Tady to je:
PS: HJT mam nejnovější v2.0.4
Scan result of Farbar Recovery
Scan Tool (FRST.txt) (x64)
Version: 27-12-2013 01
Ran by Karolínka (administrator)
on NOTEBOOCIK on 27-12-2013
20:30:29
Running from C:\Users\Karolínka
\Downloads
Windows 8 (X64) OS Language:
Czech
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes
(All) =========================
(Microsoft Corporation) C:
\Windows\System32\csrss.exe
(Microsoft Corporation) C:
\Windows\System32\wininit.exe
(Microsoft Corporation) C:
\Windows\System32\csrss.exe
(Microsoft Corporation) C:
\Windows\System32\winlogon.exe
(Microsoft Corporation) C:
\Windows\System32\services.exe
(Microsoft Corporation) C:
\Windows\System32\lsass.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(AMD) C:\Windows
\System32\atiesrxx.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(Microsoft Corporation) C:
\Windows\System32\dwm.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(AMD) C:\Windows
\System32\atieclxx.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(AVAST Software) C:\Program
Files\AVAST Software\Avast
\AvastSvc.exe
(Microsoft Corporation) C:
\Windows\System32\spoolsv.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(Microsoft Corporation) C:
\Windows\explorer.exe
(Adobe Systems Incorporated) C:
\Program Files (x86)\Common
Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation) C:
\Windows\System32\taskhostex.exe
(Synaptics Incorporated) C:
\Program Files\Synaptics\SynTP
\SynTPEnh.exe
(Qualcomm Atheros Commnucations)
C:\Program Files (x86)\Bluetooth
Suite\AdminService.exe
(Samsung Electronics CO., LTD.)
C:\Program Files (x86)\Samsung
\Settings\CmdServer
\EasyLauncher.exe
(Samsung Electronics CO., LTD.)
C:\Program Files (x86)\Samsung
\Settings\sSettings.exe
() C:\Program Files
(x86)\Samsung\Settings
\CmdServer
\EasySettingsCmdServer.exe
(O&O Software GmbH) C:\Program
Files\OO Software\Defrag
\oodag.exe
(Google Inc.) C:\Program Files
(x86)\Google\Update
\1.3.22.3\GoogleCrashHandler.exe
(Skype Technologies S.A.) C:
\ProgramData\Skype\Toolbars
\Skype C2C Service
\c2c_service.exe
(Google Inc.) C:\Program Files
(x86)\Google\Update
\1.3.22.3\GoogleCrashHandler64.e
xe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(Samsung Electronics CO., LTD.)
C:\Program Files (x86)\Samsung
\SW Update\SWMAgent.exe
(Atheros) C:\Program Files
(x86)\Bluetooth Suite
\Ath_CoexAgent.exe
(Microsoft Corporation) C:
\Windows\System32\wbem
\WmiPrvSE.exe
(Microsoft Corporation) C:
\Windows
\System32\SearchIndexer.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(Microsoft Corporation) C:
\Program Files\WindowsApps
\microsoft.windowscommunications
apps_16.4.4406.1205_x64__8wekyb3
d8bbwe\LiveComm.exe
(Microsoft Corporation) C:
\Windows\System32\svchost.exe
(Microsoft Corporation) C:
\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.)
C:\Program Files\Samsung\S
Agent\CommonAgent.exe
(Realtek Semiconductor) C:
\Program Files\Realtek\Audio
\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program
Files (x86)\Bluetooth Suite
\BtTray.exe
(Qualcomm Atheros Commnucations)
C:\Program Files (x86)\Bluetooth
Suite\BtvStack.exe
(Microsoft Corporation) C:
\Windows\System32\dllhost.exe
(O&O Software GmbH) C:\Program
Files\OO Software\Defrag
\oodtray.exe
() C:\Program Files
(x86)\Bluetooth Suite
\ActivateDesktop.exe
(Microsoft Corporation) C:
\Windows
\System32\RuntimeBroker.exe
(Siber Systems) C:\Program Files
(x86)\Siber Systems\AI RoboForm
\robotaskbaricon.exe
(McAfee, Inc.) C:\Program Files
\McAfee Security Scan
\3.8.130\SSScheduler.exe
(Adobe Systems Incorporated) C:
\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink) C:\Program Files
(x86)\CyberLink
\Power2Go8\CLMLSvc_P2G8.exe
(Sun Microsystems, Inc.) C:
\Program Files (x86)\Common
Files\Java\Java Update
\jusched.exe
(OpenOffice.org) C:\Program
Files (x86)\OpenOffice.org
3\program\soffice.exe
(AVAST Software) C:\Program
Files\AVAST Software\Avast
\AvastUI.exe
(Synaptics Incorporated) C:
\Program Files\Synaptics\SynTP
\SynTPHelper.exe
(OpenOffice.org) C:\Program
Files (x86)\OpenOffice.org
3\program\soffice.bin
(Microsoft Corporation) C:
\Program Files\Windows Media
Player\wmpnetwk.exe
(Advanced Micro Devices Inc.)
