prosím o kontrolu logu Vyřešeno

[KamilaS]

RogueKiller V10.5.0.0 [Mar 2 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : PaKSzabovy [Práva správce]
Mód : Smazat -- Datum : 03/04/2015 11:23:18

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 5 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme -> ERROR [2]
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme -> ERROR [2]
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\catchme -> ERROR [2]
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-2921485920-836263657-3417334645-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-2921485920-836263657-3417334645-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 2 (Driver: Nahrán) ¤¤¤
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWindowsHookEx[585] : Unknown @ 0x91a88ace
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWinEventHook[588] : Unknown @ 0x91a88ad3

¤¤¤ Webové prohlížeče : 3 ¤¤¤
[FIREFX:Addon] 1slyw161.default : BlockSite [{dd3d7613-0246-469d-bc65-2a3cc1668adc}] -> Smazáno
[FIREFX:Addon] 1slyw161.default : Avira Browser Safety [abs@avira.com] -> Smazáno
[PUM.HomePage][FIREFX:Config] 1slyw161.default : user_pref("browser.startup.homepage", "http://wol.jw.org/cs/wol/dt/r29/lp-b/2015/3/3"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EALX-009BA0 SCSI Disk Device +++++
--- User ---
[MBR] 147f7eb657cb54d1a4cb019dcbdc3d4a
[BSP] da6ca8bfc332d8b697f854e6bb8b6f7c : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([18] Program vydal p?íkaz, délka p?íkazu je v?ak nesprávná. )

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_DEL_08262014_100707.log - RKreport_DEL_08262014_173250.log - RKreport_DEL_08272014_101858.log - RKreport_DEL_11122014_203433.log
RKreport_SCN_03022015_144424.log - RKreport_SCN_08252014_192430.log - RKreport_SCN_08262014_100626.log - RKreport_SCN_08262014_172517.log
RKreport_SCN_08262014_173244.log - RKreport_SCN_08272014_101519.log - RKreport_SCN_11122014_173605.log - RKreport_SCN_11122014_203330.log
RKreport_SCN_03042015_112157.log - RKreport_DEL_03042015_112304.log

[Reklama]

[KamilaS]

