembly
2014-11-16 09:48:32 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-16 09:41:36 ----D---- C:\Program Files\Microsoft Office 15
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-25 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-12-23 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-10-30 31560]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-25 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-25 436624]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 ndisrd;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2011-02-22 30816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-25 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-25 116728]
R2 sbmntr;SBMNTR; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys [2014-12-12 58728]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-05-07 17152]
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys [2012-07-14 35968]
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys [2012-07-14 19104]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-01-11 2801664]
R3 ATP;ASUS PS/2 Port Input Device; C:\Windows\system32\DRIVERS\AsusTP.sys [2012-07-14 49824]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-05-30 30848]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-05-30 551040]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
R3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-09-09 98304]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-09-09 87040]
R3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-09-09 28672]
R3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-09-09 218624]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-22 14692224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-04-25 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-16 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-10-16 38048]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-03-23 2193008]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-05-26 71680]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-05-30 36480]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-05-30 341120]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-05-30 111232]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-05-30 168064]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-05-30 68736]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-05-30 281472]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-10-27 95928]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-14 48488]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2011-09-09 72192]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-25 271752]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-05-30 119424]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-25 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-16 1148744]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-16 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-16 19439944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-10-30 935232]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-24 2458984]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 Update snipsmart;Update snipsmart; C:\Program Files (x86)\snipsmart\updatesnipsmart.exe [2014-12-14 523504]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-03-23 27760]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-25 4012248]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 Util snipsmart;Util snipsmart; C:\Program Files (x86)\snipsmart\bin\utilsnipsmart.exe [2014-12-14 523504]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-22 276248]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-04-15 651720]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-14 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-11 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-08-20 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-08-20 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-13 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o prevetivku ...
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o prevetivku ...
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o prevetivku ...
Jééééééé....... zdravím Vás, ráda "vidím" starého známého ... a hlavně příjemného a milého človíčka, co mi několikrát vytrhnul trn z paty .... 
Tak tady je zatím log z adwcleaneru, teď jdu na druhý úkol ... tak zatím páček ...
# AdwCleaner v4.105 - Report created 14/12/2014 at 22:33:05
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sara - SARA-PC
# Running from : C:\Users\Sara\Downloads\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : sbmntr
[#] Service Deleted : Update snipsmart
Service Deleted : c2cautoupdatesvc
Service Deleted : c2cpnrsvc
[#] Service Deleted : Util snipsmart
Service Deleted : {9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\snipsmart
Folder Deleted : C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.12
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Sara\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Sara\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Sara\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sara\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Sara\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Sara\Documents\drivergenius
Folder Deleted : C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Folder Deleted : C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Windows\System32\drivers\{9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw64.sys
File Deleted : C:\Users\Sara\Desktop\YTDownloader.lnk
File Deleted : C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\invalidprefs.js
***** [ Scheduled Tasks ] *****
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : YTDownloader
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-1
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-11
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-2
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-3
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-4
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-5
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-5_user
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-6
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-7
Task Deleted : 5de23067-ea1c-4f2e-b071-86ea20e69c6b
Task Deleted : d2f402be-1c47-43c0-b1c6-b530f775c3bf
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update snipsmart
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util snipsmart
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2529008
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622572281}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575581}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576681}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4086DF47-C0E9-4EA0-A7E4-FDD954B182A1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644574481}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0c8e7de5-d3f4-4ff0-be7d-2547ff22a3bb}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e6c3f09-7659-4777-ba3d-9b66e67dcae6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90f71b62-6eac-414a-b154-2a35f3e119e9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622572281}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575581}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576681}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4086DF47-C0E9-4EA0-A7E4-FDD954B182A1}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e6c3f09-7659-4777-ba3d-9b66e67dcae6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90f71b62-6eac-414a-b154-2a35f3e119e9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\snipsmart
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\HQ-Video-Pro-2.1cV14.12
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Driver-Soft
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\snipsmart
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\HQ-Video-Pro-2.1cV14.12
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\snipsmart
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v34.0.5 (x86 cs)
[1arqlert.default-1350084774198\prefs.js] - Line Deleted : user_pref("extensions.a23fb8bb3ac214230bbfa49b94968bc63gmailcom65781.65781.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
[1arqlert.default-1350084774198\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14a47e40ef40bbfe45ea74316fd043ef");
[1arqlert.default-1350084774198\prefs.js] - Line Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R0].txt - [15826 octets] - [14/12/2014 22:25:57]
AdwCleaner[S0].txt - [15116 octets] - [14/12/2014 22:33:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15177 octets] ##########
Tak tady je zatím log z adwcleaneru, teď jdu na druhý úkol ... tak zatím páček ...
# AdwCleaner v4.105 - Report created 14/12/2014 at 22:33:05
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sara - SARA-PC
# Running from : C:\Users\Sara\Downloads\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : sbmntr
[#] Service Deleted : Update snipsmart
Service Deleted : c2cautoupdatesvc
Service Deleted : c2cpnrsvc
[#] Service Deleted : Util snipsmart
Service Deleted : {9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\snipsmart
Folder Deleted : C:\Program Files (x86)\HQ-Video-Pro-2.1cV14.12
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Sara\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Sara\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Sara\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sara\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Sara\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Sara\Documents\drivergenius
Folder Deleted : C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Folder Deleted : C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Windows\System32\drivers\{9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw64.sys
File Deleted : C:\Users\Sara\Desktop\YTDownloader.lnk
File Deleted : C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\invalidprefs.js
***** [ Scheduled Tasks ] *****
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : YTDownloader
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-1
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-11
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-2
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-3
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-4
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-5
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-5_user
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-6
Task Deleted : 51ec2501-7cce-477d-8f4d-b23bb7cdf2b6-7
Task Deleted : 5de23067-ea1c-4f2e-b071-86ea20e69c6b
Task Deleted : d2f402be-1c47-43c0-b1c6-b530f775c3bf
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update snipsmart
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util snipsmart
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2529008
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622572281}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575581}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576681}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4086DF47-C0E9-4EA0-A7E4-FDD954B182A1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644574481}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0c8e7de5-d3f4-4ff0-be7d-2547ff22a3bb}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e6c3f09-7659-4777-ba3d-9b66e67dcae6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90f71b62-6eac-414a-b154-2a35f3e119e9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622572281}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575581}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576681}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4086DF47-C0E9-4EA0-A7E4-FDD954B182A1}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e6c3f09-7659-4777-ba3d-9b66e67dcae6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90f71b62-6eac-414a-b154-2a35f3e119e9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\snipsmart
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\HQ-Video-Pro-2.1cV14.12
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Driver-Soft
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\snipsmart
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\HQ-Video-Pro-2.1cV14.12
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\snipsmart
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v34.0.5 (x86 cs)
[1arqlert.default-1350084774198\prefs.js] - Line Deleted : user_pref("extensions.a23fb8bb3ac214230bbfa49b94968bc63gmailcom65781.65781.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
[1arqlert.default-1350084774198\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14a47e40ef40bbfe45ea74316fd043ef");
[1arqlert.default-1350084774198\prefs.js] - Line Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R0].txt - [15826 octets] - [14/12/2014 22:25:57]
AdwCleaner[S0].txt - [15116 octets] - [14/12/2014 22:33:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15177 octets] ##########
Re: Prosím o prevetivku ...