C:\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-
Static\MOM.exe
(ATI Technologies Inc.) C:
\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-
Static\CCC.exe
(Microsoft Corporation) C:
\Windows\System32\wbem
\WmiPrvSE.exe
() C:\Program Files\Samsung
\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:
\Windows\SysWOW64\WWAHost.exe
(TeamViewer GmbH) C:\Program
Files (x86)\TeamViewer
\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program
Files (x86)\TeamViewer
\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program
Files (x86)\TeamViewer
\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program
Files (x86)\TeamViewer
\Version9\tv_x64.exe
(Google Inc.) C:\Program Files
(x86)\Google\Chrome\Application
\chrome.exe
(Google Inc.) C:\Program Files
(x86)\Google\Chrome\Application
\chrome.exe
(Google Inc.) C:\Program Files
(x86)\Google\Chrome\Application
\chrome.exe
(Google Inc.) C:\Program Files
(x86)\Google\Chrome\Application
\chrome.exe
(Google Inc.) C:\Program Files
(x86)\Google\Chrome\Application
\chrome.exe
(Google Inc.) C:\Program Files
(x86)\Google\Chrome\Application
\chrome.exe
(Google Inc.) C:\Program Files
(x86)\Google\Chrome\Application
\chrome.exe
(TeamViewer GmbH) C:\Program
Files (x86)\TeamViewer
\Version9\TeamViewer_Desktop.exe
(Trend Micro Inc.) C:\Program
Files (x86)\Trend Micro
\HiJackThis\HiJackThis.exe
(Google Inc.) C:\Program Files
(x86)\Google\Chrome\Application
\chrome.exe
(Microsoft Corporation) C:
\Windows
\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:
\Windows
\System32\SearchFilterHost.exe
(Farbar) C:\Users\Karolínka
\Downloads\FRST64.exe
==================== Registry
(All)
===========================
HKLM\...\Run: [RtHDVCpl] - C:
\Program Files\Realtek\Audio
\HDA\RAVCpl64.exe [13191824
2012-08-10] (Realtek
Semiconductor)
HKLM\...\Run: [BtTray] - C:
\Program Files (x86)\Bluetooth
Suite\BtTray.exe [765056 2012-
09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:
\Program Files (x86)\Bluetooth
Suite\BtvStack.exe [127616 2012
-09-29] (Qualcomm Atheros
Commnucations)
HKLM\...\Run: [OODefragTray] -
C:\Program Files\OO Software
\Defrag\oodtray.exe [4449584
2013-10-01] (O&O Software GmbH)
HKLM-x32\...\Run: [StartCCC] -
C:\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-
Static\CLIStart.exe [642216
2012-09-12] (Advanced Micro
Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader
Speed Launcher] - C:\Program
Files (x86)\Adobe\Reader
10.0\Reader\reader_sl.exe [35736
2012-04-04] (Adobe Systems
Incorporated)
HKLM-x32\...\Run: [Adobe ARM] -
C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe
[843712 2012-04-04] (Adobe
Systems Incorporated)
HKLM-x32\...\Run:
[CLMLServer_For_P2G8] - C:
\Program Files (x86)\CyberLink
\Power2Go8\CLMLSvc_P2G8.exe
[111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run:
[CLVirtualDrive] - C:\Program
Files (x86)\CyberLink
\Power2Go8\VirtualDrive.exe
[491120 2012-07-12] (CyberLink
Corp.)
HKLM-x32\...\Run:
[SunJavaUpdateSched] - C:
\Program Files (x86)\Common
Files\Java\Java Update
\jusched.exe [248552 2010-05-14]
(Sun Microsystems, Inc.)
HKLM-x32\...\Run: [20131121] -
C:\Program Files\AVAST Software
\Avast\Setup\emupdate\2564c77a-
e422-435e-993b-1c310ecfb353.exe
[180184 2013-11-23] (AVAST
Software)
HKLM-x32\...\Run: [AvastUI.exe]
- C:\Program Files\AVAST
Software\Avast\AvastUI.exe
[3568312 2013-12-10] (AVAST
Software)
HKLM\...\Winlogon: [Userinit]
C:\Windows
\system32\userinit.exe, [25088
2012-07-26] (Microsoft
Corporation)
HKLM-x32\...\Winlogon:
[Userinit] C:\Windows
\sysWOW64\userinit.exe [21504
2012-07-26] (Microsoft
Corporation)
HKLM\...\Winlogon: [Shell]
explorer.exe [2391280 2013-06-
01] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell]
explorer.exe [2106176 2013-06-
01] (Microsoft Corporation)
HKLM\...\Policies\Explorer:
[ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer:
[NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer:
[NoActiveDesktop] 1
HKCU\...\Run: [AGupdate] - C:
\Program Files
(x86)\AppGraffiti\AGupdate.exe
[894048 2013-03-19] (Omega
Partners Ltd)
HKCU\...\Run: [RoboForm] - C:
\Program Files (x86)\Siber
Systems\AI RoboForm
\robotaskbaricon.exe [100200
2013-09-24] (Siber Systems)
MountPoints2: {10a42539-f6df-
11e2-bebe-b888e3fdfc31} - "E:
\USBAutoRun.exe"
MountPoints2: {da96b787-d921-
11e2-beae-b888e3fdfc31} - "E:
\AutoRun.exe" {D2D77DC2-8299-
11D1-8949-444553540000}
5.2066.1.A11B02 PID_0083
Lsa: [Authentication Packages]
msv1_0
Lsa: [Notification Packages]
scecli
Startup: C:\Users\Karolínka
\AppData\Roaming\Microsoft
\Windows\Start Menu\Programs
\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org
3.3.lnk -> C:\Program Files
(x86)\OpenOffice.org 3\program
\quickstart.exe ()
SSODL: WebCheck - {E6FB5E20-
DE35-11CF-9C87-00AA005127ED} -
No File
SSODL-x32: WebCheck - {E6FB5E20
-DE35-11CF-9C87-00AA005127ED} -
No File
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Internet
(Whitelisted)
====================
HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.msn.com/?
pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://samsung13.msn.comHKCU\Software\Microsoft\Internet
Explorer\Main,Search Bar =
http://www.google.com/ieHKCU\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL
=
http://www.google.com/ieHKLM\Software\Wow6432Node
\Microsoft\Internet Explorer
\Main,Start Page =
http://www.bigseekpro.com/xilisoftdownloadyoutube/{775170B6-
7815-46E5-AB58-6ECA20374498}
URLSearchHook: HKCU -
ToolbarURLSearchHook Class -
{CA3EB689-8F09-4026-AA10-
B9534C691CE0} - C:\Program Files
(x86)\Xilisoft Download Youtube
Toolbar\tbhelper.dll ()
SearchScopes: HKLM -
DefaultScope {E976B841-FADA-
4515-A968-5BC1164DCB0C} URL =
http://www.bing.com/search?q={searchTerms}
&form=IE10TR&src=IE10TR&pc=MASMJ
S
SearchScopes: HKLM - {E976B841-
FADA-4515-A968-5BC1164DCB0C} URL
=
http://www.bing.com/search?q={searchTerms}
&form=IE10TR&src=IE10TR&pc=MASMJ
S
SearchScopes: HKLM-x32 -
DefaultScope {E976B841-FADA-
4515-A968-5BC1164DCB0C} URL =
http://www.bing.com/search?q={searchTerms}
&form=IE10TR&src=IE10TR&pc=MASMJ
S
SearchScopes: HKLM-x32 -
{E976B841-FADA-4515-A968-
5BC1164DCB0C} URL =
http://www.bing.com/search?q={searchTerms}
&form=IE10TR&src=IE10TR&pc=MASMJ
S
SearchScopes: HKCU -
DefaultScope {E976B841-FADA-
4515-A968-5BC1164DCB0C} URL =
SearchScopes: HKCU -
ToolbarSearchProviderProgress
{96bd48dd-741b-41ae-ac4a-
aff96ba00f7e}
SearchScopes: HKCU - {6A1806CD-
94D4-4689-BA73-E35EA1EA9990} URL
=
http://www.google.com/search?
q={sear
SearchScopes: HKCU - {96bd48dd-
741b-41ae-ac4a-aff96ba00f7e} URL
=
http://www.bigseekpro.com/search/browser/xilisoftdownloadyoutube
/{775170B6-7815-46E5-AB58-
6ECA20374498}?q={searchTerms}
SearchScopes: HKCU - {E976B841-
FADA-4515-A968-5BC1164DCB0C} URL
=
BHO: avast! Online Security -
{318A227B-5E9F-45bd-8999-
7F8F10CA4CF5} - C:\Program
Files\AVAST Software\Avast
\aswWebRepIE64.dll (AVAST
Software)
BHO: avast! EasyPass Toolbar
Helper - {724d43a9-0d85-11d4-
9908-00400523e39a} - C:\Program
Files (x86)\Siber Systems\AI
RoboForm\roboform-x64.dll (AVAST
Software)
BHO: CIESpeechBHO Class -
{8D10F6C4-0E01-4BD4-8601-
11AC1FDF8126} - C:\Program Files
(x86)\Bluetooth Suite
\IEPlugIn.dll (Qualcomm Atheros
Commnucations)
BHO: Skype add-on for Internet
Explorer - {AE805869-2E5C-4ED4-
8F7B-F1F7851A4497} - C:\Program
Files (x86)\Skype\Toolbars
\Internet Explorer
x64\skypeieplugin.dll (Skype
Technologies S.A.)
BHO-x32: MSS+ Identifier -
{0E8A89AD-95D7-40EB-8D9D-
083EF7066A01} - C:\Program
Files\McAfee Security Scan
\3.8.130\McAfeeMSS_IE.dll
(McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -
{18DF081C-E8AD-4283-A596-
FA578C2EBDC3} - C:\Program Files
(x86)\Common Files\Adobe
\Acrobat\ActiveX
\AcroIEHelperShim.dll (Adobe
Systems Incorporated)
BHO-x32: AppGraffiti -
{6F6A5334-78E9-4D9B-8182-
8B41EA8C39EF} - C:\Program Files
(x86)\AppGraffiti
\AppGraffiti.dll (Omega Partners
Ltd)
BHO-x32: avast! EasyPass Toolbar
Helper - {724d43a9-0d85-11d4-
9908-00400523e39a} - C:\Program
Files (x86)\Siber Systems\AI
RoboForm\roboform.dll (AVAST
Software)
BHO-x32: avast! Online Security
- {8E5E2654-AD2D-48bf-AC2D-
D17F00898D06} - C:\Program
Files\AVAST Software\Avast
\aswWebRepIE.dll (AVAST
Software)
BHO-x32: Skype Browser Helper -
{AE805869-2E5C-4ED4-8F7B-
F1F7851A4497} - C:\Program Files
(x86)\Skype\Toolbars\Internet
Explorer\skypeieplugin.dll
(Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV
Helper - {DBC80044-A445-435b-
BC74-9C25C1C588A9} - C:\Program
Files (x86)\Java\jre6\bin
\jp2ssv.dll (Sun Microsystems,
Inc.)