ComboFix 15-03-01.01 - PaKSzabovy 04.03.2015 11:26:36.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3319.1620 [GMT 1:00]
Spuštěný z: c:\users\PaKSzabovy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PaKSzabovy\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\users\PAKSZA~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\PaKSzabovy\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-04 do 2015-03-04 )))))))))))))))))))))))))))))))
.
.
2015-03-04 10:31 . 2015-03-04 10:34 -------- d-----w- c:\users\PaKSzabovy\AppData\Local\temp
2015-03-04 10:31 . 2015-03-04 10:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-03 20:58 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2015-03-03 20:58 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2015-03-03 20:58 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2015-03-02 14:33 . 2015-03-02 14:32 37384 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-03-02 14:32 . 2015-03-02 14:32 -------- d-----w- c:\users\PaKSzabovy\AppData\Roaming\Avira
2015-03-02 14:30 . 2014-11-24 09:23 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2015-03-02 14:30 . 2014-11-24 09:23 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-03-02 14:30 . 2014-11-24 09:23 98160 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-03-02 14:30 . 2015-03-02 14:30 -------- d-----w- c:\windows\Avira
2015-03-02 14:22 . 2015-03-02 14:22 -------- d-----w- c:\programdata\Package Cache
2015-03-02 13:59 . 2015-03-02 13:47 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-02 13:47 . 2015-03-02 13:57 -------- d-----w- C:\zoek_backup
2015-02-26 07:22 . 2015-02-26 07:23 -------- d-----w- C:\AdwCleaner
2015-02-24 11:53 . 2015-02-25 09:22 -------- d-----w- c:\program files\Mozilla Maintenance Service
2015-02-22 17:31 . 2015-02-22 17:56 -------- d-----w- c:\users\PaKSzabovy\AppData\Roaming\Audacity
2015-02-19 17:04 . 2015-02-19 17:04 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2015-02-18 16:30 . 2015-02-18 16:30 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2015-02-18 16:30 . 2015-02-18 16:30 -------- d-----w- c:\program files\My Company Name
2015-02-18 16:30 . 2015-02-18 16:30 -------- d-----w- c:\program files\Common Files\Adobe AIR
2015-02-18 09:28 . 2015-02-18 09:28 -------- d-----r- c:\users\PaKSzabovy\Creative Cloud Files
2015-02-12 16:15 . 2015-01-23 03:43 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-12 16:15 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 08:37 . 2015-01-12 01:36 817664 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-02-11 08:37 . 2015-01-12 02:16 10948096 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-02-11 08:37 . 2015-01-12 02:08 503296 ----a-w- c:\windows\system32\vbscript.dll
2015-02-11 08:37 . 2014-12-12 05:07 1174528 ----a-w- c:\windows\system32\crypt32.dll
2015-02-11 08:37 . 2015-01-13 02:49 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-11 08:37 . 2014-12-08 02:46 308224 ----a-w- c:\windows\system32\scesrv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-04 10:18 . 2014-08-25 17:20 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-02-05 14:33 . 2014-08-12 10:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 14:33 . 2014-08-12 10:26 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-08 08:55 . 2014-08-12 07:25 249488 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 02:43 . 2015-01-14 14:54 164864 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:34 . 2015-01-14 14:54 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-15 03:13 . 2015-01-25 08:33 9054624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{07E9D1DB-B831-4CB6-9A63-763F5CAE3388}\mpengine.dll
2014-12-11 17:47 . 2015-01-14 14:54 46592 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-06 03:50 . 2015-01-14 14:54 242688 ----a-w- c:\windows\system32\nlasvc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2014-11-27 466144]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-01-20 5496600]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2015-02-12 127792]
"avgnt"="c:\windows\Avira\AntiVir Desktop\avgnt.exe" [2014-11-24 702768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2014-08-14 13528]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys [2014-08-14 26328]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-01-12 102912]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);c:\windows\system32\DRIVERS\RtTeam620.sys [2012-07-03 49808]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys [2012-08-31 27792]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-08-12 1343400]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2013-08-07 505192]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2013-08-07 25448]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2014-11-24 37352]
S2 AntiVirSchedulerService;Avira Scheduler;c:\windows\Avira\AntiVir Desktop\sched.exe [2014-11-24 431920]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-02-12 184056]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 33056]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-19 378984]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-12 14:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\PaKSzabovy\AppData\Roaming\Mozilla\Firefox\Profiles\1slyw161.default\
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Sony\Sony PC Companion\PCCompanionInfo.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2015-03-04 11:36:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-03-04 10:36
ComboFix2.txt 2015-03-02 14:17
.
Před spuštěním: Volných bajtů: 559 674 392 576
Po spuštění: Volných bajtů: 559 499 423 744
.
- - End Of File - - 583EB5E8957D96C0443235F5B2649BC0
A36C5E4F47E84449FF07ED3517B43A31

[KamilaS]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:37:57, on 4.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PaKSzabovy\Downloads\STAŽENINY\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Windows\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Windows\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Windows\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 5417 bytes

[KamilaS]

prosím, mě pořád nějak vrže počítač, btw. ff mi nahlásil útočnou stránku, tak jsem tam odtud hned vypadla ale nevím, jaký dopad to mohlo mít na ochranu pc, snad jsem něco nepodělala, děkuji

[jaro3]

S vrzýáním se obrať na jinou sekci.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[KamilaS]

