Zdravim, otrasne mám spomalený systém, môžete mi to pozrieť? (napr. jedno jpg 600x300 na hdd otvára 10sekúnd) Vďaka.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017
Ran by Pedro (administrator) on LENPEDRO (21-06-2017 17:13:40)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Thomas Ascher) C:\Program Files (x86)\ATnotes\ATnotes.exe
(GeB Development) C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Users\Pedro\AppData\Local\Apps\2.0\GLB6A68H.18G\OMOPLGW2.8BM\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(forum.viry.cz) C:\Users\Pedro\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-26] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-26] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [5158144 2017-02-14] (Realtek semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [918008 2017-06-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-01-21] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ChangeFilterMerit] => C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (NewSoft)
HKLM-x32\...\Run: [Presto! PVR Monitor] => C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [157520 2010-03-24] (NewSoft)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2882400 2017-05-18] (IntelliBreeze Software AB)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [ATnotes.exe] => C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epson Stylus SX110] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-11-02] (Epic Privacy Browser)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2017-01-20] (BlazeVideo Company)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [aWARemote 3.0] => C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe [1733120 2014-11-03] (GeB Development)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [EPSON SX110 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [8701744 2017-05-15] (Sand Studio)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: E - "E:\Setup.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2016-05-24] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2017-03-08]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk [2017-06-14]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C6E367B2-F55B-4323-999C-A41A39572233}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FireFox:
========
FF DefaultProfile: esgz87fp.default
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default [2017-06-21]
FF Homepage: Mozilla\Firefox\Profiles\esgz87fp.default -> google.sk
FF Session Restore: Mozilla\Firefox\Profiles\esgz87fp.default -> is enabled.
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\artur.dubovoy@gmail.com [2017-04-28]
FF Extension: (MEGA) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\firefox@mega.co.nz.xpi [2017-05-25]
FF Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2017-01-09]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-04-30]
FF Extension: (Slovníky slovenského pravopisu) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\sk@dictionaries.addons.mozilla.org [2017-01-16]
FF Extension: (Adblock Plus) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-07]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2017-05-25]
FF Extension: (JavaScript Debugger) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-02]
FF Extension: (Disable Prefetch) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\features\{10694810-da9a-46da-93a1-fc0f2fd74b2d}\disable-prefetch@mozilla.org.xpi [2017-04-15]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-07-16] ()
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009-12-21] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.sk/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2017-06-21]
CHR Extension: (QR kód) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2015-04-08]
CHR Extension: (Prezentácie Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-05-13]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-08]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-04-08]
CHR Extension: (Angry Birds) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-08]
CHR Extension: (Magio GO) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Disk Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Browser To Phone) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2015-04-08]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (uBlock) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2016-10-22]
CHR Extension: (Tabuľky Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (Marlies Dekkers) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-04-08]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2016-03-02]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-06-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (The Great Suspender) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-06-13]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-04-08]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2015-04-08]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-08]