BHO-x32: SMTTB2009 Class -
{FCBCCB87-9224-4B8D-B117-
F56D924BEB18} - C:\Program Files
(x86)\Xilisoft Download Youtube
Toolbar\tbcore3.dll ()
Toolbar: HKLM - avast! EasyPass
Toolbar - {724d43a0-0d85-11d4-
9908-00400523e39a} - C:\Program
Files (x86)\Siber Systems\AI
RoboForm\roboform-x64.dll (AVAST
Software)
Toolbar: HKLM - avast! Online
Security - {318A227B-5E9F-45bd-
8999-7F8F10CA4CF5} - C:\Program
Files\AVAST Software\Avast
\aswWebRepIE64.dll (AVAST
Software)
Toolbar: HKLM-x32 - Xilisoft
Download Youtube Toolbar -
{338B4DFE-2E2C-4338-9E41-
E176D497299E} - C:\Program Files
(x86)\Xilisoft Download Youtube
Toolbar\tbcore3.dll ()
Toolbar: HKLM-x32 - avast!
EasyPass Toolbar - {724d43a0-
0d85-11d4-9908-00400523e39a} -
C:\Program Files (x86)\Siber
Systems\AI RoboForm\roboform.dll
(AVAST Software)
Toolbar: HKLM-x32 - avast!
Online Security - {8E5E2654-
AD2D-48bf-AC2D-D17F00898D06} -
C:\Program Files\AVAST Software
\Avast\aswWebRepIE.dll (AVAST
Software)
Toolbar: HKCU - No Name -
{338B4DFE-2E2C-4338-9E41-
E176D497299E} - No File
Toolbar: HKCU - avast! EasyPass
Toolbar - {724D43A0-0D85-11D4-
9908-00400523E39A} - C:\Program
Files (x86)\Siber Systems\AI
RoboForm\roboform-x64.dll (AVAST
Software)
Handler: skype-ie-addon-data -
{91774881-D725-4E58-B298-
07617B9B86A8} - C:\Program Files
(x86)\Skype\Toolbars\Internet
Explorer x64\skypeieplugin.dll
(Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data
- {91774881-D725-4E58-B298-
07617B9B86A8} - C:\Program Files
(x86)\Skype\Toolbars\Internet
Explorer\skypeieplugin.dll
(Skype Technologies S.A.)
Tcpip\Parameters:
[DhcpNameServer] 10.0.0.138
Chrome:
=======
CHR HomePage:
hxxp://www.msn.com/?
pc=UP97&ocid=UP97DHP
CHR RestoreOnStartup:
"hxxp://www.google.cz/",
"https://www.facebook.com/?
ref=logo",
"hxxp://www.youtube.com/",
"hxxp://youradio.koule.cz/playin
g"
CHR Plugin: (Shockwave Flash) -
C:\Program Files (x86)\Google
\Chrome\Application
\31.0.1650.63\PepperFlash
\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote
Desktop Viewer) - internal-
remoting-viewer
CHR Plugin: (Native Client) -
C:\Program Files (x86)\Google
\Chrome\Application
\31.0.1650.63\ppGoogleNaClPlugin
Chrome.dll ()
CHR Plugin: (Chrome PDF Viewer)
- C:\Program Files (x86)\Google
\Chrome\Application
\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) -
C:\Program Files (x86)\Adobe
\Reader 10.0\Reader\Browser
\nppdf32.dll (Adobe Systems
Inc.)
CHR Plugin: (Java Deployment
Toolkit 6.0.220.4) - C:\Program
Files (x86)\Java\jre6\bin
\new_plugin\npdeployJava1.dll
(Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform
SE 6 U22) - C:\Program Files
(x86)\Java\jre6\bin\new_plugin
\npjp2.dll (Sun Microsystems,
Inc.)
CHR Plugin: (Picasa) - C:
\Program Files (x86)\Google
\Picasa3\npPicasa3.dll (Google,
Inc.)
CHR Plugin: (Google Update) -
C:\Program Files (x86)\Google
\Update
\1.3.21.135\npGoogleUpdate3.dll
No File
CHR Plugin: (Photo Gallery) -
C:\Program Files (x86)\Windows
Live\Photo Gallery\NPWLPG.dll
(Microsoft Corporation)
CHR Extension: (Google Docs) -
C:\Users\Karolínka\AppData
\Local\Google\Chrome\User Data
\Default\Extensions
\aohghmighlieiainnegkcijnfilokak
e\0.5_0
CHR Extension: (Google Drive) -
C:\Users\Karolínka\AppData
\Local\Google\Chrome\User Data
\Default\Extensions
\apdfllckaahabafndbhieahigkjlhal
f\6.3_0
CHR Extension: (YouTube) - C:
\Users\Karolínka\AppData\Local
\Google\Chrome\User Data
\Default\Extensions
\blpcfgokakmgnkcojhhkbfbldkacnbe
o\4.2.6_0
CHR Extension: (Tetris) - C:
\Users\Karolínka\AppData\Local
\Google\Chrome\User Data
\Default\Extensions
\cfpkpcnigdggonhlcmbekffepnaflof
k\13.2334.9140_0
CHR Extension: (Google Search) -
C:\Users\Karolínka\AppData
\Local\Google\Chrome\User Data
\Default\Extensions
\coobgpohoikkiipiblmjeljniedjpjp
f\0.0.0.20_0
CHR Extension: (BS Player
ControlBar) - C:\Users
\Karolínka\AppData\Local\Google