můžeš to prosím specifikovat, na jakou sekci se mám obrátit? díky

[KamilaS]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-03-2015
Ran by PaKSzabovy at 2015-03-05 14:45:34
Running from C:\Users\PaKSzabovy\Desktop\pc-help programy
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
Aegisub 3.2.1 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.1 - Aegisub Team)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.7971 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVI ReComp 1.5.6 (HKLM\...\AVI ReComp) (Version: 1.5.6 - Mateusz Gola (aka Prozac))
Avira (HKLM\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
AviSynth 2.5 (HKLM\...\Avisynth) (Version: - )
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.3.0.2 - )
bl (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4500 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.1.0.1 - Comodo)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
FastStone Image Viewer 5.1 (HKLM\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
FormatFactory 3.3.5.0 (HKLM\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4 (HKLM\...\{AA6F009F-0CCD-4DD6-A462-28419C101D54}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Kingdom Tales (HKLM\...\BFG-Kingdom Tales) (Version: - )
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.1.133 - PandoraTV)
LibreOffice 4.3.0.4 (HKLM\...\{5C005E2A-AEAE-4DF7-B7CA-1E6DCDD2AEA4}) (Version: 4.3.0.4 - The Document Foundation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Go (HKLM\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.108.06300 (HKLM\...\{FC091743-5193-2B65-E49E-E03BC9E8B728}) (Version: 2.12.108.06300 - Sony)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0 (x86 cs) (HKLM\...\Mozilla Firefox 36.0 (x86 cs)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Lite (HKLM\...\{fb94de03-3699-4d9f-96d7-7659bd8a5a07}) (Version: - Nero AG)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA Ovladač 3D Vision 266.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 266.33 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 266.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 266.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Ovládací panel NVIDIA 266.33 (Version: 266.33 - NVIDIA Corporation) Hidden
ph (Version: 1.0.0 - Your Company Name) Hidden
PS_AIO_04_C4500_Software_Min (Version: 130.0.365.000 - Hewlett-Packard) Hidden
RarZilla Free Unrar (HKLM\...\RarZilla Free Unrar) (Version: 5.10 - Philipp Winterberg)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Rescue Team 4 (HKLM\...\BFG-Rescue Team 4) (Version: - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolveigMM AVI Trimmer version 2.1.1407.1 (HKLM\...\SolveigMM AVI Trimmer_is1) (Version: 2.1.1407.1 - Solveig Multimedia)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.12.201408250841 - Sony Mobile Communications AB)
Sony PC Companion 2.10.245 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.245 - Sony)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Subtitle Workshop 2.51 (HKLM\...\SubtitleWorkshop) (Version: - )
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VobSub 2.23 (HKLM\...\VobSub) (Version: 2.23 - Gabest)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

02-03-2015 14:48:22 zoek.exe restore point
02-03-2015 15:03:24 Revo Uninstaller's restore point - Avira Free Antivirus
02-03-2015 15:05:53 Revo Uninstaller's restore point - Malwarebytes Anti-Malware verze 2.0.4.1028
03-03-2015 22:04:18 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-03-04 11:31 - 2015-03-04 11:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05C84E56-154B-469F-B50D-D4399610AE1F} - System32\Tasks\{EDEE8EE9-9404-473C-BD3C-8B01DA7BD643} => pcalua.exe -a C:\Users\PaKSzabovy\Desktop\HijackThis.exe -d C:\Users\PaKSzabovy\Desktop
Task: {07895BFE-FBB5-4D6C-9E12-0D4B1A693A36} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0D399034-7014-4EC5-85D1-4A3E629ED2BB} - System32\Tasks\{A2AD9A9E-0B9A-4C0F-B762-F3CFF746B6E5} => pcalua.exe -a C:\Users\PaKSzabovy\Downloads\STAŽENINY\HijackThis.exe -d C:\Users\PaKSzabovy\Downloads\STAŽENINY
Task: {128378EB-6699-4F5E-9542-20ED84F30477} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {3847A515-2956-45E2-B0C8-A5B079D3550A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {66B1C740-F463-4F87-93A0-9AE768F1DA60} - System32\Tasks\{626A7115-3971-46B4-9706-B96FBA6E5DF1} => pcalua.exe -a C:\Users\PaKSzabovy\Downloads\STAŽENINY\HijackThis.exe -d C:\Users\PaKSzabovy\Downloads\STAŽENINY
Task: {D592A580-B4FF-4DF4-8537-5398268958A2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-24 11:06 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2014-10-24 11:06 - 2014-12-04 14:18 - 00241152 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll
2014-10-24 11:06 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files\Sony\Sony PC Companion\sqlite3.dll
2014-10-24 11:06 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll
2014-07-09 15:35 - 2014-07-09 15:35 - 00644096 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
2013-06-11 09:31 - 2013-06-11 09:31 - 00090112 _____ () C:\Program Files\Sony\Sony PC Companion\CalEngine.dll
2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files\Sony\Sony PC Companion\CAgdLNotes.dll
2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files\Sony\Sony PC Companion\CAgdOutlook.dll
2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files\Sony\Sony PC Companion\VistaCalendar.dll
2014-08-14 16:11 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-01-21 03:06 - 2015-01-21 03:06 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:02DD996C
AlternateDataStreams: C:\ProgramData\TEMP:0AF6266B
AlternateDataStreams: C:\ProgramData\TEMP:29629382
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:3651A580
AlternateDataStreams: C:\ProgramData\TEMP:366B74CA
AlternateDataStreams: C:\ProgramData\TEMP:3FB26DBA
AlternateDataStreams: C:\ProgramData\TEMP:52329B88
AlternateDataStreams: C:\ProgramData\TEMP:6BF0805F
AlternateDataStreams: C:\ProgramData\TEMP:74091520
AlternateDataStreams: C:\ProgramData\TEMP:84FA02E7
AlternateDataStreams: C:\ProgramData\TEMP:A479BCC9
AlternateDataStreams: C:\ProgramData\TEMP:A6A65B80
AlternateDataStreams: C:\ProgramData\TEMP:A93CCA6B
AlternateDataStreams: C:\ProgramData\TEMP:B059B88E
AlternateDataStreams: C:\ProgramData\TEMP:BF640EE5
AlternateDataStreams: C:\ProgramData\TEMP:EE2B5DE3
AlternateDataStreams: C:\ProgramData\TEMP:F4362715
AlternateDataStreams: C:\ProgramData\TEMP:FF9C44FE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2921485920-836263657-3417334645-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PaKSzabovy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2921485920-836263657-3417334645-500 - Administrator - Disabled)
Guest (S-1-5-21-2921485920-836263657-3417334645-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2921485920-836263657-3417334645-1002 - Limited - Enabled)
PaKSzabovy (S-1-5-21-2921485920-836263657-3417334645-1000 - Administrator - Enabled) => C:\Users\PaKSzabovy

