Kontrola logu - sekání
Re: Kontrola logu - sekání
V HJT jsem fixnul... Ovladač jsem aktualizovat zkoušel, ale hlásí, že je nejnověji aktualizován.. A CF mi bohužel nejde spustit, píše něco o Compability módu.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu - sekání
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu - sekání
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by David at 2014-08-28 20:08:32
Running from C:\Users\David\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
"FIFA 14" (HKLM-x32\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.4.0.0 - )
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31227 - BitTorrent Inc.)
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40709 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Název společnosti:) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0709.1135.19003 - Název společnosti:) Hidden
AMD Catalyst Install Manager (HKLM\...\{EE0B4480-194D-C725-EDF8-6CE3FC4DDC89}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0709.1135.19003 - Název společnosti:) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.10.0.0 - AppEx Networks)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0709.1135.19003 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0709.1135.19003 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0709.1135.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0709.1135.19003 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.21.50 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10227 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Malwarebytes Anti-Malware verze 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{548083DD-D99B-2CE1-8D2B-D78BEB834F7A}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Poker at bet365 (HKCU\...\bet365poker) (Version: - )
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.39042 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
UserGuide (x32 Version: 1.0.0.17 - Lenovo) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
02-08-2014 21:21:39 Instalační služba modulů systému Windows
13-08-2014 12:28:25 Windows Update
20-08-2014 16:27:11 Naplánovaný kontrolní bod
22-08-2014 20:14:17 Revo Uninstaller's restore point - Avira Free Antivirus
28-08-2014 17:12:55 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2014-08-23 14:50 - 00000747 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {13DF4055-74C0-4AAA-9727-B3E6DAB38C92} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {1E04E57D-66D3-411D-BDA8-624BA228093F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {282D651F-79DD-4FC6-BACB-D77546DEE223} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-13] (Microsoft Corporation)
Task: {2B92F12D-034D-40F0-8579-E3CFCC2668A4} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2C007C75-D11C-4FBA-A5D0-9CCFF337A53D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {44B2F918-F78F-4764-B863-A33F0FE46C3D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {530AC48D-97B5-402D-A438-9C82CBFD303E} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {5B26C009-FB93-4DE6-BE50-3EFC5491E47F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {5B63BE4E-2010-4D3A-B3F2-B6FF5A582713} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {5F85CE9D-666F-4957-A9EC-55D29B5F823C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F0F26EB-6A0C-4F59-A8BB-90AF659DE18D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {70543163-7DEA-42CD-98E5-C267F37FAEF4} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C13D84B-3919-45FC-B913-31C505163DB1} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {7C675950-02EB-45B6-9B77-55979104680D} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {885B77B9-DA70-4335-B49F-5A5C7642C675} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {8C8DB9F0-C2B9-4EC8-B39F-9F7F64C4A047} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {92564A15-6215-43C2-82BC-75EACA1AE161} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D290A38E-54CC-4492-9454-A6DF06D4C6CC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E4A6A6FF-1AE7-406B-BB3B-000C4EA87D95} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E8B4BD59-8E75-4801-83FD-25E33DA81329} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-09 11:35 - 2014-07-09 11:35 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-12-10 20:28 - 2013-12-10 20:28 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-12-10 20:28 - 2013-12-10 20:28 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-01-25 10:09 - 2013-01-25 10:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 10:05 - 2013-01-25 10:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 10:12 - 2013-01-25 10:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-07-09 11:35 - 2014-07-09 11:35 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-04-17 22:13 - 2014-04-17 22:13 - 00080384 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraCsy.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\David\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/28/2014 08:00:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.0.2.0, časové razítko: 0x5318d363
Název chybujícího modulu: mbamservice.exe, verze: 3.0.2.0, časové razítko: 0x5318d363
Kód výjimky: 0x40000015
Posun chyby: 0x0007da8a
ID chybujícího procesu: 0x6b4
Čas spuštění chybující aplikace: 0xmbamservice.exe0
Cesta k chybující aplikaci: mbamservice.exe1
Cesta k chybujícímu modulu: mbamservice.exe2
ID zprávy: mbamservice.exe3
Úplný název chybujícího balíčku: mbamservice.exe4
ID aplikace související s chybujícím balíčkem: mbamservice.exe5
Error: (08/28/2014 01:51:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/28/2014 00:33:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20573 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 12e4
Čas spuštění: 01cfc16fb3a48659
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 35ce4094-2e3a-11e4-be94-40f02f784f31
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (08/25/2014 11:51:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.0.2.0, časové razítko: 0x5318d363
Název chybujícího modulu: mbamservice.exe, verze: 3.0.2.0, časové razítko: 0x5318d363
Kód výjimky: 0x40000015
Posun chyby: 0x0007da8a
ID chybujícího procesu: 0x6cc
Čas spuštění chybující aplikace: 0xmbamservice.exe0
Cesta k chybující aplikaci: mbamservice.exe1
Cesta k chybujícímu modulu: mbamservice.exe2
ID zprávy: mbamservice.exe3
Úplný název chybujícího balíčku: mbamservice.exe4
ID aplikace související s chybujícím balíčkem: mbamservice.exe5
Error: (08/25/2014 05:33:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/24/2014 06:11:19 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
System errors:
=============
Error: (08/28/2014 08:00:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/28/2014 08:00:23 PM) (Source: DCOM) (EventID: 10010) (User: DAVID)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (08/28/2014 08:00:22 PM) (Source: DCOM) (EventID: 10010) (User: DAVID)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (08/28/2014 08:00:22 PM) (Source: DCOM) (EventID: 10010) (User: DAVID)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (08/28/2014 08:00:22 PM) (Source: DCOM) (EventID: 10010) (User: DAVID)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (08/28/2014 08:00:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3 neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (08/28/2014 07:59:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3 neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (08/25/2014 11:53:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/25/2014 11:51:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3 neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (08/25/2014 11:51:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:51:03, 25. 8. 2014) bylo neočekávané.
Microsoft Office Sessions:
=========================
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (08/28/2014 08:00:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a6b401cfc2e9e256a153C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe20fd10af-2edd-11e4-be95-40f02f784f31
Error: (08/28/2014 01:51:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/28/2014 00:33:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2057312e401cfc16fb3a486594294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe35ce4094-2e3a-11e4-be94-40f02f784f31microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (08/25/2014 11:51:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a6cc01cfc0aec65315a9C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe06c15ee2-2ca2-11e4-be94-40f02f784f31
Error: (08/25/2014 05:33:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/24/2014 06:11:19 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
CodeIntegrity Errors:
===================================
Date: 2014-08-28 19:38:36.789
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:36.461
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:36.137
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:35.808
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:35.487
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:35.141
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:34.817
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:34.500
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:34.169
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:33.839
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 17%
Total physical RAM: 7375.26 MB
Available physical RAM: 6060.79 MB
Total Pagefile: 8527.26 MB
Available Pagefile: 7069.29 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:890.67 GB) (Free:809.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 417C95CC)
Partition: GPT Partition Type.
==================== End Of Log ============================
Ran by David at 2014-08-28 20:08:32
Running from C:\Users\David\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
"FIFA 14" (HKLM-x32\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.4.0.0 - )
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31227 - BitTorrent Inc.)