Uffff .... netušila jsem, že to bude trvat ta dlouho ... jinak bych žádala o ontrolu zítra odpoledne .... omlouvám se za pozdní psaní ... kdyžtak mi písněte zítra, at Vás nezdržuji od spaní ... já skočím do peří za chvilku ....
tak tady to je ....
Zoek.exe v5.0.0.0 Updated 12-December-2014
Tool run by Sara on ne 14.12.2014 at 22:49:52,96.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Sara\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14.12.2014 22:52:57 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Sara\AppData\Roaming\Skinux deleted successfully
C:\Users\Sara\AppData\Roaming\TP deleted successfully
C:\Users\Sara\AppData\Local\KodakGallery deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D26E9F6-CA40-4CB0-A5A1-97D219C69FBC} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BF06D3C-A190-4914-95DF-87D93229D5E1} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E3D453-B6A8-45E3-9D24-97E78C56D4C7} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32C5FE11-25B7-4D0F-8F60-ADF68EB8414B} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47314F13-D0A-477E-AF14-DB5C152C308A} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC61BD-8CF1-4D12-9139-F434FB8C742} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57113905-769E-439A-A942-A4391F22CF3} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72CE5874-DD55-4383-A0A8-23557086C913} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E166CC3-A78A-42EA-A39E-5510E18FA18C} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F3D45A6-713D-47B2-BCB6-63C86EA0D666} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{830423-11E3-4757-895A-E746FB374EA2} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B1594BD-DF05-41E0-AF2-A5BA21F89924} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e6c3f09-7659-4777-ba3d-9b66e67dcae6} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90f71b62-6eac-414a-b154-2a35f3e119e9} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0C2960F-E091-4287-AA27-FB42D212D4} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBF4D98-1D55-4E1C-BDB1-C58353B6CBF} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7789AE0-F4D0-46C3-931A-FCD1C1428963} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAC0683B-96DF-4484-8EE5-E93F449AE6A0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D8566BD-F06F-4029-A3BE-BA80AF5A09F3} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{1D8566BD-F06F-4029-A3BE-BA80AF5A09F3} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{1D8566BD-F06F-4029-A3BE-BA80AF5A09F3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{1D8566BD-F06F-4029-A3BE-BA80AF5A09F3} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668");
user_pref("browser.search.defaulturl", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
user_pref("browser.search.order.1", "Seznam");
user_pref("keyword.URL", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
Added to C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\prefs.js:
ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_15.12.2014_0014_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\fdae2477-f171-42d1-b453-7fc29192d768 deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\extensions.sqlite deleted
C:\Windows\tasks\FCEAVYR.job deleted
C:\windows\SysNative\tasks\FCEAVYR deleted
C:\Windows\tasks\OSDFVI.job deleted
C:\windows\SysNative\tasks\OSDFVI deleted
C:\windows\SysNative\tasks\YTDownloaderUpd deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\sho2C17.tmp deleted
C:\Windows\Syswow64\sho4F1D.tmp deleted
C:\Windows\Syswow64\sho68FC.tmp deleted
C:\Windows\Syswow64\shoA25D.tmp deleted
C:\Windows\Syswow64\shoB85C.tmp deleted
C:\Windows\Syswow64\shoCBAA.tmp deleted
C:\Windows\Syswow64\shoFA0B.tmp deleted
C:\Users\Sara\AppData\Roaming\FCEAVYR.exe deleted
C:\Users\Sara\AppData\Roaming\OSDFVI.exe deleted
"C:\Users\Sara\AppData\Roaming\FCEAVYR" deleted
"C:\Users\Sara\AppData\Roaming\OSDFVI" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [25.11.2014 17:38]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - wrc@avast.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198
424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Sara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\Sara\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
==== Chromium Look ======================
Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[25.11.2014 17:38]
snipsmart - Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkemmoeajlaajnhcigkcdnfkeeclbad
Avast Online Security - Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Fix ======================
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkemmoeajlaajnhcigkcdnfkeeclbad deleted successfully
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ekkemmoeajlaajnhcigkcdnfkeeclbad_0.localstorage deleted successfully
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ekkemmoeajlaajnhcigkcdnfkeeclbad_0.localstorage-journal deleted successfully
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ekkemmoeajlaajnhcigkcdnfkeeclbad deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=AV01"
"Search Page"="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=AV01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
==== Reset Google Chrome ======================
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Default\Desktop\T-Mobile Internet Manager.lnk - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\Default User\Desktop\T-Mobile Internet Manager.lnk - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\Sara\Desktop\Driver Genius Professional Edition.lnk - C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe
C:\Users\Sara\Desktop\T-Mobile Internet Manager.lnk - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\UpdatusUser\Desktop\T-Mobile Internet Manager.lnk - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
C:\Users\Public\Desktop\Adobe Download Assistant.lnk - C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\AdreamSoft PDF to Word.lnk - C:\Program Files (x86)\AdreamSoft\PDFtoWord\PDFtoWord.exe
C:\Users\Public\Desktop\ASUS Vibe Fun Center.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
C:\Users\Public\Desktop\ASUS Instant Connect Installer.lnk - C:\Windows\Installer\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}\_6674EC67E9921BF5B03A07.exe
C:\Users\Public\Desktop\ASUS WebStorage.lnk - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Public\Desktop\eManual.Lnk - C:\eSupport\Manual\eManual.exe
C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
C:\Users\Public\Desktop\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\Public\Desktop\Kodak EasyShare.lnk - C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe
C:\Users\Public\Desktop\Software602 Form Filler.lnk - C:\Program Files (x86)\Software602\602XML\Filler\Filler602.exe -forms
C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Users\Public\Desktop\Výběr prohlížeče.lnk -
C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE
C:\Users\Public\Desktop\ASUS\Entertainment\Game Park Console.lnk - C:\ProgramData\Asus\Game Park Console\GameConsole.exe
C:\Users\Public\Desktop\ASUS\Entertainment\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
C:\Users\Public\Desktop\ASUS\Multimedia\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe
C:\Users\Public\Desktop\ASUS\System tool\e-Driver.lnk - C:\eSupport\eDriver\InstAll.exe
C:\Users\Public\Desktop\ASUS\System tool\Scene Switch.lnk - C:\ProgramData\ChangeFolderView\sceneswitch.ico
C:\Users\Public\Desktop\ASUS\System tool\Splendid Utility.Lnk - C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
C:\Users\Public\Desktop\ASUS\Word processor\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1029-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk - C:\Program Files (x86)\Glary Utilities\Integrator.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk - C:\Windows\Installer\{08CA9554-B5FE-4313-938F-D4A417B81175}\QTPlayer.ico
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== shortcuts After Repair ======================
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Sara\AppData\Local\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=45 folders=6 6258454 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sara\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Sara\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on po 15.12.2014 at 0:43:16,69 ======================
tak tady to je ....