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2015 08:51:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/04/2015 01:44:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/03/2015 02:37:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/02/2015 03:03:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {b9b563b9-fe14-4cd5-8afd-e89d1c262950}


System errors:
=============
Error: (03/04/2015 11:32:42 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:31:44, ‎4.‎3.‎2015) bylo neočekávané.

Error: (03/04/2015 11:31:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/04/2015 11:31:49 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/04/2015 11:29:40 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/04/2015 11:26:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/04/2015 10:28:12 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/04/2015 10:28:07 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/04/2015 10:28:03 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/03/2015 07:57:09 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/03/2015 07:57:08 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


Microsoft Office Sessions:
=========================
Error: (03/05/2015 08:51:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe

Error: (03/04/2015 01:44:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe

Error: (03/03/2015 02:37:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe

Error: (03/02/2015 03:03:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Přístup byl odepřen.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {b9b563b9-fe14-4cd5-8afd-e89d1c262950}


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentage of memory in use: 23%
Total physical RAM: 3319.42 MB
Available physical RAM: 2540.82 MB
Total Pagefile: 6637.14 MB
Available Pagefile: 5367.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1880.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:514.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: AF6E1142)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[KamilaS]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-03-2015
Ran by PaKSzabovy (administrator) on PAKSZABOVY-PC on 05-03-2015 14:45:03
Running from C:\Users\PaKSzabovy\Desktop\pc-help programy
Loaded Profiles: PaKSzabovy (Available profiles: PaKSzabovy)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\Dragon\dragon_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Avira\AntiVir Desktop\avgnt.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Windows\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2921485920-836263657-3417334645-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2921485920-836263657-3417334645-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2921485920-836263657-3417334645-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2921485920-836263657-3417334645-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-2921485920-836263657-3417334645-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\PaKSzabovy\AppData\Roaming\Mozilla\Firefox\Profiles\1slyw161.default
FF Homepage: hxxp://wol.jw.org/cs/wol/dt/r29/lp-b/2015/3/4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll No File
FF Plugin HKU\S-1-5-21-2921485920-836263657-3417334645-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\PaKSzabovy\AppData\Roaming\Mozilla\Firefox\Profiles\1slyw161.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml
FF Extension: No Name - C:\Users\PaKSzabovy\AppData\Roaming\Mozilla\Firefox\Profiles\1slyw161.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [Not Found]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Windows\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Windows\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2014-08-14] (Sony Mobile Communications)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [505192 2013-08-07] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [25448 2013-08-07] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [33056 2011-06-15] (Realtek )
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [49808 2012-07-03] (Realtek Corporation)
S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan620.sys [27792 2012-09-01] (Realtek Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\PAKSZA~1\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 14:45 - 2015-03-05 14:45 - 00000000 ____D () C:\FRST
2015-03-05 07:51 - 2015-03-05 08:08 - 367111209 _____ () C:\Users\PaKSzabovy\Downloads\Fairly.Legal.S02E04.HDTV.x264-ASAP.mp4
2015-03-04 11:36 - 2015-03-04 11:36 - 00010484 _____ () C:\ComboFix.txt
2015-03-04 11:25 - 2015-03-04 11:36 - 00000000 ____D () C:\ComboFix
2015-03-03 21:58 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:58 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:58 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-02 15:33 - 2015-03-02 15:32 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-02 15:32 - 2015-03-02 15:32 - 00000000 ____D () C:\Users\PaKSzabovy\AppData\Roaming\Avira
2015-03-02 15:31 - 2015-03-02 15:31 - 00001916 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-03-02 15:30 - 2015-03-02 15:30 - 00000000 ____D () C:\Windows\Avira
2015-03-02 15:30 - 2014-11-24 10:23 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-02 15:30 - 2014-11-24 10:23 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-02 15:30 - 2014-11-24 10:23 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-03-02 15:30 - 2014-11-24 10:23 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2015-03-02 15:22 - 2015-03-02 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-02 15:22 - 2015-03-02 15:22 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-02 15:09 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-02 15:09 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-02 15:09 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-02 15:09 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-02 15:09 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-02 15:09 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-02 15:09 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-02 15:09 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-02 15:02 - 2015-03-04 11:36 - 00000000 ____D () C:\Qoobox
2015-03-02 15:02 - 2015-03-04 11:31 - 00000000 ____D () C:\Windows\erdnt
2015-03-02 14:59 - 2015-03-02 14:47 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-02 14:48 - 2015-03-02 15:00 - 00006935 _____ () C:\zoek-results.log
2015-03-02 14:47 - 2015-03-02 14:57 - 00000000 ____D () C:\zoek_backup
2015-03-02 07:39 - 2015-03-02 07:39 - 00066181 _____ () C:\Users\PaKSzabovy\Documents\kde v evropě ušetřit.odt
2015-03-01 18:58 - 2015-03-01 18:58 - 00011392 _____ () C:\Users\PaKSzabovy\Desktop\zábal na vlasy.odt
2015-02-27 15:09 - 2015-02-27 15:09 - 00000000 ____D () C:\Users\PaKSzabovy\Downloads\19_Ps_B
2015-02-27 15:08 - 2015-02-27 15:03 - 46423356 ____N () C:\Users\PaKSzabovy\Downloads\bi12_20_Pr_B.mp3.zip
2015-02-27 15:08 - 2015-02-27 15:03 - 146980023 ____N () C:\Users\PaKSzabovy\Downloads\bi12_19_Ps_B.mp3.zip