\Chrome\User Data\Default
\Extensions
\edfohacdfdemjkeejihknkmjkabndgk
g\10.24.3.503_0
CHR Extension: (3D Bowling ) -
C:\Users\Karolínka\AppData
\Local\Google\Chrome\User Data
\Default\Extensions
\gemohgpikgjbgmdfbfjdailocichgbj
m\2.0_0
CHR Extension: (AdBlock) - C:
\Users\Karolínka\AppData\Local
\Google\Chrome\User Data
\Default\Extensions
\gighmmpiobklfepjocnamgkkbiglido
m\2.6.16_0
CHR Extension: (Skype Click to
Call) - C:\Users\Karolínka
\AppData\Local\Google\Chrome
\User Data\Default\Extensions
\lifbcibllhkdhoafpjfnlhfpfgnpldf
l\6.13.0.13771_0
CHR Extension: (Google Wallet) -
C:\Users\Karolínka\AppData
\Local\Google\Chrome\User Data
\Default\Extensions
\nmmhkkegccagdldgiimedpiccmgmied
a\0.0.6.0_0
CHR Extension: (Tetris 3D) - C:
\Users\Karolínka\AppData\Local
\Google\Chrome\User Data
\Default\Extensions
\pdkeccfoknbfheljdlnicdlbflmfkdp
m\1.1_0
CHR Extension: (Gmail) - C:
\Users\Karolínka\AppData\Local
\Google\Chrome\User Data
\Default\Extensions
\pjkljhegncpnkpknbcohdijeoejaedi
a\7_0
CHR HKLM-x32\...\Chrome
\Extension:
[edfohacdfdemjkeejihknkmjkabndgk
g] - C:\Users\Karolínka\AppData
\Local\CRE
\edfohacdfdemjkeejihknkmjkabndgk
g.crx
CHR HKLM-x32\...\Chrome
\Extension:
[lifbcibllhkdhoafpjfnlhfpfgnpldf
l] - C:\Program Files
(x86)\Skype\Toolbars\Skype for
Chromium
\skype_chrome_extension.crx
==================== Services
(Whitelisted) =================
R2 AtherosSvc; C:\Program Files
(x86)\Bluetooth Suite
\adminservice.exe [220288 2012-
09-29] (Qualcomm Atheros
Commnucations)
R2 avast! Antivirus; C:\Program
Files\AVAST Software\Avast
\AvastSvc.exe [50344 2013-12-10]
(AVAST Software)
R2 Easy Launcher; C:\Program
Files (x86)\Samsung\Settings
\CmdServer\EasyLauncher.exe
[1593976 2012-09-05] (Samsung
Electronics CO., LTD.)
S3 McComponentHostService; C:
\Program Files\McAfee Security
Scan\3.8.130\McCHSvc.exe [288776
2013-09-06] (McAfee, Inc.)
R2 OODefragAgent; C:\Program
Files\OO Software\Defrag
\oodag.exe [1634096 2013-10-01]
(O&O Software GmbH)
R2 SWUpdateService; C:\Program
Files (x86)\Samsung\SW Update
\SWMAgent.exe [2912304 2013-03-
14] (Samsung Electronics CO.,
LTD.)
S3 WinDefend; C:\Program Files
\Windows Defender\MsMpEng.exe
[16048 2013-07-02] (Microsoft
Corporation)
R2 ZAtheros Bt and Wlan Coex
Agent; C:\Program Files
(x86)\Bluetooth Suite
\Ath_CoexAgent.exe [323584 2012
-09-29] (Atheros)
==================== Drivers
(Whitelisted)
====================
R0 amdkmpfd; C:\Windows
\System32\drivers\amdkmpfd.sys
[35496 2012-07-09] (Advanced
Micro Devices, Inc.)
R2 APXACC; C:\Windows
\system32\DRIVERS\appexDrv.sys
[199008 2012-06-22] (AppEx
Networks Corporation)
R2 aswFsBlk; C:\windows
\system32\drivers\aswFsBlk.sys
[38984 2013-12-10] (AVAST
Software)
R2 aswMonFlt; C:\windows
\system32\drivers\aswMonFlt.sys
[84328 2013-12-10] (AVAST
Software)
R1 aswRdr; C:\windows
\system32\drivers\aswRdr2.sys
[92544 2013-12-10] (AVAST
Software)
R0 aswRvrt; C:\Windows
\System32\Drivers\aswRvrt.sys
[65776 2013-12-10] ()
R1 aswSnx; C:\windows
\system32\drivers\aswSnx.sys
[1032416 2013-12-10] (AVAST
Software)
R1 aswSP; C:\windows
\system32\drivers\aswSP.sys
[409832 2013-12-10] (AVAST
Software)
R0 aswVmm; C:\Windows
\System32\Drivers\aswVmm.sys
[205320 2013-12-10] ()
R3 AtiHDAudioService; C:
\Windows\system32\drivers
\AtihdW86.sys [91648 2012-08-21]
(Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows
\system32\DRIVERS
\btath_lwflt.sys [76952 2012-09
-29] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows
\system32\DRIVERS\BthLEEnum.sys
[202752 2012-07-26] (Microsoft
Corporation)
R1 CLVirtualDrive; C:\Windows
\system32\DRIVERS
\CLVirtualDrive.sys [92536 2012
-06-25] (CyberLink)
R3 RadioHIDMini; C:\Windows
\System32\drivers
\RadioHIDMini.sys [23408 2012-
07-27] (Windows (R) Win 7 DDK
provider)
==================== NetSvcs
(Whitelisted)
===================
==================== One Month
