Prosím o kontrolu logu Vyřešeno

[Player1]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by JAROUŠEK (administrator) on KRTEČEK on 09-04-2015 20:56:05
Running from C:\Users\JAROUŠEK\Desktop
Loaded Profiles: JAROUŠEK (Available profiles: JAROUŠEK)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
Failed to access process -> conhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-21] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-16] (AVAST Software)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1399189065-1209756053-3504928763-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1399189065-1209756053-3504928763-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-12] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-16] (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-01] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-12] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\JAROUŠEK\AppData\Roaming\Mozilla\Firefox\Profiles\6tc8gmi0.default-1408300838356
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-18] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-16] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-18] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin HKU\S-1-5-21-1399189065-1209756053-3504928763-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\JAROUŠEK\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1399189065-1209756053-3504928763-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-05] (The Happy Cloud)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-12]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [124856 2012-06-12] (Gemfor s.r.o.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-01] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-01] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-12] (AVAST Software)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [262144 2006-12-23] (Nero AG) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2793568 2011-02-25] (Atheros Communications, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-12] ()
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-07] (Disc Soft Ltd)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-08] (Malwarebytes Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S3 athr; system32\DRIVERS\athrx.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 20:56 - 2015-04-09 20:56 - 00014235 _____ () C:\Users\JAROUŠEK\Desktop\FRST.txt
2015-04-09 20:56 - 2015-04-09 20:56 - 00000000 ____D () C:\FRST
2015-04-09 20:55 - 2015-04-09 20:55 - 02095616 _____ (Farbar) C:\Users\JAROUŠEK\Desktop\FRST64.exe
2015-04-08 21:06 - 2015-04-09 20:26 - 00000112 _____ () C:\Windows\setupact.log
2015-04-08 21:06 - 2015-04-08 21:06 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-08 20:19 - 2015-04-09 20:31 - 00000604 _____ () C:\DelFix.txt
2015-04-08 20:17 - 2015-04-08 20:17 - 00781312 _____ () C:\Users\JAROUŠEK\Desktop\delfix_10.9.exe
2015-04-08 20:15 - 2015-04-08 20:15 - 00179874 _____ () C:\Users\JAROUŠEK\Desktop\cc_20150408_201457.reg
2015-04-08 20:07 - 2015-04-08 20:11 - 00000000 ____D () C:\Users\JAROUŠEK\Desktop\backups
2015-04-08 18:40 - 2015-04-08 18:40 - 00001056 _____ () C:\Users\JAROUŠEK\Desktop\mb.txt
2015-04-08 17:28 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-07 17:37 - 2015-04-07 17:37 - 00001285 _____ () C:\Users\JAROUŠEK\Desktop\MBAM.txt
2015-04-07 16:36 - 2015-04-07 16:36 - 00050688 _____ (Atribune.org) C:\Users\JAROUŠEK\Desktop\ATF-Cleaner.exe
2015-04-06 23:24 - 2015-04-06 23:24 - 00028048 _____ () C:\Users\JAROUŠEK\Desktop\NEMAZAT!!!!!.txt
2015-04-06 21:22 - 2015-04-06 21:22 - 00001106 _____ () C:\Users\JAROUŠEK\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-06 20:44 - 2015-04-06 20:44 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-04-06 19:31 - 2015-04-06 19:31 - 00000000 ____D () C:\Users\JAROUŠEK\AppData\Local\TeamViewer
2015-04-06 19:29 - 2015-04-06 19:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-06 19:28 - 2015-04-07 00:39 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-06 19:28 - 2015-04-06 19:28 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-06 19:28 - 2015-04-06 19:28 - 00001035 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-06 18:30 - 2015-04-06 18:30 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-06 18:30 - 2015-04-06 18:30 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-26 15:53 - 2015-03-26 15:53 - 00000000 ____D () C:\Users\JAROUŠEK\AppData\Roaming\java
2015-03-26 15:50 - 2015-03-26 15:52 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-26 15:50 - 2015-03-26 15:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-26 15:50 - 2015-03-26 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-24 20:17 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-24 20:17 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-24 20:17 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-24 20:17 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-24 20:17 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-24 20:17 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-24 20:17 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-24 20:17 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-19 20:17 - 2015-03-19 20:18 - 00000000 ____D () C:\Program Files\Defraggler