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40709 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Název společnosti:) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0709.1135.19003 - Název společnosti:) Hidden
AMD Catalyst Install Manager (HKLM\...\{EE0B4480-194D-C725-EDF8-6CE3FC4DDC89}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0709.1135.19003 - Název společnosti:) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.10.0.0 - AppEx Networks)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0709.1135.19003 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0709.1135.19003 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0709.1135.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0709.1134.19003 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0709.1135.19003 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.21.50 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10227 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Malwarebytes Anti-Malware verze 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{548083DD-D99B-2CE1-8D2B-D78BEB834F7A}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Poker at bet365 (HKCU\...\bet365poker) (Version: - )
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.39042 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
UserGuide (x32 Version: 1.0.0.17 - Lenovo) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
02-08-2014 21:21:39 Instalační služba modulů systému Windows
13-08-2014 12:28:25 Windows Update
20-08-2014 16:27:11 Naplánovaný kontrolní bod
22-08-2014 20:14:17 Revo Uninstaller's restore point - Avira Free Antivirus
28-08-2014 17:12:55 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2014-08-23 14:50 - 00000747 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {13DF4055-74C0-4AAA-9727-B3E6DAB38C92} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {1E04E57D-66D3-411D-BDA8-624BA228093F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {282D651F-79DD-4FC6-BACB-D77546DEE223} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-13] (Microsoft Corporation)
Task: {2B92F12D-034D-40F0-8579-E3CFCC2668A4} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2C007C75-D11C-4FBA-A5D0-9CCFF337A53D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {44B2F918-F78F-4764-B863-A33F0FE46C3D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {530AC48D-97B5-402D-A438-9C82CBFD303E} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {5B26C009-FB93-4DE6-BE50-3EFC5491E47F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {5B63BE4E-2010-4D3A-B3F2-B6FF5A582713} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {5F85CE9D-666F-4957-A9EC-55D29B5F823C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F0F26EB-6A0C-4F59-A8BB-90AF659DE18D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {70543163-7DEA-42CD-98E5-C267F37FAEF4} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C13D84B-3919-45FC-B913-31C505163DB1} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {7C675950-02EB-45B6-9B77-55979104680D} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {885B77B9-DA70-4335-B49F-5A5C7642C675} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {8C8DB9F0-C2B9-4EC8-B39F-9F7F64C4A047} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {92564A15-6215-43C2-82BC-75EACA1AE161} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D290A38E-54CC-4492-9454-A6DF06D4C6CC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E4A6A6FF-1AE7-406B-BB3B-000C4EA87D95} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E8B4BD59-8E75-4801-83FD-25E33DA81329} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-09 11:35 - 2014-07-09 11:35 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-12-10 20:28 - 2013-12-10 20:28 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-12-10 20:28 - 2013-12-10 20:28 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-01-25 10:09 - 2013-01-25 10:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 10:05 - 2013-01-25 10:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 10:12 - 2013-01-25 10:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-07-09 11:35 - 2014-07-09 11:35 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-04-17 22:13 - 2014-04-17 22:13 - 00080384 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraCsy.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 13:05 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\David\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/28/2014 08:00:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.0.2.0, časové razítko: 0x5318d363
Název chybujícího modulu: mbamservice.exe, verze: 3.0.2.0, časové razítko: 0x5318d363
Kód výjimky: 0x40000015
Posun chyby: 0x0007da8a
ID chybujícího procesu: 0x6b4
Čas spuštění chybující aplikace: 0xmbamservice.exe0
Cesta k chybující aplikaci: mbamservice.exe1
Cesta k chybujícímu modulu: mbamservice.exe2
ID zprávy: mbamservice.exe3
Úplný název chybujícího balíčku: mbamservice.exe4
ID aplikace související s chybujícím balíčkem: mbamservice.exe5
Error: (08/28/2014 01:51:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/28/2014 00:33:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20573 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 12e4
Čas spuštění: 01cfc16fb3a48659
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 35ce4094-2e3a-11e4-be94-40f02f784f31
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (08/25/2014 11:51:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.0.2.0, časové razítko: 0x5318d363
Název chybujícího modulu: mbamservice.exe, verze: 3.0.2.0, časové razítko: 0x5318d363
Kód výjimky: 0x40000015
Posun chyby: 0x0007da8a
ID chybujícího procesu: 0x6cc
Čas spuštění chybující aplikace: 0xmbamservice.exe0
Cesta k chybující aplikaci: mbamservice.exe1
Cesta k chybujícímu modulu: mbamservice.exe2
ID zprávy: mbamservice.exe3
Úplný název chybujícího balíčku: mbamservice.exe4
ID aplikace související s chybujícím balíčkem: mbamservice.exe5
Error: (08/25/2014 05:33:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/24/2014 06:11:19 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
System errors:
=============
Error: (08/28/2014 08:00:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/28/2014 08:00:23 PM) (Source: DCOM) (EventID: 10010) (User: DAVID)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (08/28/2014 08:00:22 PM) (Source: DCOM) (EventID: 10010) (User: DAVID)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (08/28/2014 08:00:22 PM) (Source: DCOM) (EventID: 10010) (User: DAVID)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (08/28/2014 08:00:22 PM) (Source: DCOM) (EventID: 10010) (User: DAVID)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (08/28/2014 08:00:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3 neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (08/28/2014 07:59:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3 neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (08/25/2014 11:53:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/25/2014 11:51:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3 neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (08/25/2014 11:51:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:51:03, 25. 8. 2014) bylo neočekávané.
Microsoft Office Sessions:
=========================
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (08/28/2014 08:00:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (08/28/2014 08:00:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a6b401cfc2e9e256a153C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe20fd10af-2edd-11e4-be95-40f02f784f31
Error: (08/28/2014 01:51:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/28/2014 00:33:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2057312e401cfc16fb3a486594294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe35ce4094-2e3a-11e4-be94-40f02f784f31microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (08/25/2014 11:51:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a6cc01cfc0aec65315a9C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe06c15ee2-2ca2-11e4-be94-40f02f784f31
Error: (08/25/2014 05:33:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/24/2014 06:11:19 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
CodeIntegrity Errors:
===================================
Date: 2014-08-28 19:38:36.789
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:36.461
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:36.137
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:35.808
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:35.487
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:35.141
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:34.817
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:34.500
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:34.169
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-28 19:38:33.839
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 17%
Total physical RAM: 7375.26 MB
Available physical RAM: 6060.79 MB
Total Pagefile: 8527.26 MB
Available Pagefile: 7069.29 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:890.67 GB) (Free:809.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 417C95CC)
Partition: GPT Partition Type.