Created Files and Folders
========
2013-12-27 20:30 - 2013-12-27
20:30 - 00020541 _____ C:\Users
\Karolínka\Downloads\FRST.txt
2013-12-27 20:30 - 2013-12-27
20:30 - 00000000 ____D C:\FRST
2013-12-27 20:29 - 2013-12-27
20:29 - 01930746 _____ (Farbar)
C:\Users\Karolínka\Downloads
\FRST64.exe
2013-12-27 17:32 - 2013-12-27
19:58 - 00309199 _____ C:
\windows\WindowsUpdate.log
2013-12-27 15:04 - 2013-12-27
15:04 - 00001176 _____ C:\Users
\Public\Desktop\TeamViewer 9.lnk
2013-12-27 15:04 - 2013-12-27
15:04 - 00000000 ____D C:
\Program Files (x86)\TeamViewer
2013-12-27 15:02 - 2013-12-27
15:02 - 06076392 _____
(TeamViewer GmbH) C:\Users
\Karolínka\Downloads
\TeamViewer_Setup_cs.exe
2013-12-27 13:22 - 2013-12-27
13:22 - 00000000 ____D C:\Users
\Karolínka\AppData\Roaming\AVAST
Software
2013-12-27 10:51 - 2013-12-27
10:51 - 00000000 ____D C:
\windows\system32\oodag
2013-12-27 09:39 - 2013-12-27
09:39 - 00000000 ____D C:\Users
\Karolínka\AppData\Local\O&O
2013-12-27 09:37 - 2013-12-27
09:37 - 00002527 _____ C:\Users
\Public\Desktop\O&O Defrag.lnk
2013-12-27 09:37 - 2013-12-27
09:37 - 00000000 ____D C:
\Program Files\OO Software
2013-12-27 09:36 - 2013-12-27
09:36 - 00000000 ____D C:
\ProgramData\OO Software
2013-12-27 09:34 - 2013-12-27
09:34 - 50291973 _____ C:\Users
\Karolínka\Downloads\O&O Defrag
17.0.422.0 PRO_x64_x32_CZ.rar
2013-12-26 22:20 - 2013-12-26
22:20 - 00001191 _____ C:\Users
\Karolínka\Desktop\AIDA64
Extreme.lnk
2013-12-26 22:20 - 2013-12-26
22:20 - 00000000 ____D C:
\Program Files (x86)\FinalWire
2013-12-26 22:19 - 2013-12-26
22:20 - 15746096 _____
(FinalWire Ltd.
)
C:\Users\Karolínka\Downloads
\aida64extreme400.exe
2013-12-26 22:09 - 2013-12-26
22:10 - 00000000 ____D C:
\Program Files (x86)\SpeedFan
2013-12-26 22:09 - 2013-12-26
22:09 - 00001017 _____ C:\Users
\Karolínka\Desktop\SpeedFan.lnk
2013-12-26 22:09 - 2013-12-26
22:09 - 00000045 _____ C:
\windows\SysWOW64\initdebug.nfo
2013-12-26 22:09 - 2013-12-26
22:09 - 00000000 ____D C:\Users
\Karolínka\AppData\Roaming
\Microsoft\Windows\Start Menu
\Programs\SpeedFan
2013-12-26 22:08 - 2013-12-26
22:08 - 02143832 _____ C:\Users
\Karolínka\Downloads
\instsf449.exe
2013-12-26 19:38 - 2013-12-26
19:38 - 00000934 _____ C:\Users
\Public\Desktop\CPUID
HWMonitor.lnk
2013-12-26 19:38 - 2013-12-26
19:38 - 00000000 ____D C:
\Program Files\CPUID
2013-12-26 19:37 - 2013-12-26
19:37 - 01126296 _____ (
) C:\Users
\Karolínka\Downloads
\hwmonitor_1.24-setup.exe
2013-12-26 11:14 - 2013-12-26
11:14 - 00003037 _____ C:\Users
\Karolínka\Desktop
\HiJackThis.lnk
2013-12-26 11:14 - 2013-12-26
11:14 - 00000000 ____D C:\Users
\Karolínka\AppData\Roaming
\Microsoft\Windows\Start Menu
\Programs\HiJackThis
2013-12-26 11:14 - 2013-12-26
11:14 - 00000000 ____D C:
\Program Files (x86)\Trend Micro
2013-12-26 11:13 - 2013-12-26
11:13 - 01402880 _____ C:\Users
\Karolínka\Downloads
\HiJackThis.msi
2013-12-25 11:47 - 2013-12-25
11:53 - 819595650 _____ C:
\Users\Karolínka\Downloads\Sam
doma 3.avi
2013-12-23 21:22 - 2013-12-23
23:23 - 1154449409 _____ C:
\Users\Karolínka\Downloads
\Paranormal-Activity-3-CZ-
Titulky.avi
2013-12-10 18:02 - 2013-12-10
18:02 - 00001976 _____ C:\Users
\Public\Desktop\avast! Free
Antivirus.lnk
2013-12-10 18:01 - 2013-12-10
18:01 - 00043152 _____ (AVAST
Software) C:\windows\avastSS.scr
2013-12-08 20:28 - 2013-12-08
20:50 - 00000000 ____D C:\Users
\Karolínka\Desktop\Doplňkový
sešit Německy s úsměvem
2013-11-30 17:24 - 2013-11-30
20:02 - 1412756516 _____ C:
\Users\Karolínka\Downloads
\Šmoulové-2.-CZ-2013-Novinky.avi
==================== One Month
Modified Files and Folders
=======
2013-12-27 20:30 - 2013-12-27
20:30 - 00020541 _____ C:\Users
\Karolínka\Downloads\FRST.txt
2013-12-27 20:30 - 2013-12-27
20:30 - 00000000 ____D C:\FRST
2013-12-27 20:29 - 2013-12-27
20:29 - 01930746 _____ (Farbar)
C:\Users\Karolínka\Downloads
\FRST64.exe