Zoek.exe v5.0.0.0 Updated 12-December-2014
Tool run by Sara on ne 14.12.2014 at 22:49:52,96.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Sara\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14.12.2014 22:52:57 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Sara\AppData\Roaming\Skinux deleted successfully
C:\Users\Sara\AppData\Roaming\TP deleted successfully
C:\Users\Sara\AppData\Local\KodakGallery deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D26E9F6-CA40-4CB0-A5A1-97D219C69FBC} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BF06D3C-A190-4914-95DF-87D93229D5E1} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E3D453-B6A8-45E3-9D24-97E78C56D4C7} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32C5FE11-25B7-4D0F-8F60-ADF68EB8414B} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47314F13-D0A-477E-AF14-DB5C152C308A} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC61BD-8CF1-4D12-9139-F434FB8C742} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57113905-769E-439A-A942-A4391F22CF3} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72CE5874-DD55-4383-A0A8-23557086C913} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E166CC3-A78A-42EA-A39E-5510E18FA18C} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F3D45A6-713D-47B2-BCB6-63C86EA0D666} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{830423-11E3-4757-895A-E746FB374EA2} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B1594BD-DF05-41E0-AF2-A5BA21F89924} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e6c3f09-7659-4777-ba3d-9b66e67dcae6} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90f71b62-6eac-414a-b154-2a35f3e119e9} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0C2960F-E091-4287-AA27-FB42D212D4} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBF4D98-1D55-4E1C-BDB1-C58353B6CBF} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7789AE0-F4D0-46C3-931A-FCD1C1428963} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAC0683B-96DF-4484-8EE5-E93F449AE6A0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D8566BD-F06F-4029-A3BE-BA80AF5A09F3} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{1D8566BD-F06F-4029-A3BE-BA80AF5A09F3} deleted successfully
HKEY_USERS\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{1D8566BD-F06F-4029-A3BE-BA80AF5A09F3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{1D8566BD-F06F-4029-A3BE-BA80AF5A09F3} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668");
user_pref("browser.search.defaulturl", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
user_pref("browser.search.order.1", "Seznam");
user_pref("keyword.URL", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
Added to C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\prefs.js:
ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_15.12.2014_0014_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\fdae2477-f171-42d1-b453-7fc29192d768 deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\extensions.sqlite deleted
C:\Windows\tasks\FCEAVYR.job deleted
C:\windows\SysNative\tasks\FCEAVYR deleted
C:\Windows\tasks\OSDFVI.job deleted
C:\windows\SysNative\tasks\OSDFVI deleted
C:\windows\SysNative\tasks\YTDownloaderUpd deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\sho2C17.tmp deleted
C:\Windows\Syswow64\sho4F1D.tmp deleted
C:\Windows\Syswow64\sho68FC.tmp deleted
C:\Windows\Syswow64\shoA25D.tmp deleted
C:\Windows\Syswow64\shoB85C.tmp deleted
C:\Windows\Syswow64\shoCBAA.tmp deleted
C:\Windows\Syswow64\shoFA0B.tmp deleted
C:\Users\Sara\AppData\Roaming\FCEAVYR.exe deleted
C:\Users\Sara\AppData\Roaming\OSDFVI.exe deleted
"C:\Users\Sara\AppData\Roaming\FCEAVYR" deleted
"C:\Users\Sara\AppData\Roaming\OSDFVI" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [25.11.2014 17:38]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - wrc@avast.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198
424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Sara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\Sara\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
==== Chromium Look ======================
Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[25.11.2014 17:38]
snipsmart - Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkemmoeajlaajnhcigkcdnfkeeclbad
Avast Online Security - Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Fix ======================
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkemmoeajlaajnhcigkcdnfkeeclbad deleted successfully
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ekkemmoeajlaajnhcigkcdnfkeeclbad_0.localstorage deleted successfully
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ekkemmoeajlaajnhcigkcdnfkeeclbad_0.localstorage-journal deleted successfully
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ekkemmoeajlaajnhcigkcdnfkeeclbad deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=AV01"
"Search Page"="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=AV01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
==== Reset Google Chrome ======================
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Default\Desktop\T-Mobile Internet Manager.lnk - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\Default User\Desktop\T-Mobile Internet Manager.lnk - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\Sara\Desktop\Driver Genius Professional Edition.lnk - C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe
C:\Users\Sara\Desktop\T-Mobile Internet Manager.lnk - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\UpdatusUser\Desktop\T-Mobile Internet Manager.lnk - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
C:\Users\Public\Desktop\Adobe Download Assistant.lnk - C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\AdreamSoft PDF to Word.lnk - C:\Program Files (x86)\AdreamSoft\PDFtoWord\PDFtoWord.exe
C:\Users\Public\Desktop\ASUS Vibe Fun Center.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
C:\Users\Public\Desktop\ASUS Instant Connect Installer.lnk - C:\Windows\Installer\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}\_6674EC67E9921BF5B03A07.exe
C:\Users\Public\Desktop\ASUS WebStorage.lnk - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Public\Desktop\eManual.Lnk - C:\eSupport\Manual\eManual.exe
C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
C:\Users\Public\Desktop\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\Public\Desktop\Kodak EasyShare.lnk - C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe
C:\Users\Public\Desktop\Software602 Form Filler.lnk - C:\Program Files (x86)\Software602\602XML\Filler\Filler602.exe -forms
C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Users\Public\Desktop\Výběr prohlížeče.lnk -
C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE
C:\Users\Public\Desktop\ASUS\Entertainment\Game Park Console.lnk - C:\ProgramData\Asus\Game Park Console\GameConsole.exe
C:\Users\Public\Desktop\ASUS\Entertainment\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
C:\Users\Public\Desktop\ASUS\Multimedia\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe
C:\Users\Public\Desktop\ASUS\System tool\e-Driver.lnk - C:\eSupport\eDriver\InstAll.exe
C:\Users\Public\Desktop\ASUS\System tool\Scene Switch.lnk - C:\ProgramData\ChangeFolderView\sceneswitch.ico
C:\Users\Public\Desktop\ASUS\System tool\Splendid Utility.Lnk - C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
C:\Users\Public\Desktop\ASUS\Word processor\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1029-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk - C:\Program Files (x86)\Glary Utilities\Integrator.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk - C:\Windows\Installer\{08CA9554-B5FE-4313-938F-D4A417B81175}\QTPlayer.ico
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== shortcuts After Repair ======================
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Sara\AppData\Local\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=45 folders=6 6258454 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sara\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Sara\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on po 15.12.2014 at 0:43:16,69 ======================
Re: Prosím o prevetivku ...