==================== End Of Log ============================
Re: Kontrola logu - sekání
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by David (administrator) on DAVID on 28-08-2014 20:07:19
Running from C:\Users\David\Desktop
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-12-10] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-12-10] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [909016 2013-10-21] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-07-09] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1825952755-3884229102-739240676-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1825952755-3884229102-739240676-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-1825952755-3884229102-739240676-1002\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL =
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Avira Browser Safety - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default\Extensions\abs@avira.com [2014-08-21]
Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-23]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-22]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-23]
CHR Extension: (Vyhledávání Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-23]
CHR Extension: (Peněženka Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-23]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-09] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-12-10] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-25] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-29] (Disc Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243272 2013-04-10] (Realtek Semiconductor Corp.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-29] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-28 20:07 - 2014-08-28 20:07 - 00013252 _____ () C:\Users\David\Desktop\FRST.txt
2014-08-28 20:06 - 2014-08-28 20:07 - 00000000 ____D () C:\FRST
2014-08-28 20:05 - 2014-08-28 20:05 - 02103296 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2014-08-28 20:05 - 2014-08-28 20:05 - 02103296 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2014-08-28 19:53 - 2014-08-28 19:53 - 04901352 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup417.exe
2014-08-28 18:54 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-26 22:19 - 2014-05-20 02:33 - 00000000 ____D () C:\Users\David\Desktop\Episodes 1. séria CZ Titulky - M941
2014-08-26 22:12 - 2014-08-26 22:19 - 1714776260 _____ () C:\Users\David\Downloads\Episodes-1.-séria-CZ-Titulky---M941.rar
2014-08-22 23:14 - 2014-08-22 23:14 - 00000000 ____D () C:\Users\David\Desktop\Pracovní balíček
2014-08-22 23:13 - 2014-08-22 23:14 - 00000000 ____D () C:\Users\David\Desktop\Škola
2014-08-22 22:32 - 2014-08-28 19:58 - 00718310 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-22 22:23 - 2014-08-22 22:28 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-08-22 22:23 - 2014-08-22 22:23 - 00221776 _____ () C:\Users\David\Downloads\avira_registry_cleaner_en.exe
2014-08-22 22:13 - 2014-08-22 22:13 - 00001291 _____ () C:\Users\David\Desktop\Revo Uninstaller.lnk
2014-08-22 22:13 - 2014-08-22 22:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 22:11 - 2014-08-22 22:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\David\Downloads\revosetup.exe
2014-08-22 21:38 - 2014-08-24 18:34 - 00000000 ____D () C:\Users\David\Desktop\Správa PC
2014-08-21 23:02 - 2014-08-21 23:02 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\David\Downloads\avira_en_av___ws.exe
2014-08-21 22:44 - 2014-08-21 22:44 - 00000000 ____D () C:\Users\David\AppData\Roaming\Mozilla
2014-08-21 22:43 - 2014-08-22 22:16 - 00000000 ____D () C:\ProgramData\Avira
2014-08-21 22:43 - 2014-08-21 22:43 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\David\Downloads\avira_de_av___ws.exe
2014-08-21 13:07 - 2014-08-23 14:18 - 00036456 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-21 13:07 - 2014-08-21 13:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-21 11:23 - 2014-08-21 11:26 - 287581229 _____ () C:\Users\David\Downloads\The-Big-Bang-Theory-S01E00-Unaired-Pilot-CZ-TIT-vlozeny-Ksikos.avi.zip
2014-08-20 19:54 - 2014-08-25 18:11 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 19:54 - 2014-08-20 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 19:54 - 2014-08-20 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 19:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-20 19:54 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-20 19:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-20 19:52 - 2014-08-20 19:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-08-20 19:47 - 2014-08-20 19:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-08-20 19:41 - 2014-08-20 19:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-20 13:27 - 2014-08-20 13:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-20 13:26 - 2014-08-20 13:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-20 13:07 - 2014-08-20 13:07 - 01016261 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2014-08-20 13:07 - 2014-08-20 13:07 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-19 23:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-19 23:45 - 2014-08-20 13:03 - 00000000 ____D () C:\AdwCleaner
2014-08-19 23:43 - 2014-08-19 23:43 - 01361671 _____ () C:\Users\David\Downloads\adwcleaner_3.307.exe
2014-08-19 23:37 - 2014-08-19 23:37 - 00448512 _____ (OldTimer Tools) C:\Users\David\Downloads\TFC.exe
2014-08-19 23:35 - 2014-08-19 23:35 - 00050688 _____ (Atribune.org) C:\Users\David\Downloads\ATF-Cleaner.exe
2014-08-13 23:59 - 2014-08-13 23:59 - 00001844 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Poker at bet365.lnk
2014-08-13 23:59 - 2014-08-13 23:59 - 00001842 _____ () C:\Users\David\Desktop\Poker at bet365.lnk
2014-08-13 23:57 - 2014-08-21 16:48 - 00000000 ____D () C:\Users\David\AppData\Local\Poker at bet365
2014-08-13 17:27 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-13 17:27 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-13 17:27 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-13 17:27 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 17:27 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 17:27 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-13 17:27 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-13 17:27 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-13 17:27 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-13 17:27 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-13 17:27 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-13 17:27 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-13 17:27 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-13 17:27 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-13 17:27 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-13 17:27 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-13 17:27 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-13 17:27 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-13 17:27 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-13 17:27 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-13 17:27 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-13 17:27 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 17:27 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-13 17:27 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-13 17:26 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-13 17:26 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 17:26 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-13 17:26 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-13 17:26 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 17:26 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 17:26 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 17:26 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 17:26 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-13 17:26 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-13 17:26 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-13 14:27 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 14:27 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-13 14:23 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-13 14:23 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-13 14:23 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 14:23 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-13 14:23 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-13 14:23 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-13 14:23 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-13 14:23 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-13 14:23 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 14:23 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-13 14:19 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-13 14:19 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-13 14:19 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-13 14:19 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-13 14:19 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 14:19 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 14:19 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 14:19 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 14:19 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 14:19 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 14:19 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 14:19 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 14:19 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-04 13:40 - 2014-08-04 13:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\David\Downloads\hijackthis.exe