2015-03-19 20:17 - 2015-03-19 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-03-11 20:52 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 20:52 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 20:52 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 20:52 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 20:52 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 20:52 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 20:52 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 20:52 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 20:52 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 20:52 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 20:52 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 20:52 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 20:52 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 20:52 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 20:52 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 20:52 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 20:52 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 20:52 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 20:52 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 20:52 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 20:52 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 20:52 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 20:52 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 20:52 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 20:52 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 20:52 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 20:52 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 20:52 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 20:52 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 20:52 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 20:52 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 20:52 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 20:52 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 20:52 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 20:52 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 20:52 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 20:52 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 20:52 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 20:52 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 20:52 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 20:52 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 20:52 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 20:52 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 20:52 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 20:52 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 20:51 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 20:51 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 20:51 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 20:51 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 20:50 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 20:50 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 20:50 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 20:50 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 20:50 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 20:50 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 20:50 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 20:50 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 20:50 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 20:50 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 20:50 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 20:50 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 20:50 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 20:50 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 20:50 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 20:50 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 20:50 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 20:50 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 20:50 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 20:50 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 20:50 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 20:50 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 20:50 - 2015-02-21 21:17 - 17882624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 20:50 - 2015-02-21 21:07 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-11 20:50 - 2015-02-21 21:00 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 20:50 - 2015-02-21 20:54 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 20:50 - 2015-02-21 20:54 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 20:50 - 2015-02-21 20:53 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 20:50 - 2015-02-21 20:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-11 20:50 - 2015-02-21 20:52 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 20:50 - 2015-02-21 20:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 20:50 - 2015-02-21 20:51 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 20:50 - 2015-02-21 20:51 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 20:50 - 2015-02-21 20:51 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 20:50 - 2015-02-21 20:51 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 20:50 - 2015-02-21 20:51 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 20:50 - 2015-02-21 20:51 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 20:50 - 2015-02-21 20:51 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-11 20:50 - 2015-02-21 20:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 20:50 - 2015-02-21 20:50 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 20:50 - 2015-02-21 20:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 20:50 - 2015-02-21 20:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-11 20:50 - 2015-02-21 19:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 20:50 - 2015-02-21 19:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-11 20:50 - 2015-02-21 19:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 20:50 - 2015-02-21 19:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 20:50 - 2015-02-21 19:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 20:50 - 2015-02-21 19:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 20:50 - 2015-02-21 19:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-03-11 20:50 - 2015-02-21 19:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 20:50 - 2015-02-21 19:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 20:50 - 2015-02-21 19:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 20:50 - 2015-02-21 19:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 20:50 - 2015-02-21 19:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 20:50 - 2015-02-21 19:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 20:50 - 2015-02-21 19:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 20:50 - 2015-02-21 19:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 20:50 - 2015-02-21 19:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-03-11 20:50 - 2015-02-21 19:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-03-11 20:50 - 2015-02-21 19:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 20:50 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 20:49 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 20:49 - 2015-02-21 21:02 - 10931200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 20:49 - 2015-02-21 20:51 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-11 20:49 - 2015-02-21 19:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 20:49 - 2015-02-21 19:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 20:49 - 2015-02-21 19:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 20:49 - 2015-02-21 19:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-03-11 20:49 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 20:49 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 20:49 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 20:49 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 20:49 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 20:49 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 20:34 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-09 20:34 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-09 20:33 - 2011-11-16 21:18 - 00669576 _____ () C:\Windows\system32\perfh005.dat
2015-04-09 20:33 - 2011-11-16 21:18 - 00141946 _____ () C:\Windows\system32\perfc005.dat
2015-04-09 20:33 - 2009-07-14 07:13 - 01586202 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 20:31 - 2014-10-08 14:08 - 01860323 _____ () C:\Windows\WindowsUpdate.log
2015-04-09 20:27 - 2014-05-25 22:08 - 00000000 ____D () C:\ProgramData\PDFC
2015-04-09 20:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-09 19:17 - 2013-06-30 08:25 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A8CBB150-E9BC-491C-BC34-56D5000B420D}
2015-04-08 18:11 - 2014-10-15 15:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-07 17:46 - 2012-05-13 14:47 - 00001162 _____ () C:\Users\JAROUŠEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-07 17:10 - 2014-10-07 19:14 - 00000000 ___RD () C:\Users\JAROUŠEK\Desktop\Programy
2015-04-07 16:47 - 2014-07-09 21:35 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJAROUŠEK
2015-04-07 16:46 - 2012-05-15 16:53 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-07 16:44 - 2014-10-07 19:09 - 00000000 ____D () C:\Users\JAROUŠEK\AppData\Roaming\DAEMON Tools Lite
2015-04-07 16:44 - 2013-09-03 16:14 - 00000000 ____D () C:\Windows\Minidump
2015-04-07 16:44 - 2012-06-22 19:11 - 00000000 ____D () C:\Users\JAROUŠEK\AppData\Local\CrashDumps
2015-04-07 16:30 - 2009-07-14 06:45 - 00269544 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-07 16:29 - 2014-11-29 20:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-06 23:48 - 2012-05-13 14:46 - 00058016 _____ () C:\Users\JAROUŠEK\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-06 21:22 - 2014-10-15 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-06 21:22 - 2014-10-15 15:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-06 19:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-04 11:48 - 2012-09-06 18:57 - 00000118 _____ () C:\Users\JAROUŠEK\AppData\default.pls
2015-04-03 10:45 - 2014-10-15 16:49 - 00000000 ____D () C:\Users\JAROUŠEK\Desktop\Hry
2015-04-01 17:36 - 2014-10-15 16:26 - 00000000 ____D () C:\Users\JAROUŠEK\AppData\Roaming\uTorrent
2015-03-26 15:53 - 2014-07-16 11:47 - 00000000 ____D () C:\Users\JAROUŠEK\AppData\Roaming\.minecraft
2015-03-26 15:50 - 2011-11-16 13:14 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-25 23:24 - 2014-12-14 01:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-25 23:24 - 2014-05-14 09:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-18 21:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-18 20:23 - 2014-10-15 16:12 - 00000000 ____D () C:\Users\JAROUŠEK\AppData\Local\Adobe
2015-03-18 20:23 - 2012-07-06 18:43 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-18 20:23 - 2012-07-06 18:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-15 21:36 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-15 21:36 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-15 10:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-15 10:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-15 10:33 - 2013-08-28 16:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-14 21:14 - 2012-12-24 22:05 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-14 21:05 - 2009-07-14 07:08 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-08 19:29