Bože .... já hlava děravá .... nespustila jsem to jako správce .... to jem asi popsula co ... 
Re: Prosím o prevetivku ...
Probehlo to v poradku, Zoek si sam prava spravce vynutil Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o prevetivku ...
Zdravím ... tak jsem zase tady .... musela jsem napřed řešit ztrátu kreditní karty .... 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Sara (administrator) on SARA-PC on 15-12-2014 18:06:49
Running from C:\Users\Sara\Desktop
Loaded Profiles: UpdatusUser & Sara (Available profiles: UpdatusUser & Sara)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\Sara\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ASUS Quick Gesture (x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [17376 2012-07-14] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS TP Center (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [235488 2012-07-14] (AsusTek)
HKLM\...\Run: [ASUS Quick Gesture (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [19424 2012-07-14] (ASUSTeK Computer Inc.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023616 2012-05-30] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-05-30] (Atheros Commnucations)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5138032 2012-04-02] (VIA)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-21] (ASUS)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-604747513-3900254597-958073122-1000\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2166552 2013-10-31] (Gemfor s.r.o.)
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [Facebook Update] => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-12] (Facebook Inc.)
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [SkyDrive] => C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sara\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\RunOnce: [Adobe Speed Launcher] => 1418600626
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {0772b6f2-253c-11e2-a331-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {16640bab-6d0a-11e2-8c71-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {3cdac6d0-4ccf-11e2-bd6d-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {a1e6bb1e-5259-11e2-b32a-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {c97610d0-7fdc-11e4-a819-3085a987bf5a} - H:\AutoRun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {ea8eba5f-1490-11e2-929a-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fcffad20-43b5-11e2-b034-3085a987bf5a} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036c6-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036d3-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fdf62623-493d-11e2-9833-3085a987bf5a} - F:\Autorun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-10-30] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-10-30] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
URLSearchHook: HKLM-x32 - (No Name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - No File
URLSearchHook: [S-1-5-21-604747513-3900254597-958073122-1000] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-604747513-3900254597-958073122-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-604747513-3900254597-958073122-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-604747513-3900254597-958073122-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-604747513-3900254597-958073122-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\..\Interfaces\{78D7FB28-5277-8D1D-027E-6A70EFBE771B}: [NameServer] 93.153.117.1 93.153.117.33
FireFox:
========
FF ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198
FF DefaultSearchEngine: Seznam
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-604747513-3900254597-958073122-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-604747513-3900254597-958073122-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sara\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\searchplugins\seznam-avast.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-08]
FF Extension: No Name - wrc@avast.com [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-17]
CHR Extension: (Peněženka Google) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-25] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-25] (Avast Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-04-15] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-16] (NVIDIA Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-16] (NVIDIA Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-05-30] (Atheros)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-07-14] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [19104 2012-07-14] (ASUS)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-25] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-25] ()
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [49824 2012-07-14] (ASUS Corporation)
R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2011-09-09] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-10-16] (NVIDIA Corporation)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-25] (Avast Software)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-15 18:06 - 2014-12-15 18:07 - 00027655 _____ () C:\Users\Sara\Desktop\FRST.txt
2014-12-15 18:01 - 2014-12-15 18:06 - 00000000 ____D () C:\FRST
2014-12-15 17:58 - 2014-12-15 17:58 - 00112640 _____ (forum.viry.cz) C:\Users\Sara\Desktop\FRSTLauncher.exe
2014-12-15 17:56 - 2014-12-15 17:56 - 02119168 _____ (Farbar) C:\Users\Sara\Desktop\FRST64.exe
2014-12-15 00:54 - 2014-12-15 00:54 - 01295360 _____ () C:\Users\Sara\Downloads\zoek(1).exe
2014-12-14 22:52 - 2014-12-15 00:43 - 00023391 _____ () C:\zoek-results.log
2014-12-14 22:49 - 2014-12-15 00:24 - 00000000 ____D () C:\zoek_backup
2014-12-14 22:49 - 2014-12-14 22:49 - 01295360 _____ () C:\Users\Sara\Downloads\zoek.exe
2014-12-14 22:37 - 2014-12-15 00:42 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-14 22:35 - 2014-12-15 00:42 - 00000336 _____ () C:\Windows\setupact.log
2014-12-14 22:35 - 2014-12-14 22:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-14 22:34 - 2014-12-15 00:41 - 00001446 _____ () C:\Windows\PFRO.log
2014-12-14 22:25 - 2014-12-14 22:33 - 00000000 ____D () C:\AdwCleaner
2014-12-14 22:21 - 2014-12-14 22:21 - 02166272 _____ () C:\Users\Sara\Downloads\adwcleaner_4.105.exe
2014-12-14 17:54 - 2014-12-14 17:54 - 00000000 ___RD () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-14 09:37 - 2014-12-14 09:37 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-12-14 09:36 - 2014-12-15 00:48 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Seznam.cz
2014-12-14 09:10 - 2014-12-14 09:10 - 00579648 _____ () C:\Users\Sara\Downloads\setup.exe
2014-12-12 16:09 - 2014-12-12 16:09 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 17:09 - 2014-12-11 17:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-11 16:57 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 16:57 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 16:57 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 16:57 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 16:57 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 16:57 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 16:57 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 16:57 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 16:57 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 16:57 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 16:57 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 16:56 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 16:56 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 16:56 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 16:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 16:56 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 16:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 16:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 16:56 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 16:56 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 16:56 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 16:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 16:56 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 16:56 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 16:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 16:56 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 16:56 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 16:56 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 16:56 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 16:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 16:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 16:56 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 16:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 16:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 16:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 16:56 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 16:56 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 16:56 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 16:56 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 16:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 16:56 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 16:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 16:56 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 16:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 16:56 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 16:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 16:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 16:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 16:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 16:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 16:56 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 16:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 16:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 16:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 16:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 16:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 16:54 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 16:54 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 16:54 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 16:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 16:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 16:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 16:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 16:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 16:53 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 16:53 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 16:53 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 16:53 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 16:53 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 16:52 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 16:52 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 16:52 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 16:52 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 16:52 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 16:52 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 16:52 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 16:52 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 16:52 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 16:52 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 16:52 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 16:52 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-11 16:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 16:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 16:42 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 16:42 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 16:42 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 16:42 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 16:42 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 16:42 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 16:42 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 16:42 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 21:00 - 2014-12-09 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