CHR Extension: (Plants vs Zombies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-08]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-23]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-08]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR Extension: (FullRip.net YT Mp3 Downloader) - C:\Program Files (x86)\Google\Chrome\Application\addon [2016-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1524216 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [374352 2017-05-22] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe [71512 2017-05-09] (Spoločnosť Google Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-03-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe [3727360 2010-09-17] (Firebird Project) [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 hasplms; C:\windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-26] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-26] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-26] (Lenovo)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-26] (Lenovo) <==== ATTENTION
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-07] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [167504 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [164824 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [38048 2017-06-14] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-12] (REALiX(tm))
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [228624 2017-02-14] (Intel Corporation)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3517200 2017-02-14] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [237968 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39056 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [418784 2017-02-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [3127552 2017-02-14] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2017-03-12] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 TTDrv; D:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
S3 usbrndis6; C:\windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-31] (Basil Projects)
R3 WinDriver6; C:\windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-21 17:13 - 2017-06-21 17:15 - 00037308 _____ C:\Users\Pedro\Desktop\FRST.txt
2017-06-21 17:02 - 2017-06-21 17:02 - 00000000 ____D C:\Users\Pedro\Desktop\FRST-OlderVersion
2017-06-21 17:00 - 2017-06-21 17:00 - 00029696 _____ C:\Users\Pedro\AppData\Local\MSGBOX.EXE
2017-06-21 17:00 - 2017-06-21 17:00 - 00015327 _____ C:\Users\Pedro\Desktop\LM.bat
2017-06-21 16:31 - 2017-06-21 17:02 - 02439680 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2017-06-17 08:44 - 2017-06-17 08:44 - 00000928 _____ C:\Users\Public\Desktop\iSpy (64 bit).lnk
2017-06-17 08:44 - 2017-06-17 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy
2017-06-17 08:38 - 2017-06-17 08:39 - 25498378 _____ C:\Users\Pedro\Downloads\iSpy64_6_8_0_0.zip
2017-06-16 18:10 - 2017-06-16 18:10 - 00030662 _____ C:\Users\Pedro\Downloads\[SkT]Windows_10_Home-Pro_RS2_v1703_build_15063_(x86-x64)(CZ).torrent
2017-06-16 17:51 - 2017-06-16 17:51 - 00014358 _____ C:\Users\Pedro\Downloads\[SkT]Windows_10_-_Pred_-_Aktivovane_(2015).torrent
2017-06-16 15:54 - 2017-06-16 16:14 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Foxit Scanner Images
2017-06-16 00:55 - 2017-06-16 00:55 - 00139032 _____ C:\Users\Pedro\Desktop\V000005.pdf
2017-06-14 18:48 - 2017-06-14 18:48 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avdevprot.sys
2017-06-14 17:34 - 2017-06-14 17:34 - 09598376 _____ (Piriform Ltd) C:\Users\Pedro\Downloads\ccsetup531.exe
2017-06-13 19:24 - 2017-06-13 19:32 - 00000000 ____D C:\Users\Public\Documents\AirDroid
2017-06-13 19:23 - 2017-06-14 17:58 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\AirDroid
2017-06-13 19:23 - 2017-06-13 19:24 - 00001968 _____ C:\Users\Public\Desktop\AirDroid.lnk
2017-06-13 19:23 - 2017-06-13 19:24 - 00000000 ____D C:\Users\Pedro\Documents\AirDroid
2017-06-13 19:23 - 2017-06-13 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2017-06-13 19:23 - 2017-06-13 19:23 - 00000000 ____D C:\ProgramData\AirDroid
2017-06-13 19:22 - 2017-06-14 17:23 - 00000000 ____D C:\Program Files (x86)\AirDroid
2017-06-13 19:15 - 2017-06-13 19:16 - 23089240 _____ C:\Users\Pedro\Downloads\AirDroid_Desktop_Client_3.4.2.0.exe
2017-05-31 17:03 - 2017-06-21 11:42 - 00004992 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenpedro-Pedro Lenpedro
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-21 17:13 - 2016-06-17 15:34 - 00000000 ____D C:\FRST