==================== End Of Log ============================

[Reklama]

[Player1]

Tak tady to je a omlouvám se za nedopatření :)

[jerabina]

V pořádku, akorát ... mohl bych poprosit o Addition.txt a zeptat se tě, jestli HappyCloud je v počítači s tvým vědomím?

[Player1]

NB není můj a HappyCloud, "kde se vzal, tu se vzal?" opravdu nemám tucha.

Na ploše mám pouze tento log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by JAROUŠEK at 2015-04-09 20:56:53
Running from C:\Users\JAROUŠEK\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.30 alpha (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Age Of Empires 3 CZ verze 1.0 (HKLM-x32\...\{A6502644-790D-4DCB-824F-45C64B22AF4D}_is1) (Version: 1.0 - tomi2k9)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.60 - Atheros Communications)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Colin McRae Rally 2005 (HKLM-x32\...\{15CEC2E1-16AF-11D9-88E4-0004769F25D1}) (Version: 1.1 - Codemasters)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3726 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Happy Cloud Client (HKU\S-1-5-21-1399189065-1209756053-3504928763-1000\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{124DB96E-CBF5-44FB-AB59-7D2444DEC777}) (Version: 1.0.7 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{A312ABBC-E4A0-4595-BB69-95AFF48A9838}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{B962DFD6-45C1-49D8-AEBA-197BF6576D29}) (Version: 4.0.10.0 - Hewlett-Packard)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
K-Lite Mega Codec Pack 10.7.1 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.7.1 - )
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4999.1042 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1. (Version: - )
Mozilla Firefox 37.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 cs)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
Nero 7 Essentials (HKLM-x32\...\{F63C7908-08EA-46F5-9EDF-DFF9FD231029}) (Version: 7.02.5016 - Nero AG)
NVIDIA PhysX v8.05.26 (HKLM-x32\...\{11AE6807-50D2-4F59-82B3-2C3E695E94C2}) (Version: 8.05.26 - NVIDIA Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.34 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6287 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.3 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
Tomb Raider: Legend 1.0 (HKLM-x32\...\Tomb Raider: Legend) (Version: - )
Unity Web Player (HKU\S-1-5-21-1399189065-1209756053-3504928763-1000\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Web'n'walk Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2012-06-12 - Gemfor s.r.o.)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2059.0.12 - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

09-04-2015 20:30:56 End of disinfection

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-08 17:20 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08D0A23F-3F98-443C-B45F-4D9B1C1DFCC4} - System32\Tasks\HPCeeScheduleForJAROUŠEK => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {18FB3941-A5F5-4939-AFA0-FE7B0FB71500} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2CE6CFCF-5F3D-475E-A118-0FA0C2F0A860} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3C200DA4-E2E3-4F7F-B613-F75A1ED2CC43} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {67BB5910-B3E3-4DB2-AA2F-35C61D5096A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8CACBFBC-2B89-4E16-900A-600885CA1991} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {929DC7C6-0179-43DC-9A86-24E7848B4ADF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {938A8044-8497-4CD2-8CFA-27E5E5176D6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A4095CE7-2454-4886-9FE2-E779F124095F} - \{9204D339-6D6D-4186-BCAC-1BA5AE1D715F} No Task File <==== ATTENTION
Task: {B55640F2-D1E0-4A89-B20E-19E42913032D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {BD5C2D88-641D-4982-9B1A-81E2D1042A40} - System32\Tasks\{0E55A755-D954-4A31-8EB9-4BAC26ABC804} => C:\TopCD\Demolice\DemolitionCompany.exe
Task: {BF993BBD-B981-43A7-9D0D-F888614A41D0} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-09-04] ()
Task: {CB929B2A-4EDD-43E3-9640-7B256A67748A} - System32\Tasks\{13F49A30-2E88-42BA-AA3C-09888E25A7E2} => C:\TopCD\Demolice\DemolitionCompany.exe
Task: {D97F357C-8485-4655-9613-1D3B0AECC2B8} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E6D24854-706C-4288-A42A-77A13ADDDF48} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EB9B2DE3-E695-40B6-9A2C-1199407626D2} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink)
Task: {EF4F2B0B-5FBA-4D59-A68C-F0493565F906} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-04-01] (Microsoft)