2014-12-09 20:40 - 2014-12-09 20:40 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\IDM
2014-12-09 20:40 - 2014-12-09 20:40 - 00000000 ____D () C:\ProgramData\IDM
2014-12-09 20:39 - 2014-12-09 20:40 - 04221480 _____ () C:\Users\Sara\Downloads\WidevineMediaOptimizerChrome.exe
2014-11-25 18:02 - 2014-11-25 18:02 - 00000247 _____ () C:\Windows\system32\2014-11-25-17-02-22.028-aswFe.exe-8168.log
2014-11-25 18:02 - 2014-11-25 18:02 - 00000197 _____ () C:\Windows\system32\2014-11-25-17-02-12.024-AvastVBoxSVC.exe-3568.log
2014-11-25 17:45 - 2014-11-25 17:45 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-25 17:45 - 2014-11-25 17:45 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-25 17:39 - 2014-11-25 17:39 - 00001926 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-25 17:38 - 2014-11-25 17:38 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-25 17:38 - 2014-11-25 17:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-19 17:42 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 17:42 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 17:42 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 17:42 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-15 17:59 - 2013-04-15 06:29 - 02062497 _____ () C:\Windows\WindowsUpdate.log
2014-12-15 17:53 - 2013-03-12 20:48 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job
2014-12-15 17:52 - 2013-02-06 19:50 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-15 17:51 - 2012-10-11 17:35 - 00000387 _____ () C:\Users\Sara\AppData\Roaming\sp_data.sys
2014-12-15 17:50 - 2013-02-12 18:52 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-15 17:50 - 2011-02-19 06:36 - 00669568 _____ () C:\Windows\system32\perfh005.dat
2014-12-15 17:50 - 2011-02-19 06:36 - 00141938 _____ () C:\Windows\system32\perfc005.dat
2014-12-15 17:50 - 2009-07-14 06:13 - 01586170 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-15 17:48 - 2013-02-06 19:50 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-15 17:47 - 2013-01-08 22:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-15 01:05 - 2014-05-08 16:26 - 00004964 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Sara-PC-Sara Sara-PC
2014-12-15 00:50 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 00:50 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-15 00:44 - 2014-05-08 20:59 - 00000000 ___RD () C:\Users\Sara\OneDrive
2014-12-15 00:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-15 00:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-15 00:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-14 22:53 - 2012-10-24 23:23 - 00000000 ____D () C:\Users\Sara\AppData\Local\CrashDumps
2014-12-14 22:35 - 2014-01-23 21:50 - 01167360 ___SH () C:\Users\Sara\Desktop\Thumbs.db
2014-12-14 21:56 - 2012-11-03 09:26 - 00000000 ____D () C:\Program Files\trend micro
2014-12-14 21:40 - 2012-10-11 18:09 - 00001120 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-14 21:40 - 2012-10-11 18:09 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-14 20:53 - 2013-03-12 20:48 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job
2014-12-14 13:55 - 2009-07-14 03:34 - 00000537 _____ () C:\Windows\win.ini
2014-12-14 09:49 - 2013-03-13 02:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-14 09:49 - 2013-03-13 02:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-14 09:17 - 2012-11-27 19:39 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-12-14 08:20 - 2013-03-13 02:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-13 15:08 - 2012-10-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 16:34 - 2012-10-11 18:25 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 16:34 - 2012-10-11 18:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 16:34 - 2012-10-11 18:25 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-12 16:30 - 2014-08-20 15:51 - 00000000 ____D () C:\Users\Sara\AppData\Local\Adobe
2014-12-12 16:09 - 2014-05-07 16:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 16:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 16:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 17:01 - 2014-03-08 15:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 17:01 - 2013-07-12 23:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 16:43 - 2012-10-13 16:46 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-25 17:39 - 2013-01-08 22:18 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-25 17:38 - 2014-05-27 20:48 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-25 17:38 - 2014-01-05 08:42 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-25 17:38 - 2013-03-16 09:19 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-25 17:38 - 2013-03-16 09:19 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-25 17:38 - 2013-01-08 22:18 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-25 17:38 - 2013-01-08 22:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-25 17:38 - 2013-01-08 22:18 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-23 12:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-23 10:59 - 2012-10-14 16:20 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Skype
2014-11-16 09:41 - 2013-09-24 16:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-15 08:39 - 2012-02-24 12:40 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 08:39 - 2012-02-24 12:40 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Sara\Desktop" je 4859 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Sara (administrator) on SARA-PC on 15-12-2014 18:06:49
Running from C:\Users\Sara\Desktop
Loaded Profiles: UpdatusUser & Sara (Available profiles: UpdatusUser & Sara)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\Sara\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ASUS Quick Gesture (x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [17376 2012-07-14] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS TP Center (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [235488 2012-07-14] (AsusTek)
HKLM\...\Run: [ASUS Quick Gesture (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [19424 2012-07-14] (ASUSTeK Computer Inc.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023616 2012-05-30] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-05-30] (Atheros Commnucations)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5138032 2012-04-02] (VIA)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-21] (ASUS)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-604747513-3900254597-958073122-1000\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2166552 2013-10-31] (Gemfor s.r.o.)
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [Facebook Update] => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-12] (Facebook Inc.)
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [SkyDrive] => C:\Users\Sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sara\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\RunOnce: [Adobe Speed Launcher] => 1418600626
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {0772b6f2-253c-11e2-a331-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {16640bab-6d0a-11e2-8c71-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {3cdac6d0-4ccf-11e2-bd6d-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {a1e6bb1e-5259-11e2-b32a-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {c97610d0-7fdc-11e4-a819-3085a987bf5a} - H:\AutoRun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {ea8eba5f-1490-11e2-929a-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fcffad20-43b5-11e2-b034-3085a987bf5a} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036c6-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036d3-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fdf62623-493d-11e2-9833-3085a987bf5a} - F:\Autorun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-10-30] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-10-30] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
URLSearchHook: HKLM-x32 - (No Name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - No File
URLSearchHook: [S-1-5-21-604747513-3900254597-958073122-1000] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-604747513-3900254597-958073122-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-604747513-3900254597-958073122-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-604747513-3900254597-958073122-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-604747513-3900254597-958073122-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\..\Interfaces\{78D7FB28-5277-8D1D-027E-6A70EFBE771B}: [NameServer] 93.153.117.1 93.153.117.33
FireFox:
========
FF ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198
FF DefaultSearchEngine: Seznam
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-604747513-3900254597-958073122-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-604747513-3900254597-958073122-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sara\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\1arqlert.default-1350084774198\searchplugins\seznam-avast.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-08]
FF Extension: No Name - wrc@avast.com [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-17]
CHR Extension: (Peněženka Google) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-25] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-25] (Avast Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-04-15] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-16] (NVIDIA Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-16] (NVIDIA Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-05-30] (Atheros)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-07-14] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [19104 2012-07-14] (ASUS)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-25] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-25] ()
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [49824 2012-07-14] (ASUS Corporation)
R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2011-09-09] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-10-16] (NVIDIA Corporation)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-25] (Avast Software)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-15 18:06 - 2014-12-15 18:07 - 00027655 _____ () C:\Users\Sara\Desktop\FRST.txt
2014-12-15 18:01 - 2014-12-15 18:06 - 00000000 ____D () C:\FRST
2014-12-15 17:58 - 2014-12-15 17:58 - 00112640 _____ (forum.viry.cz) C:\Users\Sara\Desktop\FRSTLauncher.exe
2014-12-15 17:56 - 2014-12-15 17:56 - 02119168 _____ (Farbar) C:\Users\Sara\Desktop\FRST64.exe
2014-12-15 00:54 - 2014-12-15 00:54 - 01295360 _____ () C:\Users\Sara\Downloads\zoek(1).exe
2014-12-14 22:52 - 2014-12-15 00:43 - 00023391 _____ () C:\zoek-results.log
2014-12-14 22:49 - 2014-12-15 00:24 - 00000000 ____D () C:\zoek_backup
2014-12-14 22:49 - 2014-12-14 22:49 - 01295360 _____ () C:\Users\Sara\Downloads\zoek.exe
2014-12-14 22:37 - 2014-12-15 00:42 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-14 22:35 - 2014-12-15 00:42 - 00000336 _____ () C:\Windows\setupact.log
2014-12-14 22:35 - 2014-12-14 22:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-14 22:34 - 2014-12-15 00:41 - 00001446 _____ () C:\Windows\PFRO.log