2017-06-21 17:11 - 2015-01-02 10:50 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\GmailNotifierPro
2017-06-21 17:09 - 2015-01-08 00:51 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\MPC-HC
2017-06-21 17:09 - 2015-01-02 18:53 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2017-06-21 17:09 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2017-06-21 15:55 - 2017-04-18 22:40 - 00000416 _____ C:\windows\Tasks\update-sys.job
2017-06-21 14:27 - 2016-12-02 09:44 - 00000000 ____D C:\ProgramData\firebird
2017-06-21 13:38 - 2017-04-18 21:46 - 00000406 _____ C:\windows\Tasks\update-S-1-5-21-2121847970-1608828601-3914908799-1001.job
2017-06-21 11:34 - 2015-01-24 15:13 - 00024804 _____ C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-06-21 09:36 - 2014-12-30 23:18 - 00000000 ____D C:\Users\Pedro\AppData\Local\Packages
2017-06-20 21:20 - 2015-01-02 18:57 - 00000000 ____D C:\=DOWNLOADS=
2017-06-18 21:56 - 2016-12-18 14:11 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2017-06-18 00:00 - 2016-10-21 12:46 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\iSpy
2017-06-17 09:10 - 2014-12-30 23:24 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2121847970-1608828601-3914908799-1001
2017-06-17 08:45 - 2014-09-26 21:53 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-17 08:44 - 2016-10-21 12:32 - 00000000 ____D C:\Program Files\iSpy
2017-06-16 17:24 - 2015-03-22 15:18 - 00004288 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-06-16 17:23 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-06-16 17:23 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\Macromed
2017-06-16 16:53 - 2014-12-31 20:33 - 00000000 ____D C:\+SHARE+
2017-06-16 12:44 - 2014-12-31 16:04 - 00000000 ___RD C:\gd
2017-06-16 10:30 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2017-06-14 18:50 - 2014-12-31 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-14 18:48 - 2016-10-11 21:27 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2017-06-14 18:48 - 2014-12-31 01:26 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2017-06-14 18:48 - 2014-12-31 01:26 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2017-06-14 18:01 - 2014-03-18 11:53 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
2017-06-14 17:58 - 2017-02-12 00:17 - 00002886 _____ C:\windows\System32\Tasks\Driver Booster SkipUAC (Pedro)
2017-06-14 17:52 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-06-14 17:51 - 2013-08-22 15:25 - 00524288 ___SH C:\windows\system32\config\BBI
2017-06-14 17:50 - 2014-09-26 22:37 - 00006656 _____ C:\windows\system32\VfService.trf
2017-06-14 17:35 - 2017-02-07 21:54 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-13 19:50 - 2016-10-20 17:48 - 00000000 ____D C:\Users\Pedro\.android
2017-06-12 22:58 - 2014-12-31 01:30 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2017-06-06 08:34 - 2014-12-31 15:25 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-25 14:07 - 2017-01-09 22:46 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2017-05-25 13:58 - 2017-04-28 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-25 13:58 - 2015-01-02 10:50 - 00000000 ____D C:\Users\Pedro\AppData\Local\GmailNotifierPro
2017-05-25 13:54 - 2014-12-31 00:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 07:01 - 2017-03-03 20:35 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\aWARemote Server
==================== Files in the root of some directories =======
2015-01-21 17:05 - 2000-06-08 15:46 - 0003638 _____ () C:\Program Files (x86)\Common Files\Config.ico
2015-01-21 17:05 - 2008-07-25 12:17 - 0558080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP80.dll
2015-01-21 17:05 - 2008-07-25 12:17 - 0635904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR80.dll
2015-02-12 19:16 - 2015-04-21 13:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-03-08 18:46 - 2017-05-19 00:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-24 15:13 - 2017-06-21 11:34 - 0024804 _____ () C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-01-20 19:22 - 2017-01-20 19:22 - 0004608 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-21 17:00 - 2017-06-21 17:00 - 0029696 _____ () C:\Users\Pedro\AppData\Local\MSGBOX.EXE
2015-01-02 13:47 - 2015-01-02 13:47 - 0000017 _____ () C:\Users\Pedro\AppData\Local\resmon.resmoncfg
2016-05-19 09:08 - 2016-05-19 09:08 - 0000003 _____ () C:\Users\Pedro\AppData\Local\updater.log
2016-05-19 09:08 - 2017-05-08 09:26 - 0000425 _____ () C:\Users\Pedro\AppData\Local\UserProducts.xml
2017-02-14 00:13 - 2017-02-14 00:13 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-01-13 21:52 - 2017-01-13 21:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LmeUSB.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001780 _____ () C:\ProgramData\LmeZJSW.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LSDmbTH.log