==================== Loaded Modules (whitelisted) ==============

2010-12-17 02:37 - 2010-12-17 02:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-07-21 15:33 - 2010-07-21 15:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-07-21 15:33 - 2010-07-21 15:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 15:33 - 2010-07-21 15:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-08-12 14:08 - 2014-08-12 14:08 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-04-09 19:10 - 2015-04-09 19:10 - 02925056 _____ () C:\Program Files\AVAST Software\Avast\defs\15040900\algo.dll
2015-04-09 20:27 - 2015-04-09 20:27 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15040901\algo.dll
2014-08-12 14:08 - 2014-08-12 14:08 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-17 16:58 - 2014-10-17 16:58 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2012-01-17 05:15 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-03-18 20:23 - 2015-03-18 20:23 - 16858288 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1399189065-1209756053-3504928763-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\JAROUŠEK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^JAROUŠEK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: T-Mobile Communication Centre => "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun

==================== Accounts: =============================

Administrator (S-1-5-21-1399189065-1209756053-3504928763-500 - Administrator - Disabled)
Guest (S-1-5-21-1399189065-1209756053-3504928763-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1399189065-1209756053-3504928763-1002 - Limited - Enabled)
JAROUŠEK (S-1-5-21-1399189065-1209756053-3504928763-1000 - Administrator - Enabled) => C:\Users\JAROUŠEK

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2015 08:27:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2015 08:27:24 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Stream product id=0x0066): Streaming Failed

Error: (04/09/2015 08:27:24 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Too many failures while downloading ranges: 2

Error: (04/09/2015 07:48:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/09/2015 07:10:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2015 07:10:19 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Stream product id=0x0066): Streaming Failed

Error: (04/09/2015 07:10:19 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Too many failures while downloading ranges: 2

Error: (04/08/2015 07:30:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/08/2015 05:31:46 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Stream product id=0x0066): Streaming Failed

Error: (04/08/2015 05:31:46 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Too many failures while downloading ranges: 2


System errors:
=============
Error: (04/09/2015 08:27:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
prodrv06
prohlp02
prosync1
sfhlp01

Error: (04/09/2015 08:26:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\drivers\prodrv06.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/09/2015 08:20:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (04/09/2015 08:20:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Application Virtualization Client byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/09/2015 08:20:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (04/09/2015 08:20:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/09/2015 08:20:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Wireless Assistant Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/09/2015 08:20:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/09/2015 08:20:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Úložná technologie Intel(R) Rapid byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/09/2015 08:20:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Support Assistant Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Microsoft Office Sessions:
=========================
Error: (04/09/2015 08:27:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2015 08:27:24 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (04/09/2015 08:27:24 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (04/09/2015 07:48:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (04/09/2015 07:10:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2015 07:10:19 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (04/09/2015 07:10:19 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (04/08/2015 07:30:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (04/08/2015 05:31:46 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (04/08/2015 05:31:46 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 49%
Total physical RAM: 3947.86 MB
Available physical RAM: 1983.34 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 5657.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:449.28 GB) (Free:218.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.19 GB) (Free:2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (KINGSTON) (Removable) (Total:7.46 GB) (Free:3.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 465.8 GB) (Disk ID: 5AC588FB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[jerabina]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

Task: {A4095CE7-2454-4886-9FE2-E779F124095F} - \{9204D339-6D6D-4186-BCAC-1BA5AE1D715F} No Task File <==== ATTENTION

CMD: bitsadmin /reset /allusers

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Zeptej se tedy prosím majitele notebooku, jestli Happy Cloud používá a jestli je tam s jeho vědomím. Pokud ne, odinstaluj ho.

Proveď znova DelFix a vlož sem log.

Z mého pohledu je to tedy již čisté, pokud nezaznamenáváš žádné problémy, udělej kroky, které jsem napsal výše a můžeš to tady uzamknout "fajfkou"

[mople71]

Ahoj!

Omlouvám se za vstup, ale jedna věc se mi ještě nelíbí. Prosím DelFix zatím nepoužívej.


Říká Ti něco StarForce Protection System nebo podobný SW od StarForce?