2015-02-27 14:52 - 2015-02-27 14:52 - 87627803 _____ () C:\Users\PaKSzabovy\Downloads\iasnv1_CHC-CHS.mp3.zip
2015-02-27 14:48 - 2015-02-27 14:49 - 86301177 _____ () C:\Users\PaKSzabovy\Downloads\iasnv1_E.mp3.zip
2015-02-27 14:48 - 2015-02-27 14:48 - 125182166 _____ () C:\Users\PaKSzabovy\Downloads\iasnv2_B.mp3.zip
2015-02-27 14:45 - 2015-02-27 14:46 - 61592058 _____ () C:\Users\PaKSzabovy\Downloads\bi12_42_Lu_B.mp3.zip
2015-02-27 14:45 - 2015-02-27 14:46 - 56685090 _____ () C:\Users\PaKSzabovy\Downloads\bi12_40_Mt_B.mp3.zip
2015-02-26 08:22 - 2015-02-26 08:23 - 00000000 ____D () C:\AdwCleaner
2015-02-26 08:18 - 2015-03-05 14:45 - 00000000 ____D () C:\Users\PaKSzabovy\Desktop\pc-help programy
2015-02-25 13:35 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 09:17 - 2015-02-25 09:17 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-24 12:53 - 2015-02-25 10:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-24 12:53 - 2015-02-24 12:55 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-24 12:53 - 2015-02-24 12:55 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-22 18:31 - 2015-02-22 18:56 - 00000000 ____D () C:\Users\PaKSzabovy\AppData\Roaming\Audacity
2015-02-21 18:27 - 2015-03-04 11:32 - 00168758 _____ () C:\Windows\PFRO.log
2015-02-19 20:42 - 2015-03-05 11:35 - 00004368 _____ () C:\Windows\setupact.log
2015-02-19 20:42 - 2015-02-19 20:42 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-19 20:36 - 2015-02-19 20:36 - 00000188 _____ () C:\Users\PaKSzabovy\Documents\cc_20150219_203558.reg
2015-02-19 20:11 - 2015-02-19 20:11 - 35907256 _____ (PandoraTV) C:\Users\PaKSzabovy\Downloads\3.9.1.133_20150210101242.exe
2015-02-19 18:43 - 2015-02-19 18:43 - 00000000 ____D () C:\Users\PaKSzabovy\Documents\Adobe
2015-02-19 18:04 - 2015-02-19 18:04 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2015-02-19 18:04 - 2015-02-19 18:04 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-02-18 20:16 - 2015-02-18 20:16 - 00026887 _____ () C:\Users\PaKSzabovy\Desktop\vážení bez váhy.odt
2015-02-18 17:30 - 2015-02-18 17:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-02-18 17:30 - 2015-02-18 17:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-02-18 17:30 - 2015-02-18 17:30 - 00000000 ____D () C:\Program Files\My Company Name
2015-02-18 17:30 - 2015-02-18 17:30 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine
2015-02-18 17:30 - 2015-02-18 17:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-02-18 10:45 - 2015-02-18 10:45 - 00000000 ____D () C:\Users\PaKSzabovy\Downloads\The.Flash.2014.S01E14.HDTV.x264-LOL[ettv]
2015-02-18 10:28 - 2015-02-18 10:28 - 00000000 ___RD () C:\Users\PaKSzabovy\Creative Cloud Files
2015-02-12 17:15 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 17:15 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 09:48 - 2015-02-11 13:26 - 00000000 ____D () C:\Users\PaKSzabovy\Downloads\K-DRAMA PINOCCHIO
2015-02-11 09:38 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 09:38 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 09:38 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 09:38 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 09:38 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 09:38 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 09:38 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 09:38 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 09:38 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 09:38 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 09:38 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 09:38 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 09:38 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 09:38 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 09:38 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 09:38 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 09:38 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 09:38 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 09:38 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 09:38 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 09:38 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-11 09:38 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 09:38 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 09:38 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 09:38 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 09:38 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 09:38 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 09:38 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 09:38 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 09:38 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 09:38 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 09:38 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 09:38 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 09:38 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 09:38 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 09:38 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 09:38 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 09:38 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 09:38 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 09:38 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 09:38 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 09:38 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 09:38 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 09:38 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 09:38 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 09:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 09:38 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 09:38 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 09:38 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 09:38 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 09:38 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 09:38 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 09:38 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 09:38 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 09:38 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 09:38 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 09:38 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 09:38 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-11 09:37 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 09:37 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 09:37 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 09:37 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 09:37 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 09:37 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-07 19:39 - 2015-02-07 19:39 - 00002724 _____ () C:\Users\PaKSzabovy\Documents\cc_20150207_193931.reg
2015-02-05 20:01 - 2015-02-05 20:01 - 00003584 _____ () C:\Users\PaKSzabovy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-04 21:29 - 2015-02-11 10:11 - 00000000 ____D () C:\Users\PaKSzabovy\Downloads\THE FLASH
2015-02-04 21:28 - 2015-02-11 10:12 - 00000000 ____D () C:\Users\PaKSzabovy\Downloads\THE GLADES S03