2014-08-03 22:44 - 2014-08-03 22:44 - 00001865 _____ () C:\Users\Public\Desktop\FIFA 14.lnk
2014-08-03 22:44 - 2014-08-03 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
2014-08-03 20:29 - 2014-08-23 23:35 - 00000000 ____D () C:\Users\David\Documents\FIFA 14
2014-08-02 21:47 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-08-01 19:26 - 2014-08-01 19:26 - 00027539 _____ () C:\Users\David\Downloads\Nezastavytelní-3.rar
2014-08-01 19:23 - 2014-08-01 19:23 - 00611648 _____ () C:\Users\David\Downloads\the-expendables-3-cze-5770349.exe
2014-07-31 23:47 - 2014-07-31 23:48 - 00890744 _____ (AMD) C:\Users\David\Downloads\amddriverdownloader (1).exe
2014-07-31 23:46 - 2014-07-31 23:46 - 00890744 _____ (AMD) C:\Users\David\Downloads\amddriverdownloader.exe
2014-07-31 23:25 - 2014-07-31 23:25 - 00000000 ____D () C:\ProgramData\ATI
2014-07-31 23:23 - 2014-07-31 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-07-31 23:23 - 2014-07-31 23:23 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-07-31 23:22 - 2014-07-31 23:22 - 00067348 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407312322554631.log
2014-07-31 23:22 - 2014-07-31 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-31 23:22 - 2014-07-31 23:22 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-31 23:20 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2014-07-31 23:17 - 2014-07-31 23:22 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-31 23:12 - 2014-07-31 23:14 - 320787824 _____ (AMD Inc.) C:\Users\David\Downloads\amd-catalyst-14.7-rc1-windows-july9.exe
2014-07-31 20:32 - 2014-08-14 22:19 - 00000000 ____D () C:\Users\David\Documents\888poker
2014-07-31 20:32 - 2014-07-31 20:32 - 00002054 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk
2014-07-31 20:32 - 2014-07-31 20:32 - 00002030 _____ () C:\Users\David\Desktop\888poker.lnk
2014-07-31 20:32 - 2014-07-31 20:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-31 20:32 - 2014-07-31 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-31 20:30 - 2014-08-12 18:05 - 00000000 ____D () C:\Program Files (x86)\PacificPoker
2014-07-31 20:30 - 2014-07-31 20:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\PacificPoker
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\Documents\Lenovo
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\Documents\CyberLink
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\WebApp
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\CyberLink
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Local\Cyberlink
2014-07-31 13:52 - 2014-07-31 13:52 - 41736680 _____ (IObit ) C:\Users\David\Downloads\advanced-systemcare-setup (1).exe
2014-07-31 13:52 - 2014-07-31 13:52 - 00000000 ____D () C:\Users\David\AppData\Roaming\IObit
2014-07-31 13:45 - 2014-07-31 13:45 - 00007596 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg
2014-07-29 20:01 - 2014-07-29 20:01 - 00065400 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407292001154159.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-28 20:07 - 2014-08-28 20:07 - 00013252 _____ () C:\Users\David\Desktop\FRST.txt
2014-08-28 20:07 - 2014-08-28 20:06 - 00000000 ____D () C:\FRST
2014-08-28 20:05 - 2014-08-28 20:05 - 02103296 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2014-08-28 20:05 - 2014-08-28 20:05 - 02103296 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2014-08-28 20:05 - 2014-06-29 11:38 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1825952755-3884229102-739240676-1002
2014-08-28 20:04 - 2014-03-18 17:33 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-28 20:04 - 2014-03-18 16:54 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-08-28 20:04 - 2014-03-18 16:54 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-08-28 20:02 - 2014-06-29 05:49 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 20:00 - 2014-06-29 13:14 - 00000000 __RDO () C:\Users\David\OneDrive
2014-08-28 20:00 - 2014-06-29 05:49 - 00000958 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 19:59 - 2014-07-01 23:41 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2014-08-28 19:59 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-28 19:59 - 2013-08-22 16:44 - 00362520 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-28 19:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-28 19:58 - 2014-08-22 22:32 - 00718310 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-28 19:58 - 2014-06-29 00:30 - 03190226 _____ () C:\Users\Public\CAFADEBUG.log
2014-08-28 19:58 - 2013-12-10 20:28 - 00004608 _____ () C:\WINDOWS\system32\VfService.trf
2014-08-28 19:54 - 2014-07-01 15:36 - 00000845 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-28 19:54 - 2014-07-01 15:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-28 19:54 - 2014-06-29 05:49 - 00000962 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 19:53 - 2014-08-28 19:53 - 04901352 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup417.exe
2014-08-28 19:37 - 2014-07-01 23:40 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-28 19:13 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-28 19:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-28 18:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-28 17:58 - 2014-06-29 16:30 - 00003958 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6D59577-E7E0-4779-9976-B42AE45FE1DC}
2014-08-28 00:54 - 2014-07-25 17:36 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2014-08-28 00:54 - 2014-06-29 12:48 - 00000000 ____D () C:\Users\David
2014-08-26 22:19 - 2014-08-26 22:12 - 1714776260 _____ () C:\Users\David\Downloads\Episodes-1.-séria-CZ-Titulky---M941.rar
2014-08-25 18:11 - 2014-08-20 19:54 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 18:34 - 2014-08-22 21:38 - 00000000 ____D () C:\Users\David\Desktop\Správa PC
2014-08-23 23:35 - 2014-08-03 20:29 - 00000000 ____D () C:\Users\David\Documents\FIFA 14
2014-08-23 19:34 - 2014-06-29 00:15 - 00000000 ____D () C:\Users\David\Documents\Bluetooth Folder
2014-08-23 14:18 - 2014-08-21 13:07 - 00036456 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-23 02:42 - 2014-08-28 18:54 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 23:14 - 2014-08-22 23:14 - 00000000 ____D () C:\Users\David\Desktop\Pracovní balíček
2014-08-22 23:14 - 2014-08-22 23:13 - 00000000 ____D () C:\Users\David\Desktop\Škola
2014-08-22 23:09 - 2014-07-05 14:05 - 00098304 ___SH () C:\Users\David\Desktop\Thumbs.db
2014-08-22 22:28 - 2014-08-22 22:23 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-08-22 22:23 - 2014-08-22 22:23 - 00221776 _____ () C:\Users\David\Downloads\avira_registry_cleaner_en.exe
2014-08-22 22:16 - 2014-08-21 22:43 - 00000000 ____D () C:\ProgramData\Avira
2014-08-22 22:13 - 2014-08-22 22:13 - 00001291 _____ () C:\Users\David\Desktop\Revo Uninstaller.lnk
2014-08-22 22:13 - 2014-08-22 22:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 22:12 - 2014-08-22 22:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\David\Downloads\revosetup.exe
2014-08-22 22:08 - 2014-06-29 13:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-21 23:02 - 2014-08-21 23:02 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\David\Downloads\avira_en_av___ws.exe
2014-08-21 22:44 - 2014-08-21 22:44 - 00000000 ____D () C:\Users\David\AppData\Roaming\Mozilla
2014-08-21 22:43 - 2014-08-21 22:43 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\David\Downloads\avira_de_av___ws.exe
2014-08-21 16:48 - 2014-08-13 23:57 - 00000000 ____D () C:\Users\David\AppData\Local\Poker at bet365
2014-08-21 13:07 - 2014-08-21 13:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-21 11:26 - 2014-08-21 11:23 - 287581229 _____ () C:\Users\David\Downloads\The-Big-Bang-Theory-S01E00-Unaired-Pilot-CZ-TIT-vlozeny-Ksikos.avi.zip
2014-08-20 19:54 - 2014-08-20 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 19:54 - 2014-08-20 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 19:53 - 2014-08-20 19:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-08-20 19:48 - 2014-08-20 19:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-08-20 19:41 - 2014-08-20 19:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-20 13:27 - 2014-08-20 13:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-20 13:27 - 2014-08-20 13:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-20 13:07 - 2014-08-20 13:07 - 01016261 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2014-08-20 13:07 - 2014-08-20 13:07 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-20 13:03 - 2014-08-19 23:45 - 00000000 ____D () C:\AdwCleaner