[Player1]

Ten fix v FRST budu muset udělat až zítra a to proto, že se bude provádět restart NB a mě to tím odlásí z teamvieweru a neuvidím tedy, co se stane (Na druhe straně se už spí).
Na ten HappyCloud jsem se ptal a ani majitel neví co v NB dělá. Popravdě ani já nevím k čemu slouží.
Nemám tedy vůbec použivat delfix? StartForceProtection system mi nic neříka :) Je dobré to mít?

[mople71]

Ok. Po fixlogu:

Vypni veškerou rezidentní ochranu (antivir, firewall,...)!

Stáhni si ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Ulož na Plochu, zavři všechny okna!, spusť jako Správce, vše odsouhlas a nech pracovat.

V průběhu skenu nic neotevírej. Po dokončení proběhne restart (nemusí) a log bude zde: C:\ComboFix.txt

Jeho obsah poté prosím vlož.

[Player1]

Čau, byl jsem časově vytíženy a zachvíli dodám vše potřebny.

[Player1]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-04-2015
Ran by JAROUŠEK at 2015-04-12 20:09:21 Run:1
Running from C:\Users\JAROUŠEK\Desktop
Loaded Profiles: JAROUŠEK (Available profiles: JAROUŠEK)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

Task: {A4095CE7-2454-4886-9FE2-E779F124095F} - \{9204D339-6D6D-4186-BCAC-1BA5AE1D715F} No Task File <==== ATTENTION

CMD: bitsadmin /reset /allusers

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4095CE7-2454-4886-9FE2-E779F124095F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4095CE7-2454-4886-9FE2-E779F124095F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9204D339-6D6D-4186-BCAC-1BA5AE1D715F}" => Key deleted successfully.

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 45.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 20:09:29 ====

[Player1]