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 14:43 - 2014-08-11 12:04 - 01053295 _____ () C:\Windows\WindowsUpdate.log
2015-03-05 14:42 - 2014-08-12 11:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-05 12:32 - 2014-08-12 11:34 - 00000000 ____D () C:\Users\PaKSzabovy\AppData\Roaming\vlc
2015-03-05 12:02 - 2014-08-11 09:02 - 00000000 ____D () C:\Users\PaKSzabovy\Downloads\STAŽENINY
2015-03-05 11:42 - 2009-07-14 05:34 - 00025872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-05 11:42 - 2009-07-14 05:34 - 00025872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-05 11:35 - 2014-08-12 06:52 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-05 11:35 - 2014-08-11 09:05 - 00000000 ____D () C:\Users\PaKSzabovy\Desktop\BERLIN 2014
2015-03-05 11:35 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 08:09 - 2014-08-18 13:34 - 00000000 ____D () C:\Users\PaKSzabovy\AppData\Roaming\uTorrent
2015-03-04 11:33 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2015-03-04 11:32 - 2009-07-14 05:53 - 00032548 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-04 11:31 - 2014-09-21 13:10 - 00000000 ___RD () C:\Program Files\Skype
2015-03-04 11:18 - 2014-08-25 18:20 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-04 10:27 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2015-03-03 10:04 - 2014-08-11 09:01 - 00000000 ____D () C:\Users\PaKSzabovy\Documents\PÍSEMNOSTI
2015-03-02 15:35 - 2014-09-06 09:41 - 00000000 ____D () C:\Users\PaKSzabovy\Desktop\Odložené programy
2015-03-02 15:30 - 2014-08-27 09:28 - 00000000 ____D () C:\ProgramData\Avira
2015-03-02 15:17 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-03-02 15:05 - 2014-08-27 09:28 - 00000000 ____D () C:\Program Files\Avira
2015-02-26 19:47 - 2014-08-17 07:34 - 00000000 ____D () C:\Users\PaKSzabovy\AppData\Roaming\Skype
2015-02-25 19:50 - 2014-08-11 12:05 - 00000000 ____D () C:\Users\PaKSzabovy
2015-02-21 11:10 - 2014-08-12 08:40 - 00000000 ____D () C:\Users\PaKSzabovy\AppData\Roaming\Adobe
2015-02-21 11:08 - 2014-11-14 21:24 - 00000000 ____D () C:\Users\PaKSzabovy\AppData\Local\Adobe
2015-02-21 11:08 - 2014-08-12 11:29 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-21 11:08 - 2014-08-12 11:29 - 00000000 ____D () C:\Program Files\Adobe
2015-02-21 11:07 - 2014-08-12 11:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-02-19 20:19 - 2014-11-10 14:00 - 00000000 ____D () C:\Users\PaKSzabovy\AppData\Local\Apple Computer
2015-02-19 20:13 - 2014-10-12 19:12 - 00000000 ____D () C:\KMPlayer
2015-02-19 20:12 - 2014-10-12 19:12 - 00000606 _____ () C:\Users\PaKSzabovy\Desktop\KMPlayer.lnk
2015-02-14 18:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-13 17:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-11 19:12 - 2009-07-14 05:33 - 00315880 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 19:11 - 2014-12-10 14:05 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 19:11 - 2014-08-15 18:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 18:36 - 2014-08-12 08:12 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 18:33 - 2014-08-12 08:12 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 11:40 - 2014-08-11 08:50 - 00000000 ____D () C:\FFOutput
2015-02-08 12:59 - 2014-08-11 12:10 - 01585684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-05 15:33 - 2014-08-12 11:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 15:33 - 2014-08-12 11:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-02-05 20:01 - 2015-02-05 20:01 - 0003584 _____ () C:\Users\PaKSzabovy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-27 10:06 - 2014-09-27 10:12 - 0001281 _____ () C:\ProgramData\hpzinstall.log
2014-11-15 16:27 - 2014-11-15 16:34 - 0001474 _____ () C:\ProgramData\port_acpca.log