2014-08-19 23:43 - 2014-08-19 23:43 - 01361671 _____ () C:\Users\David\Downloads\adwcleaner_3.307.exe
2014-08-19 23:37 - 2014-08-19 23:37 - 00448512 _____ (OldTimer Tools) C:\Users\David\Downloads\TFC.exe
2014-08-19 23:35 - 2014-08-19 23:35 - 00050688 _____ (Atribune.org) C:\Users\David\Downloads\ATF-Cleaner.exe
2014-08-18 14:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-14 22:19 - 2014-07-31 20:32 - 00000000 ____D () C:\Users\David\Documents\888poker
2014-08-13 23:59 - 2014-08-13 23:59 - 00001844 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Poker at bet365.lnk
2014-08-13 23:59 - 2014-08-13 23:59 - 00001842 _____ () C:\Users\David\Desktop\Poker at bet365.lnk
2014-08-13 18:15 - 2014-07-10 19:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-13 18:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-13 18:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-13 14:35 - 2014-06-29 01:43 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-13 14:32 - 2014-06-29 01:43 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 14:18 - 2014-03-18 17:43 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 14:18 - 2014-03-18 17:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 14:18 - 2013-08-22 13:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 14:18 - 2013-08-22 13:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 14:18 - 2013-08-22 13:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 14:18 - 2013-08-22 13:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 14:18 - 2013-08-22 13:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 14:18 - 2013-08-22 13:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 14:18 - 2013-08-22 06:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 14:18 - 2013-08-22 05:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 14:18 - 2013-08-22 05:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 14:18 - 2013-08-22 05:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 14:18 - 2013-08-22 05:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-13 14:18 - 2013-08-22 05:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 14:17 - 2014-03-18 17:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 14:17 - 2013-08-22 12:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-12 18:05 - 2014-07-31 20:30 - 00000000 ____D () C:\Program Files (x86)\PacificPoker
2014-08-07 04:12 - 2014-08-13 14:19 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:38 - 2014-08-13 14:19 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-04 13:40 - 2014-08-04 13:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\David\Downloads\hijackthis.exe
2014-08-04 13:40 - 2014-06-29 00:12 - 00000000 ____D () C:\Users\David\AppData\Local\VirtualStore
2014-08-03 22:44 - 2014-08-03 22:44 - 00001865 _____ () C:\Users\Public\Desktop\FIFA 14.lnk
2014-08-03 22:44 - 2014-08-03 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
2014-08-03 21:44 - 2014-06-29 17:55 - 00000000 ____D () C:\Games
2014-08-03 21:43 - 2014-06-29 17:36 - 00000000 ____D () C:\Users\David\Downloads\FIFA.14.Multi13-RU.Repack.by.z10yded
2014-08-02 21:55 - 2013-12-10 20:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-02 21:48 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-02 21:48 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-02 21:46 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-08-02 07:44 - 2014-08-13 14:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-02 05:56 - 2014-08-13 14:19 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-02 05:11 - 2014-08-13 14:19 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2013-08-22 17:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-01 19:27 - 2014-07-26 13:08 - 00000000 ____D () C:\Users\David\Downloads\The.Expendables.3.2014.DVDSCR.Xvid-DiNGO
2014-08-01 19:26 - 2014-08-01 19:26 - 00027539 _____ () C:\Users\David\Downloads\Nezastavytelní-3.rar
2014-08-01 19:23 - 2014-08-01 19:23 - 00611648 _____ () C:\Users\David\Downloads\the-expendables-3-cze-5770349.exe
2014-07-31 23:48 - 2014-07-31 23:47 - 00890744 _____ (AMD) C:\Users\David\Downloads\amddriverdownloader (1).exe
2014-07-31 23:46 - 2014-07-31 23:46 - 00890744 _____ (AMD) C:\Users\David\Downloads\amddriverdownloader.exe
2014-07-31 23:25 - 2014-07-31 23:25 - 00000000 ____D () C:\ProgramData\ATI
2014-07-31 23:23 - 2014-07-31 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-07-31 23:23 - 2014-07-31 23:23 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-07-31 23:23 - 2013-12-10 19:55 - 00000000 ____D () C:\ProgramData\AMD
2014-07-31 23:22 - 2014-07-31 23:22 - 00067348 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407312322554631.log
2014-07-31 23:22 - 2014-07-31 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-31 23:22 - 2014-07-31 23:22 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-31 23:22 - 2014-07-31 23:17 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-31 23:17 - 2013-12-10 19:53 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-31 23:15 - 2014-06-29 13:46 - 00000000 ____D () C:\AMD
2014-07-31 23:14 - 2014-07-31 23:12 - 320787824 _____ (AMD Inc.) C:\Users\David\Downloads\amd-catalyst-14.7-rc1-windows-july9.exe
2014-07-31 20:32 - 2014-07-31 20:32 - 00002054 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk
2014-07-31 20:32 - 2014-07-31 20:32 - 00002030 _____ () C:\Users\David\Desktop\888poker.lnk
2014-07-31 20:32 - 2014-07-31 20:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-31 20:32 - 2014-07-31 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-31 20:32 - 2014-07-31 20:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\PacificPoker
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\Documents\Lenovo
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\Documents\CyberLink
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\WebApp
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\CyberLink
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Local\Cyberlink
2014-07-31 17:06 - 2014-06-29 00:15 - 00000000 ____D () C:\Users\David\AppData\Roaming\Lenovo
2014-07-31 17:06 - 2013-12-10 20:28 - 00000000 ____D () C:\ProgramData\Lenovo
2014-07-31 13:52 - 2014-07-31 13:52 - 41736680 _____ (IObit ) C:\Users\David\Downloads\advanced-systemcare-setup (1).exe
2014-07-31 13:52 - 2014-07-31 13:52 - 00000000 ____D () C:\Users\David\AppData\Roaming\IObit
2014-07-31 13:45 - 2014-07-31 13:45 - 00007596 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg
2014-07-29 20:01 - 2014-07-29 20:01 - 00065400 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407292001154159.log
2014-07-29 19:49 - 2014-07-23 12:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-29 19:49 - 2014-07-23 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-29 19:37 - 2014-06-29 15:15 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-23 16:42
==================== End Of Log ============================
Ran by David (administrator) on DAVID on 28-08-2014 20:07:19
Running from C:\Users\David\Desktop
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-12-10] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-12-10] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [909016 2013-10-21] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-07-09] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1825952755-3884229102-739240676-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1825952755-3884229102-739240676-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-1825952755-3884229102-739240676-1002\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL =
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Avira Browser Safety - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default\Extensions\abs@avira.com [2014-08-21]
Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-23]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-22]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-23]
CHR Extension: (Vyhledávání Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-23]
CHR Extension: (Peněženka Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-23]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-09] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-12-10] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-25] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-29] (Disc Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243272 2013-04-10] (Realtek Semiconductor Corp.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-29] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-28 20:07 - 2014-08-28 20:07 - 00013252 _____ () C:\Users\David\Desktop\FRST.txt
2014-08-28 20:06 - 2014-08-28 20:07 - 00000000 ____D () C:\FRST
2014-08-28 20:05 - 2014-08-28 20:05 - 02103296 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2014-08-28 20:05 - 2014-08-28 20:05 - 02103296 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2014-08-28 19:53 - 2014-08-28 19:53 - 04901352 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup417.exe