2013-12-27 20:16 - 2013-03-27
22:43 - 00000914 _____ C:
\windows\Tasks\Adobe Flash
Player Updater.job
2013-12-27 19:58 - 2013-12-27
17:32 - 00309199 _____ C:
\windows\WindowsUpdate.log
2013-12-27 19:45 - 2013-03-27
16:25 - 00000980 _____ C:
\windows\Tasks
\GoogleUpdateTaskMachineUA.job
2013-12-27 19:00 - 2012-07-26
09:12 - 00000000 ____D C:
\windows\system32\sru
2013-12-27 17:19 - 2013-03-21
11:38 - 01196032 ___SH C:\Users
\Karolínka\Desktop\Thumbs.db
2013-12-27 17:12 - 2013-05-16
20:28 - 00000000 ___HD C:\Users
\Karolínka\Desktop
\.picasaoriginals
2013-12-27 16:45 - 2013-03-27
16:25 - 00000976 _____ C:
\windows\Tasks
\GoogleUpdateTaskMachineCore.job
2013-12-27 16:44 - 2012-10-22
19:06 - 07705984 _____ C:
\windows\system32\perfh005.dat
2013-12-27 16:44 - 2012-10-22
19:06 - 02333966 _____ C:
\windows\system32\perfc005.dat
2013-12-27 16:44 - 2012-07-26
08:28 - 00848272 _____ C:
\windows
\system32\PerfStringBackup.INI
2013-12-27 15:42 - 2013-03-06
17:58 - 00000000 ____D C:\Users
\Karolínka\AppData\Local
\CrashDumps
2013-12-27 15:04 - 2013-12-27
15:04 - 00001176 _____ C:\Users
\Public\Desktop\TeamViewer 9.lnk
2013-12-27 15:04 - 2013-12-27
15:04 - 00000000 ____D C:
\Program Files (x86)\TeamViewer
2013-12-27 15:02 - 2013-12-27
15:02 - 06076392 _____
(TeamViewer GmbH) C:\Users
\Karolínka\Downloads
\TeamViewer_Setup_cs.exe
2013-12-27 13:28 - 2012-10-22
04:23 - 00000000 ____D C:
\ProgramData\WinClon
2013-12-27 13:23 - 2013-09-24
15:15 - 00004182 _____ C:
\windows\System32\Tasks\avast!
Emergency Update
2013-12-27 13:22 - 2013-12-27
13:22 - 00000000 ____D C:\Users
\Karolínka\AppData\Roaming\AVAST
Software
2013-12-27 13:18 - 2012-07-26
08:22 - 00000006 ____H C:
\windows\Tasks\SA.DAT
2013-12-27 11:14 - 2012-07-26
06:26 - 00524288 ___SH C:
\windows\system32\config\BBI
2013-12-27 10:51 - 2013-12-27
10:51 - 00000000 ____D C:
\windows\system32\oodag
2013-12-27 09:45 - 2013-03-06
17:57 - 00000000 ____D C:\Users
\Karolínka\AppData\Local
\VirtualStore
2013-12-27 09:39 - 2013-12-27
09:39 - 00000000 ____D C:\Users
\Karolínka\AppData\Local\O&O
2013-12-27 09:37 - 2013-12-27
09:37 - 00002527 _____ C:\Users
\Public\Desktop\O&O Defrag.lnk
2013-12-27 09:37 - 2013-12-27
09:37 - 00000000 ____D C:
\Program Files\OO Software
2013-12-27 09:36 - 2013-12-27
09:36 - 00000000 ____D C:
\ProgramData\OO Software
2013-12-27 09:34 - 2013-12-27
09:34 - 50291973 _____ C:\Users
\Karolínka\Downloads\O&O Defrag
17.0.422.0 PRO_x64_x32_CZ.rar
2013-12-26 22:20 - 2013-12-26
22:20 - 00001191 _____ C:\Users
\Karolínka\Desktop\AIDA64
Extreme.lnk
2013-12-26 22:20 - 2013-12-26
22:20 - 00000000 ____D C:
\Program Files (x86)\FinalWire
2013-12-26 22:20 - 2013-12-26
22:19 - 15746096 _____
(FinalWire Ltd.
)
C:\Users\Karolínka\Downloads
\aida64extreme400.exe
2013-12-26 22:16 - 2013-03-11
18:51 - 03175936 ___SH C:\Users
\Karolínka\Downloads\Thumbs.db
2013-12-26 22:10 - 2013-12-26
22:09 - 00000000 ____D C:
\Program Files (x86)\SpeedFan
2013-12-26 22:09 - 2013-12-26
22:09 - 00001017 _____ C:\Users
\Karolínka\Desktop\SpeedFan.lnk
2013-12-26 22:09 - 2013-12-26
22:09 - 00000045 _____ C:
\windows\SysWOW64\initdebug.nfo
2013-12-26 22:09 - 2013-12-26
22:09 - 00000000 ____D C:\Users
\Karolínka\AppData\Roaming
\Microsoft\Windows\Start Menu
\Programs\SpeedFan
2013-12-26 22:08 - 2013-12-26
22:08 - 02143832 _____ C:\Users
\Karolínka\Downloads
\instsf449.exe
2013-12-26 19:38 - 2013-12-26
19:38 - 00000934 _____ C:\Users
\Public\Desktop\CPUID
HWMonitor.lnk
2013-12-26 19:38 - 2013-12-26
19:38 - 00000000 ____D C:
\Program Files\CPUID
2013-12-26 19:37 - 2013-12-26
19:37 - 01126296 _____ (
) C:\Users
\Karolínka\Downloads
\hwmonitor_1.24-setup.exe
2013-12-26 17:34 - 2012-07-26
09:12 - 00000000 ____D C:
\windows\AUInstallAgent
2013-12-26 11:14 - 2013-12-26
11:14 - 00003037 _____ C:\Users
\Karolínka\Desktop
\HiJackThis.lnk
2013-12-26 11:14 - 2013-12-26