Some content of TEMP:
====================
C:\Users\PaKSzabovy\AppData\Local\temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 08:50

==================== End Of Log ============================

[jaro3]

Asi do sekce "problém s HW"


Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

AlternateDataStreams: C:\ProgramData\TEMP:02DD996C
AlternateDataStreams: C:\ProgramData\TEMP:0AF6266B
AlternateDataStreams: C:\ProgramData\TEMP:29629382
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:3651A580
AlternateDataStreams: C:\ProgramData\TEMP:366B74CA
AlternateDataStreams: C:\ProgramData\TEMP:3FB26DBA
AlternateDataStreams: C:\ProgramData\TEMP:52329B88
AlternateDataStreams: C:\ProgramData\TEMP:6BF0805F
AlternateDataStreams: C:\ProgramData\TEMP:74091520
AlternateDataStreams: C:\ProgramData\TEMP:84FA02E7
AlternateDataStreams: C:\ProgramData\TEMP:A479BCC9
AlternateDataStreams: C:\ProgramData\TEMP:A6A65B80
AlternateDataStreams: C:\ProgramData\TEMP:A93CCA6B
AlternateDataStreams: C:\ProgramData\TEMP:B059B88E
AlternateDataStreams: C:\ProgramData\TEMP:BF640EE5
AlternateDataStreams: C:\ProgramData\TEMP:EE2B5DE3
AlternateDataStreams: C:\ProgramData\TEMP:F4362715
AlternateDataStreams: C:\ProgramData\TEMP:FF9C44FE
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2921485920-836263657-3417334645-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2921485920-836263657-3417334645-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll No File
FF Extension: No Name - C:\Users\PaKSzabovy\AppData\Roaming\Mozilla\Firefox\Profiles\1slyw161.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [Not Found]
S3 catchme; \??\C:\Users\PAKSZA~1\AppData\Local\Temp\catchme.sys [X]
C:\ProgramData\port_acpca.log


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

FF Homepage: hxxp://wol.jw.org/cs/wol/dt/r29/lp-b/2015/3/4
tu domovskou stránku sis nastavovala sama?