2014-08-28 18:54 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-26 22:19 - 2014-05-20 02:33 - 00000000 ____D () C:\Users\David\Desktop\Episodes 1. séria CZ Titulky - M941
2014-08-26 22:12 - 2014-08-26 22:19 - 1714776260 _____ () C:\Users\David\Downloads\Episodes-1.-séria-CZ-Titulky---M941.rar
2014-08-22 23:14 - 2014-08-22 23:14 - 00000000 ____D () C:\Users\David\Desktop\Pracovní balíček
2014-08-22 23:13 - 2014-08-22 23:14 - 00000000 ____D () C:\Users\David\Desktop\Škola
2014-08-22 22:32 - 2014-08-28 19:58 - 00718310 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-22 22:23 - 2014-08-22 22:28 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-08-22 22:23 - 2014-08-22 22:23 - 00221776 _____ () C:\Users\David\Downloads\avira_registry_cleaner_en.exe
2014-08-22 22:13 - 2014-08-22 22:13 - 00001291 _____ () C:\Users\David\Desktop\Revo Uninstaller.lnk
2014-08-22 22:13 - 2014-08-22 22:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 22:11 - 2014-08-22 22:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\David\Downloads\revosetup.exe
2014-08-22 21:38 - 2014-08-24 18:34 - 00000000 ____D () C:\Users\David\Desktop\Správa PC
2014-08-21 23:02 - 2014-08-21 23:02 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\David\Downloads\avira_en_av___ws.exe
2014-08-21 22:44 - 2014-08-21 22:44 - 00000000 ____D () C:\Users\David\AppData\Roaming\Mozilla
2014-08-21 22:43 - 2014-08-22 22:16 - 00000000 ____D () C:\ProgramData\Avira
2014-08-21 22:43 - 2014-08-21 22:43 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\David\Downloads\avira_de_av___ws.exe
2014-08-21 13:07 - 2014-08-23 14:18 - 00036456 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-21 13:07 - 2014-08-21 13:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-21 11:23 - 2014-08-21 11:26 - 287581229 _____ () C:\Users\David\Downloads\The-Big-Bang-Theory-S01E00-Unaired-Pilot-CZ-TIT-vlozeny-Ksikos.avi.zip
2014-08-20 19:54 - 2014-08-25 18:11 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 19:54 - 2014-08-20 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 19:54 - 2014-08-20 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 19:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-20 19:54 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-20 19:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-20 19:52 - 2014-08-20 19:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-08-20 19:47 - 2014-08-20 19:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-08-20 19:41 - 2014-08-20 19:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-20 13:27 - 2014-08-20 13:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-20 13:26 - 2014-08-20 13:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-20 13:07 - 2014-08-20 13:07 - 01016261 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2014-08-20 13:07 - 2014-08-20 13:07 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-19 23:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-19 23:45 - 2014-08-20 13:03 - 00000000 ____D () C:\AdwCleaner
2014-08-19 23:43 - 2014-08-19 23:43 - 01361671 _____ () C:\Users\David\Downloads\adwcleaner_3.307.exe
2014-08-19 23:37 - 2014-08-19 23:37 - 00448512 _____ (OldTimer Tools) C:\Users\David\Downloads\TFC.exe
2014-08-19 23:35 - 2014-08-19 23:35 - 00050688 _____ (Atribune.org) C:\Users\David\Downloads\ATF-Cleaner.exe
2014-08-13 23:59 - 2014-08-13 23:59 - 00001844 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Poker at bet365.lnk
2014-08-13 23:59 - 2014-08-13 23:59 - 00001842 _____ () C:\Users\David\Desktop\Poker at bet365.lnk
2014-08-13 23:57 - 2014-08-21 16:48 - 00000000 ____D () C:\Users\David\AppData\Local\Poker at bet365
2014-08-13 17:27 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-13 17:27 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-13 17:27 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-13 17:27 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 17:27 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 17:27 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-13 17:27 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-13 17:27 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-13 17:27 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-13 17:27 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-13 17:27 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-13 17:27 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-13 17:27 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-13 17:27 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-13 17:27 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-13 17:27 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-13 17:27 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-13 17:27 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-13 17:27 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-13 17:27 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-13 17:27 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-13 17:27 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 17:27 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-13 17:27 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-13 17:26 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-13 17:26 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 17:26 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-13 17:26 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-13 17:26 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 17:26 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 17:26 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 17:26 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 17:26 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-13 17:26 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-13 17:26 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-13 14:27 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 14:27 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-13 14:23 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-13 14:23 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-13 14:23 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 14:23 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-13 14:23 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-13 14:23 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-13 14:23 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-13 14:23 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-13 14:23 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 14:23 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-13 14:19 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-13 14:19 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-13 14:19 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-13 14:19 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-13 14:19 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 14:19 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 14:19 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 14:19 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 14:19 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 14:19 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 14:19 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 14:19 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 14:19 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-04 13:40 - 2014-08-04 13:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\David\Downloads\hijackthis.exe
2014-08-03 22:44 - 2014-08-03 22:44 - 00001865 _____ () C:\Users\Public\Desktop\FIFA 14.lnk
2014-08-03 22:44 - 2014-08-03 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
2014-08-03 20:29 - 2014-08-23 23:35 - 00000000 ____D () C:\Users\David\Documents\FIFA 14
2014-08-02 21:47 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-08-01 19:26 - 2014-08-01 19:26 - 00027539 _____ () C:\Users\David\Downloads\Nezastavytelní-3.rar
2014-08-01 19:23 - 2014-08-01 19:23 - 00611648 _____ () C:\Users\David\Downloads\the-expendables-3-cze-5770349.exe
2014-07-31 23:47 - 2014-07-31 23:48 - 00890744 _____ (AMD) C:\Users\David\Downloads\amddriverdownloader (1).exe
2014-07-31 23:46 - 2014-07-31 23:46 - 00890744 _____ (AMD) C:\Users\David\Downloads\amddriverdownloader.exe
2014-07-31 23:25 - 2014-07-31 23:25 - 00000000 ____D () C:\ProgramData\ATI
2014-07-31 23:23 - 2014-07-31 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-07-31 23:23 - 2014-07-31 23:23 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-07-31 23:22 - 2014-07-31 23:22 - 00067348 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407312322554631.log
2014-07-31 23:22 - 2014-07-31 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-31 23:22 - 2014-07-31 23:22 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-31 23:20 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2014-07-31 23:17 - 2014-07-31 23:22 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-31 23:12 - 2014-07-31 23:14 - 320787824 _____ (AMD Inc.) C:\Users\David\Downloads\amd-catalyst-14.7-rc1-windows-july9.exe