11:14 - 00000000 ____D C:\Users
\Karolínka\AppData\Roaming
\Microsoft\Windows\Start Menu
\Programs\HiJackThis
2013-12-26 11:14 - 2013-12-26
11:14 - 00000000 ____D C:
\Program Files (x86)\Trend Micro
2013-12-26 11:13 - 2013-12-26
11:13 - 01402880 _____ C:\Users
\Karolínka\Downloads
\HiJackThis.msi
2013-12-25 11:53 - 2013-12-25
11:47 - 819595650 _____ C:
\Users\Karolínka\Downloads\Sam
doma 3.avi
2013-12-23 23:23 - 2013-12-23
21:22 - 1154449409 _____ C:
\Users\Karolínka\Downloads
\Paranormal-Activity-3-CZ-
Titulky.avi
2013-12-14 23:02 - 2013-03-06
19:05 - 00003596 _____ C:
\windows\System32\Tasks\Optimize
Start Menu Cache Files-S-1-5-21
-942830842-3031922351-737849507
-1001
2013-12-11 22:09 - 2013-10-05
15:56 - 00000000 ___RD C:\Users
\Karolínka\Downloads
\Microsoft.SkypeApp_kzf8qxf38zg5
c!App
2013-12-10 20:16 - 2013-03-27
22:43 - 00003802 _____ C:
\windows\System32\Tasks\Adobe
Flash Player Updater
2013-12-10 18:02 - 2013-12-10
18:02 - 00001976 _____ C:\Users
\Public\Desktop\avast! Free
Antivirus.lnk
2013-12-10 18:01 - 2013-12-10
18:01 - 00043152 _____ (AVAST
Software) C:\windows\avastSS.scr
2013-12-10 18:01 - 2013-09-24
15:15 - 01032416 _____ (AVAST
Software) C:\windows
\system32\Drivers\aswSnx.sys
2013-12-10 18:01 - 2013-09-24
15:15 - 00409832 _____ (AVAST
Software) C:\windows
\system32\Drivers\aswSP.sys
2013-12-10 18:01 - 2013-09-24
15:15 - 00334648 _____ (AVAST
Software) C:\windows
\system32\aswBoot.exe
2013-12-10 18:01 - 2013-09-24
15:15 - 00205320 _____ C:
\windows\system32\Drivers
\aswVmm.sys
2013-12-10 18:01 - 2013-09-24
15:15 - 00092544 _____ (AVAST
Software) C:\windows
\system32\Drivers\aswRdr2.sys
2013-12-10 18:01 - 2013-09-24
15:15 - 00084328 _____ (AVAST
Software) C:\windows
\system32\Drivers\aswMonFlt.sys
2013-12-10 18:01 - 2013-09-24
15:15 - 00065776 _____ C:
\windows\system32\Drivers
\aswRvrt.sys
2013-12-10 18:01 - 2013-09-24
15:15 - 00038984 _____ (AVAST
Software) C:\windows
\system32\Drivers\aswFsBlk.sys
2013-12-10 17:58 - 2013-09-24
15:10 - 00000000 ____D C:
\ProgramData\AVAST Software
2013-12-10 17:57 - 2013-09-24
15:15 - 00000000 _____ C:
\windows\SysWOW64\config.nt
2013-12-08 20:50 - 2013-12-08
20:28 - 00000000 ____D C:\Users
\Karolínka\Desktop\Doplňkový
sešit Německy s úsměvem
2013-12-06 09:52 - 2013-03-27
16:26 - 00002195 _____ C:\Users
\Public\Desktop\Google
Chrome.lnk
2013-12-04 16:40 - 2013-03-27
16:25 - 00003952 _____ C:
\windows\System32\Tasks
\GoogleUpdateTaskMachineUA
2013-12-04 16:40 - 2013-03-27
16:25 - 00003716 _____ C:
\windows\System32\Tasks
\GoogleUpdateTaskMachineCore
2013-12-01 11:55 - 2013-08-23
21:24 - 00000000 ____D C:
\Program Files (x86)\AppGraffiti
2013-11-30 20:02 - 2013-11-30
17:24 - 1412756516 _____ C:
\Users\Karolínka\Downloads
\Šmoulové-2.-CZ-2013-Novinky.avi
Files to move or delete:
====================
C:\ProgramData
\MakeMarkerFile.exe
C:\Users\EasySurvey
\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Karolínka\AppData
\Local\Temp\sfamcc00001.dll
==================== Bamital &
volsnap Check =================
C:\Windows\System32\winlogon.exe
=> MD5 is legit
C:\Windows\System32\wininit.exe
=> MD5 is legit
C:\Windows\explorer.exe => MD5
is legit
C:\Windows\SysWOW64\explorer.exe
=> MD5 is legit
C:\Windows\System32\svchost.exe
=> MD5 is legit
C:\Windows\SysWOW64\svchost.exe
=> MD5 is legit
C:\Windows\System32\services.exe
=> MD5 is legit
C:\Windows\System32\User32.dll
=> MD5 is legit
C:\Windows\SysWOW64\User32.dll
=> MD5 is legit
C:\Windows\System32\userinit.exe
=> MD5 is legit
C:\Windows\SysWOW64\userinit.exe
=> MD5 is legit
C:\Windows\System32\Drivers
\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-20 17:38
==================== End Of Log
============================
Zatím děkuji.
Obrázek je platný, ilustrační a nejen pro Vistu. Nesmí se to ale spouštět přes zástupce, ale musí se kliknout na spustitelný soubor!