2014-12-14 22:25 - 2014-12-14 22:33 - 00000000 ____D () C:\AdwCleaner
2014-12-14 22:21 - 2014-12-14 22:21 - 02166272 _____ () C:\Users\Sara\Downloads\adwcleaner_4.105.exe
2014-12-14 17:54 - 2014-12-14 17:54 - 00000000 ___RD () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-14 09:37 - 2014-12-14 09:37 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-12-14 09:36 - 2014-12-15 00:48 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Seznam.cz
2014-12-14 09:10 - 2014-12-14 09:10 - 00579648 _____ () C:\Users\Sara\Downloads\setup.exe
2014-12-12 16:09 - 2014-12-12 16:09 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 17:09 - 2014-12-11 17:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-11 16:57 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 16:57 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 16:57 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 16:57 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 16:57 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 16:57 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 16:57 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 16:57 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 16:57 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 16:57 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 16:57 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 16:56 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 16:56 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 16:56 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 16:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 16:56 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 16:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 16:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 16:56 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 16:56 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 16:56 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 16:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 16:56 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 16:56 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 16:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 16:56 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 16:56 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 16:56 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 16:56 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 16:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 16:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 16:56 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 16:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 16:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 16:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 16:56 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 16:56 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 16:56 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 16:56 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 16:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 16:56 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 16:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 16:56 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 16:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 16:56 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 16:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 16:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 16:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 16:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 16:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 16:56 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 16:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 16:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 16:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 16:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 16:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 16:54 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 16:54 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 16:54 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 16:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 16:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 16:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 16:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 16:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 16:53 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 16:53 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 16:53 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 16:53 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 16:53 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 16:52 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 16:52 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 16:52 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 16:52 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 16:52 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 16:52 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 16:52 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 16:52 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 16:52 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 16:52 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 16:52 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 16:52 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-11 16:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 16:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 16:42 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 16:42 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 16:42 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 16:42 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 16:42 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 16:42 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 16:42 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 16:42 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 21:00 - 2014-12-09 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
2014-12-09 20:40 - 2014-12-09 20:40 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\IDM
2014-12-09 20:40 - 2014-12-09 20:40 - 00000000 ____D () C:\ProgramData\IDM
2014-12-09 20:39 - 2014-12-09 20:40 - 04221480 _____ () C:\Users\Sara\Downloads\WidevineMediaOptimizerChrome.exe
2014-11-25 18:02 - 2014-11-25 18:02 - 00000247 _____ () C:\Windows\system32\2014-11-25-17-02-22.028-aswFe.exe-8168.log
2014-11-25 18:02 - 2014-11-25 18:02 - 00000197 _____ () C:\Windows\system32\2014-11-25-17-02-12.024-AvastVBoxSVC.exe-3568.log
2014-11-25 17:45 - 2014-11-25 17:45 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-25 17:45 - 2014-11-25 17:45 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-25 17:39 - 2014-11-25 17:39 - 00001926 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-25 17:38 - 2014-11-25 17:38 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-25 17:38 - 2014-11-25 17:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-19 17:42 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 17:42 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 17:42 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 17:42 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-15 17:59 - 2013-04-15 06:29 - 02062497 _____ () C:\Windows\WindowsUpdate.log
2014-12-15 17:53 - 2013-03-12 20:48 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job
2014-12-15 17:52 - 2013-02-06 19:50 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-15 17:51 - 2012-10-11 17:35 - 00000387 _____ () C:\Users\Sara\AppData\Roaming\sp_data.sys
2014-12-15 17:50 - 2013-02-12 18:52 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-15 17:50 - 2011-02-19 06:36 - 00669568 _____ () C:\Windows\system32\perfh005.dat
2014-12-15 17:50 - 2011-02-19 06:36 - 00141938 _____ () C:\Windows\system32\perfc005.dat
2014-12-15 17:50 - 2009-07-14 06:13 - 01586170 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-15 17:48 - 2013-02-06 19:50 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-15 17:47 - 2013-01-08 22:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-15 01:05 - 2014-05-08 16:26 - 00004964 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Sara-PC-Sara Sara-PC
2014-12-15 00:50 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 00:50 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-15 00:44 - 2014-05-08 20:59 - 00000000 ___RD () C:\Users\Sara\OneDrive
2014-12-15 00:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-15 00:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-15 00:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-14 22:53 - 2012-10-24 23:23 - 00000000 ____D () C:\Users\Sara\AppData\Local\CrashDumps
2014-12-14 22:35 - 2014-01-23 21:50 - 01167360 ___SH () C:\Users\Sara\Desktop\Thumbs.db
2014-12-14 21:56 - 2012-11-03 09:26 - 00000000 ____D () C:\Program Files\trend micro
2014-12-14 21:40 - 2012-10-11 18:09 - 00001120 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-14 21:40 - 2012-10-11 18:09 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-14 20:53 - 2013-03-12 20:48 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job
2014-12-14 13:55 - 2009-07-14 03:34 - 00000537 _____ () C:\Windows\win.ini
2014-12-14 09:49 - 2013-03-13 02:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-14 09:49 - 2013-03-13 02:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-14 09:17 - 2012-11-27 19:39 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-12-14 08:20 - 2013-03-13 02:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-13 15:08 - 2012-10-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 16:34 - 2012-10-11 18:25 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 16:34 - 2012-10-11 18:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 16:34 - 2012-10-11 18:25 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-12 16:30 - 2014-08-20 15:51 - 00000000 ____D () C:\Users\Sara\AppData\Local\Adobe
2014-12-12 16:09 - 2014-05-07 16:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 16:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 16:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 17:01 - 2014-03-08 15:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 17:01 - 2013-07-12 23:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 16:43 - 2012-10-13 16:46 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-25 17:39 - 2013-01-08 22:18 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-25 17:38 - 2014-05-27 20:48 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-25 17:38 - 2014-01-05 08:42 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-25 17:38 - 2013-03-16 09:19 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-25 17:38 - 2013-03-16 09:19 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-25 17:38 - 2013-01-08 22:18 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-25 17:38 - 2013-01-08 22:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-25 17:38 - 2013-01-08 22:18 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-23 12:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-23 10:59 - 2012-10-14 16:20 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Skype
2014-11-16 09:41 - 2013-09-24 16:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-15 08:39 - 2012-02-24 12:40 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 08:39 - 2012-02-24 12:40 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Sara\Desktop" je 4859 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- AdditionFRSTL.zip
- Snad je to ono a správný soubor
- (8.82 KiB) Staženo 79 x
Re: Prosím o prevetivku ...