2014-07-31 20:32 - 2014-08-14 22:19 - 00000000 ____D () C:\Users\David\Documents\888poker
2014-07-31 20:32 - 2014-07-31 20:32 - 00002054 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk
2014-07-31 20:32 - 2014-07-31 20:32 - 00002030 _____ () C:\Users\David\Desktop\888poker.lnk
2014-07-31 20:32 - 2014-07-31 20:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-31 20:32 - 2014-07-31 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-31 20:30 - 2014-08-12 18:05 - 00000000 ____D () C:\Program Files (x86)\PacificPoker
2014-07-31 20:30 - 2014-07-31 20:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\PacificPoker
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\Documents\Lenovo
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\Documents\CyberLink
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\WebApp
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\CyberLink
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Local\Cyberlink
2014-07-31 13:52 - 2014-07-31 13:52 - 41736680 _____ (IObit ) C:\Users\David\Downloads\advanced-systemcare-setup (1).exe
2014-07-31 13:52 - 2014-07-31 13:52 - 00000000 ____D () C:\Users\David\AppData\Roaming\IObit
2014-07-31 13:45 - 2014-07-31 13:45 - 00007596 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg
2014-07-29 20:01 - 2014-07-29 20:01 - 00065400 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407292001154159.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-28 20:07 - 2014-08-28 20:07 - 00013252 _____ () C:\Users\David\Desktop\FRST.txt
2014-08-28 20:07 - 2014-08-28 20:06 - 00000000 ____D () C:\FRST
2014-08-28 20:05 - 2014-08-28 20:05 - 02103296 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2014-08-28 20:05 - 2014-08-28 20:05 - 02103296 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2014-08-28 20:05 - 2014-06-29 11:38 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1825952755-3884229102-739240676-1002
2014-08-28 20:04 - 2014-03-18 17:33 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-28 20:04 - 2014-03-18 16:54 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-08-28 20:04 - 2014-03-18 16:54 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-08-28 20:02 - 2014-06-29 05:49 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 20:00 - 2014-06-29 13:14 - 00000000 __RDO () C:\Users\David\OneDrive
2014-08-28 20:00 - 2014-06-29 05:49 - 00000958 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 19:59 - 2014-07-01 23:41 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2014-08-28 19:59 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-28 19:59 - 2013-08-22 16:44 - 00362520 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-28 19:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-28 19:58 - 2014-08-22 22:32 - 00718310 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-28 19:58 - 2014-06-29 00:30 - 03190226 _____ () C:\Users\Public\CAFADEBUG.log
2014-08-28 19:58 - 2013-12-10 20:28 - 00004608 _____ () C:\WINDOWS\system32\VfService.trf
2014-08-28 19:54 - 2014-07-01 15:36 - 00000845 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-28 19:54 - 2014-07-01 15:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-28 19:54 - 2014-06-29 05:49 - 00000962 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 19:53 - 2014-08-28 19:53 - 04901352 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup417.exe
2014-08-28 19:37 - 2014-07-01 23:40 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-28 19:13 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-28 19:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-28 18:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-28 17:58 - 2014-06-29 16:30 - 00003958 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6D59577-E7E0-4779-9976-B42AE45FE1DC}
2014-08-28 00:54 - 2014-07-25 17:36 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2014-08-28 00:54 - 2014-06-29 12:48 - 00000000 ____D () C:\Users\David
2014-08-26 22:19 - 2014-08-26 22:12 - 1714776260 _____ () C:\Users\David\Downloads\Episodes-1.-séria-CZ-Titulky---M941.rar
2014-08-25 18:11 - 2014-08-20 19:54 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 18:34 - 2014-08-22 21:38 - 00000000 ____D () C:\Users\David\Desktop\Správa PC
2014-08-23 23:35 - 2014-08-03 20:29 - 00000000 ____D () C:\Users\David\Documents\FIFA 14
2014-08-23 19:34 - 2014-06-29 00:15 - 00000000 ____D () C:\Users\David\Documents\Bluetooth Folder
2014-08-23 14:18 - 2014-08-21 13:07 - 00036456 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-23 02:42 - 2014-08-28 18:54 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 23:14 - 2014-08-22 23:14 - 00000000 ____D () C:\Users\David\Desktop\Pracovní balíček
2014-08-22 23:14 - 2014-08-22 23:13 - 00000000 ____D () C:\Users\David\Desktop\Škola
2014-08-22 23:09 - 2014-07-05 14:05 - 00098304 ___SH () C:\Users\David\Desktop\Thumbs.db
2014-08-22 22:28 - 2014-08-22 22:23 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-08-22 22:23 - 2014-08-22 22:23 - 00221776 _____ () C:\Users\David\Downloads\avira_registry_cleaner_en.exe
2014-08-22 22:16 - 2014-08-21 22:43 - 00000000 ____D () C:\ProgramData\Avira
2014-08-22 22:13 - 2014-08-22 22:13 - 00001291 _____ () C:\Users\David\Desktop\Revo Uninstaller.lnk
2014-08-22 22:13 - 2014-08-22 22:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 22:12 - 2014-08-22 22:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\David\Downloads\revosetup.exe
2014-08-22 22:08 - 2014-06-29 13:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-21 23:02 - 2014-08-21 23:02 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\David\Downloads\avira_en_av___ws.exe
2014-08-21 22:44 - 2014-08-21 22:44 - 00000000 ____D () C:\Users\David\AppData\Roaming\Mozilla
2014-08-21 22:43 - 2014-08-21 22:43 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\David\Downloads\avira_de_av___ws.exe
2014-08-21 16:48 - 2014-08-13 23:57 - 00000000 ____D () C:\Users\David\AppData\Local\Poker at bet365
2014-08-21 13:07 - 2014-08-21 13:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-21 11:26 - 2014-08-21 11:23 - 287581229 _____ () C:\Users\David\Downloads\The-Big-Bang-Theory-S01E00-Unaired-Pilot-CZ-TIT-vlozeny-Ksikos.avi.zip
2014-08-20 19:54 - 2014-08-20 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 19:54 - 2014-08-20 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 19:53 - 2014-08-20 19:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-08-20 19:48 - 2014-08-20 19:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-08-20 19:41 - 2014-08-20 19:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-20 13:27 - 2014-08-20 13:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-20 13:27 - 2014-08-20 13:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-20 13:07 - 2014-08-20 13:07 - 01016261 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2014-08-20 13:07 - 2014-08-20 13:07 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-20 13:03 - 2014-08-19 23:45 - 00000000 ____D () C:\AdwCleaner
2014-08-19 23:43 - 2014-08-19 23:43 - 01361671 _____ () C:\Users\David\Downloads\adwcleaner_3.307.exe
2014-08-19 23:37 - 2014-08-19 23:37 - 00448512 _____ (OldTimer Tools) C:\Users\David\Downloads\TFC.exe
2014-08-19 23:35 - 2014-08-19 23:35 - 00050688 _____ (Atribune.org) C:\Users\David\Downloads\ATF-Cleaner.exe
2014-08-18 14:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-14 22:19 - 2014-07-31 20:32 - 00000000 ____D () C:\Users\David\Documents\888poker
2014-08-13 23:59 - 2014-08-13 23:59 - 00001844 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Poker at bet365.lnk
2014-08-13 23:59 - 2014-08-13 23:59 - 00001842 _____ () C:\Users\David\Desktop\Poker at bet365.lnk
2014-08-13 18:15 - 2014-07-10 19:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-13 18:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-13 18:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-13 14:35 - 2014-06-29 01:43 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-13 14:32 - 2014-06-29 01:43 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 14:18 - 2014-03-18 17:43 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 14:18 - 2014-03-18 17:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 14:18 - 2013-08-22 13:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 14:18 - 2013-08-22 13:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 14:18 - 2013-08-22 13:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 14:18 - 2013-08-22 13:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 14:18 - 2013-08-22 13:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 14:18 - 2013-08-22 13:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 14:18 - 2013-08-22 06:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 14:18 - 2013-08-22 05:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 14:18 - 2013-08-22 05:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 14:18 - 2013-08-22 05:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 14:18 - 2013-08-22 05:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-13 14:18 - 2013-08-22 05:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 14:17 - 2014-03-18 17:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 14:17 - 2013-08-22 12:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-12 18:05 - 2014-07-31 20:30 - 00000000 ____D () C:\Program Files (x86)\PacificPoker