ComboFix 15-04-09.01 - JAROUŠEK 12.04.2015 20:32:12.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3948.2273 [GMT 2:00]
Spuštěný z: c:\users\JAROUŐEK\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-12 do 2015-04-12 )))))))))))))))))))))))))))))))
.
.
2015-04-12 18:38 . 2015-04-12 18:38 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2015-04-12 18:38 . 2015-04-12 18:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-12 16:31 . 2015-04-12 16:31 -------- d-----w- c:\users\JAROUŠEK\AppData\Local\PDFC
2015-04-12 16:30 . 2015-04-12 18:20 -------- d-----w- c:\programdata\PDFC
2015-04-09 18:56 . 2015-04-12 18:21 -------- d-----w- C:\FRST
2015-04-08 15:28 . 2014-02-13 21:59 24064 ----a-w- c:\windows\zoek-delete.exe
2015-04-08 15:28 . 2015-04-12 18:38 -------- d-----w- c:\users\JAROUŠEK\AppData\Local\Temp
2015-04-07 14:38 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{93DC4CCD-5AE8-4E80-8726-7254D524F8C5}\mpengine.dll
2015-04-06 18:44 . 2015-04-06 18:44 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-04-06 17:31 . 2015-04-06 17:31 -------- d-----w- c:\users\JAROUŠEK\AppData\Local\TeamViewer
2015-04-06 17:28 . 2015-04-06 22:39 -------- d-----w- c:\program files (x86)\TeamViewer
2015-04-06 16:30 . 2015-04-06 16:30 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-06 16:30 . 2015-04-06 16:30 -------- d-s---w- c:\windows\system32\GWX
2015-03-26 13:53 . 2015-03-26 13:53 -------- d-----w- c:\users\JAROUŠEK\AppData\Roaming\java
2015-03-26 13:51 . 2015-03-26 13:51 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-03-26 13:50 . 2015-03-26 13:50 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-03-26 13:50 . 2015-03-26 13:52 -------- d-----w- c:\programdata\Oracle
2015-03-24 18:17 . 2015-03-11 04:06 677888 ----a-w- c:\windows\system32\generaltel.dll
2015-03-24 18:17 . 2015-03-11 04:06 943616 ----a-w- c:\windows\system32\appraiser.dll
2015-03-24 18:17 . 2015-03-11 04:05 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-24 18:17 . 2015-03-11 04:06 760832 ----a-w- c:\windows\system32\invagent.dll
2015-03-24 18:17 . 2015-03-11 04:06 414720 ----a-w- c:\windows\system32\devinv.dll
2015-03-24 18:17 . 2015-03-11 04:02 1107456 ----a-w- c:\windows\system32\aeinv.dll
2015-03-24 18:17 . 2015-03-11 04:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-24 18:17 . 2015-03-11 04:05 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-19 18:17 . 2015-03-19 18:18 -------- d-----w- c:\program files\Defraggler
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-08 16:11 . 2014-10-15 13:36 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-18 18:23 . 2012-07-06 16:43 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-18 18:23 . 2012-07-06 16:43 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-14 19:14 . 2012-12-24 20:05 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-03-06 05:56 . 2015-03-11 18:50 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-03-06 05:56 . 2015-03-11 18:50 155576 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-03-06 05:42 . 2015-03-11 18:50 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-03-06 05:42 . 2015-03-11 18:50 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-03-06 05:42 . 2015-03-11 18:50 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-03-06 05:42 . 2015-03-11 18:50 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-03-06 05:42 . 2015-03-11 18:50 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-06 05:42 . 2015-03-11 18:50 28160 ----a-w- c:\windows\system32\secur32.dll
2015-03-06 05:42 . 2015-03-11 18:50 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-03-06 05:42 . 2015-03-11 18:50 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-03-06 05:42 . 2015-03-11 18:50 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-03-06 05:42 . 2015-03-11 18:50 728064 ----a-w- c:\windows\system32\kerberos.dll
2015-03-06 05:42 . 2015-03-11 18:50 22016 ----a-w- c:\windows\system32\credssp.dll
2015-03-06 05:41 . 2015-03-11 18:50 31232 ----a-w- c:\windows\system32\lsass.exe
2015-03-06 05:41 . 2015-03-11 18:50 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-03-06 05:39 . 2015-03-11 18:50 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-03-06 05:38 . 2015-03-11 18:50 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-03-06 05:36 . 2015-03-11 18:50 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-03-06 05:10 . 2015-03-11 18:50 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-03-06 05:10 . 2015-03-11 18:50 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-03-06 05:10 . 2015-03-11 18:50 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-06 05:10 . 2015-03-11 18:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-03-06 05:10 . 2015-03-11 18:50 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-03-06 05:10 . 2015-03-11 18:50 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-03-06 05:10 . 2015-03-11 18:50 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-03-06 05:10 . 2015-03-11 18:50 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-03-06 05:09 . 2015-03-11 18:50 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
2015-03-06 05:09 . 2015-03-11 18:50 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-03-06 05:07 . 2015-03-11 18:50 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2015-03-06 05:07 . 2015-03-11 18:50 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2015-03-06 05:06 . 2015-03-11 18:50 686080 ----a-w- c:\windows\SysWow64\adtschema.dll
2015-02-26 03:25 . 2015-03-11 18:49 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 03:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-21 19:17 . 2015-03-11 18:50 17882624 ----a-w- c:\windows\system32\mshtml.dll