Asi mám problém, co .... 
Re: Prosím o prevetivku ...
Omlouvam se za zdrzeni, mel jsem nejake pochuzky po meste Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] () HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [Facebook Update] => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-12] (Facebook Inc.) HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sara\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] () HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] () HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\RunOnce: [Adobe Speed Launcher] => 1418600626 HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: F - F:\Autorun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {0772b6f2-253c-11e2-a331-dc85de1918c2} - F:\Autorun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {16640bab-6d0a-11e2-8c71-806e6f6e6963} - F:\Autorun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {3cdac6d0-4ccf-11e2-bd6d-dc85de1918c2} - F:\Autorun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {a1e6bb1e-5259-11e2-b32a-dc85de1918c2} - F:\Autorun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {c97610d0-7fdc-11e4-a819-3085a987bf5a} - H:\AutoRun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {ea8eba5f-1490-11e2-929a-dc85de1918c2} - F:\Autorun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fcffad20-43b5-11e2-b034-3085a987bf5a} - F:\Autorun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036c6-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036d3-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fdf62623-493d-11e2-9833-3085a987bf5a} - F:\Autorun.exe HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = URLSearchHook: HKLM-x32 - (No Name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - No File URLSearchHook: [S-1-5-21-604747513-3900254597-958073122-1000] ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-604747513-3900254597-958073122-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKU\S-1-5-21-604747513-3900254597-958073122-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-11] 2014-12-15 18:06 - 2014-12-15 18:07 - 00027655 _____ () C:\Users\Sara\Desktop\FRST.txt 2014-12-15 17:58 - 2014-12-15 17:58 - 00112640 _____ (forum.viry.cz) C:\Users\Sara\Desktop\FRSTLauncher.exe 2014-12-15 00:54 - 2014-12-15 00:54 - 01295360 _____ () C:\Users\Sara\Downloads\zoek(1).exe 2014-12-14 22:52 - 2014-12-15 00:43 - 00023391 _____ () C:\zoek-results.log 2014-12-14 22:49 - 2014-12-15 00:24 - 00000000 ____D () C:\zoek_backup 2014-12-14 22:49 - 2014-12-14 22:49 - 01295360 _____ () C:\Users\Sara\Downloads\zoek.exe 2014-12-14 22:37 - 2014-12-15 00:42 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-12-14 22:35 - 2014-12-15 00:42 - 00000336 _____ () C:\Windows\setupact.log 2014-12-14 22:35 - 2014-12-14 22:35 - 00000000 _____ () C:\Windows\setuperr.log 2014-12-14 22:34 - 2014-12-15 00:41 - 00001446 _____ () C:\Windows\PFRO.log 2014-12-14 22:25 - 2014-12-14 22:33 - 00000000 ____D () C:\AdwCleaner 2014-12-14 22:21 - 2014-12-14 22:21 - 02166272 _____ () C:\Users\Sara\Downloads\adwcleaner_4.105.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o prevetivku ...
V pohodě, je před Vánocemi ... já řešila zase tu kartu .... za 1200 ji snad budu mít do konce týdne ... chjo ...
tak jdu na to
tak jdu na to
Re: Prosím o prevetivku ...
Raději se pro jistotu zeptám ...
klikám na ten FRST64 ... ano ??? nebo FRSTL ???
klikám na ten FRST64 ... ano ??? nebo FRSTL ???
Re: Prosím o prevetivku ...
Spustte FRST64.exe
Jdu spat, na vysledny log mrknu rano
Dobrou
Jdu spat, na vysledny log mrknu rano
Dobrou
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o prevetivku ...
OK, dobrou ...
Re: Prosím o prevetivku ...
Tak tady to je .... jdu taky skočit do peří ... Klidně si pospěte, já se k NTB dostanu stejně až kolem 17 hodiny
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2014 01
Ran by Sara at 2014-12-15 23:34:12 Run:1
Running from C:\Users\Sara\Desktop
Loaded Profiles: UpdatusUser & Sara (Available profiles: UpdatusUser & Sara)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [Facebook Update] => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-12] (Facebook Inc.)
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sara\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\RunOnce: [Adobe Speed Launcher] => 1418600626
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {0772b6f2-253c-11e2-a331-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {16640bab-6d0a-11e2-8c71-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {3cdac6d0-4ccf-11e2-bd6d-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {a1e6bb1e-5259-11e2-b32a-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {c97610d0-7fdc-11e4-a819-3085a987bf5a} - H:\AutoRun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {ea8eba5f-1490-11e2-929a-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fcffad20-43b5-11e2-b034-3085a987bf5a} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036c6-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036d3-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fdf62623-493d-11e2-9833-3085a987bf5a} - F:\Autorun.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
URLSearchHook: HKLM-x32 - (No Name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - No File
URLSearchHook: [S-1-5-21-604747513-3900254597-958073122-1000] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-604747513-3900254597-958073122-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-604747513-3900254597-958073122-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-11]
2014-12-15 18:06 - 2014-12-15 18:07 - 00027655 _____ () C:\Users\Sara\Desktop\FRST.txt
2014-12-15 17:58 - 2014-12-15 17:58 - 00112640 _____ (forum.viry.cz) C:\Users\Sara\Desktop\FRSTLauncher.exe
2014-12-15 00:54 - 2014-12-15 00:54 - 01295360 _____ () C:\Users\Sara\Downloads\zoek(1).exe
2014-12-14 22:52 - 2014-12-15 00:43 - 00023391 _____ () C:\zoek-results.log
2014-12-14 22:49 - 2014-12-15 00:24 - 00000000 ____D () C:\zoek_backup
2014-12-14 22:49 - 2014-12-14 22:49 - 01295360 _____ () C:\Users\Sara\Downloads\zoek.exe
2014-12-14 22:37 - 2014-12-15 00:42 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-14 22:35 - 2014-12-15 00:42 - 00000336 _____ () C:\Windows\setupact.log
2014-12-14 22:35 - 2014-12-14 22:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-14 22:34 - 2014-12-15 00:41 - 00001446 _____ () C:\Windows\PFRO.log
2014-12-14 22:25 - 2014-12-14 22:33 - 00000000 ____D () C:\AdwCleaner
2014-12-14 22:21 - 2014-12-14 22:21 - 02166272 _____ () C:\Users\Sara\Downloads\adwcleaner_4.105.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\YTDownloader => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-604747513-3900254597-958073122-1001" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0772b6f2-253c-11e2-a331-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{0772b6f2-253c-11e2-a331-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16640bab-6d0a-11e2-8c71-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{16640bab-6d0a-11e2-8c71-806e6f6e6963}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3cdac6d0-4ccf-11e2-bd6d-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{3cdac6d0-4ccf-11e2-bd6d-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1e6bb1e-5259-11e2-b32a-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{a1e6bb1e-5259-11e2-b32a-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c97610d0-7fdc-11e4-a819-3085a987bf5a}" => Key deleted successfully.