2014-08-07 04:12 - 2014-08-13 14:19 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:38 - 2014-08-13 14:19 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-04 13:40 - 2014-08-04 13:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\David\Downloads\hijackthis.exe
2014-08-04 13:40 - 2014-06-29 00:12 - 00000000 ____D () C:\Users\David\AppData\Local\VirtualStore
2014-08-03 22:44 - 2014-08-03 22:44 - 00001865 _____ () C:\Users\Public\Desktop\FIFA 14.lnk
2014-08-03 22:44 - 2014-08-03 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
2014-08-03 21:44 - 2014-06-29 17:55 - 00000000 ____D () C:\Games
2014-08-03 21:43 - 2014-06-29 17:36 - 00000000 ____D () C:\Users\David\Downloads\FIFA.14.Multi13-RU.Repack.by.z10yded
2014-08-02 21:55 - 2013-12-10 20:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-02 21:48 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-02 21:48 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-02 21:46 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-08-02 07:44 - 2014-08-13 14:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-02 05:56 - 2014-08-13 14:19 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-02 05:11 - 2014-08-13 14:19 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2013-08-22 17:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-01 19:27 - 2014-07-26 13:08 - 00000000 ____D () C:\Users\David\Downloads\The.Expendables.3.2014.DVDSCR.Xvid-DiNGO
2014-08-01 19:26 - 2014-08-01 19:26 - 00027539 _____ () C:\Users\David\Downloads\Nezastavytelní-3.rar
2014-08-01 19:23 - 2014-08-01 19:23 - 00611648 _____ () C:\Users\David\Downloads\the-expendables-3-cze-5770349.exe
2014-07-31 23:48 - 2014-07-31 23:47 - 00890744 _____ (AMD) C:\Users\David\Downloads\amddriverdownloader (1).exe
2014-07-31 23:46 - 2014-07-31 23:46 - 00890744 _____ (AMD) C:\Users\David\Downloads\amddriverdownloader.exe
2014-07-31 23:25 - 2014-07-31 23:25 - 00000000 ____D () C:\ProgramData\ATI
2014-07-31 23:23 - 2014-07-31 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-07-31 23:23 - 2014-07-31 23:23 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-07-31 23:23 - 2013-12-10 19:55 - 00000000 ____D () C:\ProgramData\AMD
2014-07-31 23:22 - 2014-07-31 23:22 - 00067348 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407312322554631.log
2014-07-31 23:22 - 2014-07-31 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-31 23:22 - 2014-07-31 23:22 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-31 23:22 - 2014-07-31 23:17 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-31 23:17 - 2013-12-10 19:53 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-31 23:15 - 2014-06-29 13:46 - 00000000 ____D () C:\AMD
2014-07-31 23:14 - 2014-07-31 23:12 - 320787824 _____ (AMD Inc.) C:\Users\David\Downloads\amd-catalyst-14.7-rc1-windows-july9.exe
2014-07-31 20:32 - 2014-07-31 20:32 - 00002054 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk
2014-07-31 20:32 - 2014-07-31 20:32 - 00002030 _____ () C:\Users\David\Desktop\888poker.lnk
2014-07-31 20:32 - 2014-07-31 20:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-31 20:32 - 2014-07-31 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-31 20:32 - 2014-07-31 20:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\PacificPoker
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\Documents\Lenovo
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\Documents\CyberLink
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\WebApp
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\CyberLink
2014-07-31 17:06 - 2014-07-31 17:06 - 00000000 ____D () C:\Users\David\AppData\Local\Cyberlink
2014-07-31 17:06 - 2014-06-29 00:15 - 00000000 ____D () C:\Users\David\AppData\Roaming\Lenovo
2014-07-31 17:06 - 2013-12-10 20:28 - 00000000 ____D () C:\ProgramData\Lenovo
2014-07-31 13:52 - 2014-07-31 13:52 - 41736680 _____ (IObit ) C:\Users\David\Downloads\advanced-systemcare-setup (1).exe
2014-07-31 13:52 - 2014-07-31 13:52 - 00000000 ____D () C:\Users\David\AppData\Roaming\IObit
2014-07-31 13:45 - 2014-07-31 13:45 - 00007596 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg
2014-07-29 20:01 - 2014-07-29 20:01 - 00065400 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407292001154159.log
2014-07-29 19:49 - 2014-07-23 12:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-29 19:49 - 2014-07-23 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-29 19:37 - 2014-06-29 15:15 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-23 16:42
==================== End Of Log ============================
Re: Kontrola logu - sekání
Tady jsou ty logy, vše jsem provedl, kromě odinstalování ComboFixu, jelikož i přesto, že v pc normálně je, přes "spustit" smazat nejde, jelikož mi to hlásí, že ComboFix nemůže najít, co s tím?
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu - sekání
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
SearchScopes: HKLM - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL =
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu - sekání
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-08-2014
Ran by David at 2014-08-29 20:36:05 Run:1
Running from C:\Users\David\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
SearchScopes: HKLM - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL =
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
*****************
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => Key deleted successfully.
[4568] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe => Process closed successfully.
[4576] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe => Process closed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key deleted successfully.
"HKCR\CLSID\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key Deleted successfully.
"HKCR\Wow6432Node\CLSID\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key deleted successfully.
"HKCR\CLSID\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value deleted successfully.
==== End of Fixlog ====
Ran by David at 2014-08-29 20:36:05 Run:1
Running from C:\Users\David\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
SearchScopes: HKLM - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {197EB3E7-B7D4-4CDB-A240-877817C52459} URL =
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
*****************
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => Key deleted successfully.
[4568] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe => Process closed successfully.
[4576] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe => Process closed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key deleted successfully.
"HKCR\CLSID\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key Deleted successfully.
"HKCR\Wow6432Node\CLSID\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key deleted successfully.
"HKCR\CLSID\{197EB3E7-B7D4-4CDB-A240-877817C52459}" => Key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value deleted successfully.
==== End of Fixlog ====
Re: Kontrola logu - sekání
Zoek.exe v5.0.0.0 Updated 28-08-2014
Tool run by David on p 29. 08. 2014 at 20:40:00,58.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\David\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
29. 8. 2014 20:40:38 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default\prefs.js:
Added to C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default\extensions\abs@avira.com deleted
==== Firefox Extensions ======================
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\David\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=165 folders=44 17822116 bytes)
==== Empty Temp Folders ======================
C:\Users\David\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\David\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 29. 08. 2014 at 20:56:53,40 ======================
Tool run by David on p 29. 08. 2014 at 20:40:00,58.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\David\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
29. 8. 2014 20:40:38 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default\prefs.js:
Added to C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\TfG9lwHN.default\extensions\abs@avira.com deleted
==== Firefox Extensions ======================
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\David\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=165 folders=44 17822116 bytes)
==== Empty Temp Folders ======================
C:\Users\David\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\David\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 29. 08. 2014 at 20:56:53,40 ======================
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu - sekání
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 91 hostů