[KamilaS]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-03-2015
Ran by PaKSzabovy at 2015-03-05 21:20:56 Run:1
Running from C:\Users\PaKSzabovy\Desktop\pc-help programy
Loaded Profiles: PaKSzabovy (Available profiles: PaKSzabovy)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
AlternateDataStreams: C:\ProgramData\TEMP:02DD996C
AlternateDataStreams: C:\ProgramData\TEMP:0AF6266B
AlternateDataStreams: C:\ProgramData\TEMP:29629382
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:3651A580
AlternateDataStreams: C:\ProgramData\TEMP:366B74CA
AlternateDataStreams: C:\ProgramData\TEMP:3FB26DBA
AlternateDataStreams: C:\ProgramData\TEMP:52329B88
AlternateDataStreams: C:\ProgramData\TEMP:6BF0805F
AlternateDataStreams: C:\ProgramData\TEMP:74091520
AlternateDataStreams: C:\ProgramData\TEMP:84FA02E7
AlternateDataStreams: C:\ProgramData\TEMP:A479BCC9
AlternateDataStreams: C:\ProgramData\TEMP:A6A65B80
AlternateDataStreams: C:\ProgramData\TEMP:A93CCA6B
AlternateDataStreams: C:\ProgramData\TEMP:B059B88E
AlternateDataStreams: C:\ProgramData\TEMP:BF640EE5
AlternateDataStreams: C:\ProgramData\TEMP:EE2B5DE3
AlternateDataStreams: C:\ProgramData\TEMP:F4362715
AlternateDataStreams: C:\ProgramData\TEMP:FF9C44FE
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2921485920-836263657-3417334645-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2921485920-836263657-3417334645-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll No File
FF Extension: No Name - C:\Users\PaKSzabovy\AppData\Roaming\Mozilla\Firefox\Profiles\1slyw161.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [Not Found]
S3 catchme; \??\C:\Users\PAKSZA~1\AppData\Local\Temp\catchme.sys [X]
C:\ProgramData\port_acpca.log

*****************

C:\ProgramData\TEMP => ":02DD996C" ADS removed successfully.
C:\ProgramData\TEMP => ":0AF6266B" ADS removed successfully.
C:\ProgramData\TEMP => ":29629382" ADS removed successfully.
C:\ProgramData\TEMP => ":2CB9631F" ADS removed successfully.
C:\ProgramData\TEMP => ":3651A580" ADS removed successfully.
C:\ProgramData\TEMP => ":366B74CA" ADS removed successfully.
C:\ProgramData\TEMP => ":3FB26DBA" ADS removed successfully.
C:\ProgramData\TEMP => ":52329B88" ADS removed successfully.
C:\ProgramData\TEMP => ":6BF0805F" ADS removed successfully.
C:\ProgramData\TEMP => ":74091520" ADS removed successfully.
C:\ProgramData\TEMP => ":84FA02E7" ADS removed successfully.
C:\ProgramData\TEMP => ":A479BCC9" ADS removed successfully.
C:\ProgramData\TEMP => ":A6A65B80" ADS removed successfully.
C:\ProgramData\TEMP => ":A93CCA6B" ADS removed successfully.
C:\ProgramData\TEMP => ":B059B88E" ADS removed successfully.
C:\ProgramData\TEMP => ":BF640EE5" ADS removed successfully.
C:\ProgramData\TEMP => ":EE2B5DE3" ADS removed successfully.
C:\ProgramData\TEMP => ":F4362715" ADS removed successfully.
C:\ProgramData\TEMP => ":FF9C44FE" ADS removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2921485920-836263657-3417334645-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2921485920-836263657-3417334645-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found.
"HKLM\Software\MozillaPlugins\Adobe Reader" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect" => Key deleted successfully.
C:\Users\PaKSzabovy\AppData\Roaming\Mozilla\Firefox\Profiles\1slyw161.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} => not found.
catchme => Service deleted successfully.
C:\ProgramData\port_acpca.log => Moved successfully.

==== End of Fixlog 21:20:56 ====

[KamilaS]

FF Homepage: http://wol.jw.org/cs/wol/dt/r29/lp-b/2015/3/4

[KamilaS]

jaro3: vidím, že si s tím dáváš opravdu práci, "my mu sice nerozumíme ale my mu věříme"
až to dáš do kupy, zase vám přispěju a stejně si myslím, že byste měli povinně zavést pro všechny s problémama alespon HJT dar 200kč, je to málo a těch desítek lidí co sem denně chodí a kterým se věnujete to ani neocení, já jo + velké díky Kamča