"HKCR\CLSID\{c97610d0-7fdc-11e4-a819-3085a987bf5a}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea8eba5f-1490-11e2-929a-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{ea8eba5f-1490-11e2-929a-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcffad20-43b5-11e2-b034-3085a987bf5a}" => Key deleted successfully.
"HKCR\CLSID\{fcffad20-43b5-11e2-b034-3085a987bf5a}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd3036c6-13c0-11e2-a838-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{fd3036c6-13c0-11e2-a838-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd3036d3-13c0-11e2-a838-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{fd3036d3-13c0-11e2-a838-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fdf62623-493d-11e2-9833-3085a987bf5a}" => Key deleted successfully.
"HKCR\CLSID\{fdf62623-493d-11e2-9833-3085a987bf5a}" => Key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{1d8566bd-f06f-4029-a3be-ba80af5a09f3} => value deleted successfully.
Error setting Default URLSearchHook.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
"HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => Key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
"C:\Users\Sara\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Sara\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Sara\Downloads\zoek(1).exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Sara\Downloads\zoek.exe => Moved successfully.
C:\ProgramData\ntuser.pol => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Sara\Downloads\adwcleaner_4.105.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 266 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2014 01
Ran by Sara at 2014-12-15 23:34:12 Run:1
Running from C:\Users\Sara\Desktop
Loaded Profiles: UpdatusUser & Sara (Available profiles: UpdatusUser & Sara)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [Facebook Update] => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-12] (Facebook Inc.)
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sara\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\RunOnce: [Adobe Speed Launcher] => 1418600626
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {0772b6f2-253c-11e2-a331-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {16640bab-6d0a-11e2-8c71-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {3cdac6d0-4ccf-11e2-bd6d-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {a1e6bb1e-5259-11e2-b32a-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {c97610d0-7fdc-11e4-a819-3085a987bf5a} - H:\AutoRun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {ea8eba5f-1490-11e2-929a-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fcffad20-43b5-11e2-b034-3085a987bf5a} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036c6-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fd3036d3-13c0-11e2-a838-dc85de1918c2} - F:\Autorun.exe
HKU\S-1-5-21-604747513-3900254597-958073122-1001\...\MountPoints2: {fdf62623-493d-11e2-9833-3085a987bf5a} - F:\Autorun.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
URLSearchHook: HKLM-x32 - (No Name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - No File
URLSearchHook: [S-1-5-21-604747513-3900254597-958073122-1000] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-604747513-3900254597-958073122-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-604747513-3900254597-958073122-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-11]
2014-12-15 18:06 - 2014-12-15 18:07 - 00027655 _____ () C:\Users\Sara\Desktop\FRST.txt
2014-12-15 17:58 - 2014-12-15 17:58 - 00112640 _____ (forum.viry.cz) C:\Users\Sara\Desktop\FRSTLauncher.exe
2014-12-15 00:54 - 2014-12-15 00:54 - 01295360 _____ () C:\Users\Sara\Downloads\zoek(1).exe
2014-12-14 22:52 - 2014-12-15 00:43 - 00023391 _____ () C:\zoek-results.log
2014-12-14 22:49 - 2014-12-15 00:24 - 00000000 ____D () C:\zoek_backup
2014-12-14 22:49 - 2014-12-14 22:49 - 01295360 _____ () C:\Users\Sara\Downloads\zoek.exe
2014-12-14 22:37 - 2014-12-15 00:42 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-14 22:35 - 2014-12-15 00:42 - 00000336 _____ () C:\Windows\setupact.log
2014-12-14 22:35 - 2014-12-14 22:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-14 22:34 - 2014-12-15 00:41 - 00001446 _____ () C:\Windows\PFRO.log
2014-12-14 22:25 - 2014-12-14 22:33 - 00000000 ____D () C:\AdwCleaner
2014-12-14 22:21 - 2014-12-14 22:21 - 02166272 _____ () C:\Users\Sara\Downloads\adwcleaner_4.105.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job => C:\Users\Sara\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\YTDownloader => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-604747513-3900254597-958073122-1001" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0772b6f2-253c-11e2-a331-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{0772b6f2-253c-11e2-a331-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16640bab-6d0a-11e2-8c71-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{16640bab-6d0a-11e2-8c71-806e6f6e6963}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3cdac6d0-4ccf-11e2-bd6d-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{3cdac6d0-4ccf-11e2-bd6d-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1e6bb1e-5259-11e2-b32a-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{a1e6bb1e-5259-11e2-b32a-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c97610d0-7fdc-11e4-a819-3085a987bf5a}" => Key deleted successfully.
"HKCR\CLSID\{c97610d0-7fdc-11e4-a819-3085a987bf5a}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea8eba5f-1490-11e2-929a-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{ea8eba5f-1490-11e2-929a-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcffad20-43b5-11e2-b034-3085a987bf5a}" => Key deleted successfully.
"HKCR\CLSID\{fcffad20-43b5-11e2-b034-3085a987bf5a}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd3036c6-13c0-11e2-a838-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{fd3036c6-13c0-11e2-a838-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd3036d3-13c0-11e2-a838-dc85de1918c2}" => Key deleted successfully.
"HKCR\CLSID\{fd3036d3-13c0-11e2-a838-dc85de1918c2}" => Key not found.
"HKU\S-1-5-21-604747513-3900254597-958073122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fdf62623-493d-11e2-9833-3085a987bf5a}" => Key deleted successfully.
"HKCR\CLSID\{fdf62623-493d-11e2-9833-3085a987bf5a}" => Key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{1d8566bd-f06f-4029-a3be-ba80af5a09f3} => value deleted successfully.
Error setting Default URLSearchHook.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-604747513-3900254597-958073122-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
HKU\S-1-5-21-604747513-3900254597-958073122-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
"HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => Key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
"C:\Users\Sara\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Sara\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Sara\Downloads\zoek(1).exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Sara\Downloads\zoek.exe => Moved successfully.
C:\ProgramData\ntuser.pol => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Sara\Downloads\adwcleaner_4.105.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-604747513-3900254597-958073122-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 266 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: Prosím o prevetivku ...
Jak se chova nas pacient???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?