2015-02-21 19:07 . 2015-03-11 18:50 448512 ----a-w- c:\windows\system32\html.iec
2015-02-21 19:02 . 2015-03-11 18:49 10931200 ----a-w- c:\windows\system32\ieframe.dll
2015-02-21 19:00 . 2015-03-11 18:50 2339840 ----a-w- c:\windows\system32\jscript9.dll
2015-02-21 18:54 . 2015-03-11 18:50 1388032 ----a-w- c:\windows\system32\urlmon.dll
2015-02-21 18:54 . 2015-03-11 18:50 1392128 ----a-w- c:\windows\system32\wininet.dll
2015-02-21 18:53 . 2015-03-11 18:50 1494016 ----a-w- c:\windows\system32\inetcpl.cpl
2015-02-21 18:52 . 2015-03-11 18:50 237056 ----a-w- c:\windows\system32\url.dll
2015-02-21 18:52 . 2015-03-11 18:50 86016 ----a-w- c:\windows\system32\jsproxy.dll
2015-02-21 18:52 . 2015-03-11 18:50 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2015-02-21 18:51 . 2015-03-11 18:50 816640 ----a-w- c:\windows\system32\jscript.dll
2015-02-21 18:51 . 2015-03-11 18:50 598528 ----a-w- c:\windows\system32\vbscript.dll
2015-02-21 18:51 . 2015-03-11 18:50 2157568 ----a-w- c:\windows\system32\iertutil.dll
2015-02-21 18:51 . 2015-03-11 18:50 729088 ----a-w- c:\windows\system32\msfeeds.dll
2015-02-21 18:51 . 2015-03-11 18:50 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-02-21 18:51 . 2015-03-11 18:50 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2015-02-21 18:51 . 2015-03-11 18:50 282112 ----a-w- c:\windows\system32\dxtrans.dll
2015-02-21 18:51 . 2015-03-11 18:49 11264 ----a-w- c:\windows\system32\msfeedssync.exe
2015-02-21 18:50 . 2015-03-11 18:50 96768 ----a-w- c:\windows\system32\mshtmled.dll
2015-02-21 18:50 . 2015-03-11 18:50 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-02-21 18:50 . 2015-03-11 18:50 12800 ----a-w- c:\windows\system32\mshta.exe
2015-02-21 18:50 . 2015-03-11 18:50 248320 ----a-w- c:\windows\system32\ieui.dll
2015-02-21 17:34 . 2015-03-11 18:50 367104 ----a-w- c:\windows\SysWow64\html.iec
2015-02-21 17:28 . 2015-03-11 18:50 1810944 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-21 17:21 . 2015-03-11 18:50 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2015-02-21 17:21 . 2015-03-11 18:50 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-02-21 17:19 . 2015-03-11 18:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2015-02-21 17:19 . 2015-03-11 18:50 421376 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-02-21 17:18 . 2015-03-11 18:50 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-02-21 17:18 . 2015-03-11 18:50 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2015-02-20 04:41 . 2015-03-11 18:52 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 18:52 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 18:52 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 18:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 18:52 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 18:52 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 18:52 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 18:52 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 18:52 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 18:52 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-13 05:22 . 2015-03-11 18:51 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-04 03:16 . 2015-03-11 18:49 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 18:49 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 18:52 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 18:52 5554104 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-03 03:34 . 2015-03-11 18:52 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 18:52 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 18:52 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 18:52 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 18:52 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 18:49 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 18:51 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 18:52 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-03 03:31 . 2015-03-11 18:52 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-03 03:31 . 2015-03-11 18:52 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 18:52 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 18:52 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 18:52 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 18:52 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 18:52 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 18:52 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 18:52 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-11 18:52 9728 ----a-w- c:\windows\system32\spwmp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2010-12-13 318520]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-16 4085896]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP;c:\windows\system32\DRIVERS\BthMtpEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthMtpEnum.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-12 12:08 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-20 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-20 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-20 418328]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-11 6602856]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\JAROUŠEK\AppData\Roaming\Mozilla\Firefox\Profiles\6tc8gmi0.default-1408300838356\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-UnityWebPlayer - c:\users\JAROUŠEK\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-04-12 20:42:38
ComboFix-quarantined-files.txt 2015-04-12 18:42
.
Před spuštěním: Volných bajtů: 247 993 196 544
Po spuštění: Volných bajtů: 247 351 582 720
.
- - End Of File - - BB4408E7DA1BCE57F6A995B50B049E80

[Player1]

S Delfixem jsem tedy zatím nic nedělal.