2016-05-26 13:46 - 2016-05-26 13:46 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-20 16:09
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalenie systému (FRST log)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie systému (FRST log)
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie systému (FRST log)
# AdwCleaner v6.047 - *Logfile created 21/06/2017 *at 23:04:44
# *Updated on 19/05/2017 by Malwarebytes
# *Database : 2017-06-21.3 [*Server]
# *Operating System : Windows 8.1 (X64)
# *Username : Pedro - LENPEDRO
# *Running from : C:\Users\Pedro\Desktop\adwcleaner_6.047.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
[-] *Task deleted: Driver Booster Scheduler
***** [ *Registry ] *****
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
***** [ *Browsers ] *****
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: slunecnice.cz
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: dchublist.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: folder_colorizer.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: kmplayer.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: winamp.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: smplayer.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: zoom-player.en.softonic.com
*************************
:: *"Tracing" keys deleted
:: Winsock2 - *Deleted C:\Program Files (x86)\Bonjour\mdnsNSP.dll
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4956 *Bytes] - [10/09/2016 21:48:47]
C:\AdwCleaner\AdwCleaner[C2].txt - [2356 *Bytes] - [11/01/2017 22:10:24]
C:\AdwCleaner\AdwCleaner[C3].txt - [2088 *Bytes] - [21/06/2017 23:04:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [4874 *Bytes] - [10/09/2016 21:38:01]
C:\AdwCleaner\AdwCleaner[S1].txt - [2395 *Bytes] - [11/01/2017 22:02:06]
C:\AdwCleaner\AdwCleaner[S2].txt - [2613 *Bytes] - [21/06/2017 23:03:20]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2384 *Bytes] ##########
===========================================
// Ten AdwCleaner môžem používať aj inokedy, sám, bez takýchto znalostí?
# *Updated on 19/05/2017 by Malwarebytes
# *Database : 2017-06-21.3 [*Server]
# *Operating System : Windows 8.1 (X64)
# *Username : Pedro - LENPEDRO
# *Running from : C:\Users\Pedro\Desktop\adwcleaner_6.047.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
[-] *Task deleted: Driver Booster Scheduler
***** [ *Registry ] *****
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
***** [ *Browsers ] *****
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: slunecnice.cz
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: dchublist.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: folder_colorizer.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: kmplayer.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: winamp.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: smplayer.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: zoom-player.en.softonic.com
*************************
:: *"Tracing" keys deleted
:: Winsock2 - *Deleted C:\Program Files (x86)\Bonjour\mdnsNSP.dll
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4956 *Bytes] - [10/09/2016 21:48:47]
C:\AdwCleaner\AdwCleaner[C2].txt - [2356 *Bytes] - [11/01/2017 22:10:24]
C:\AdwCleaner\AdwCleaner[C3].txt - [2088 *Bytes] - [21/06/2017 23:04:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [4874 *Bytes] - [10/09/2016 21:38:01]
C:\AdwCleaner\AdwCleaner[S1].txt - [2395 *Bytes] - [11/01/2017 22:02:06]
C:\AdwCleaner\AdwCleaner[S2].txt - [2613 *Bytes] - [21/06/2017 23:03:20]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2384 *Bytes] ##########
===========================================
// Ten AdwCleaner môžem používať aj inokedy, sám, bez takýchto znalostí?
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie systému (FRST log)
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie systému (FRST log)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
Ran by Pedro (administrator) on LENPEDRO (22-06-2017 17:14:21)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Users\Pedro\AppData\Local\Apps\2.0\GLB6A68H.18G\OMOPLGW2.8BM\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(forum.viry.cz) C:\Users\Pedro\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-26] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-26] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [5158144 2017-02-14] (Realtek semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [918008 2017-06-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-01-21] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ChangeFilterMerit] => C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (NewSoft)
HKLM-x32\...\Run: [Presto! PVR Monitor] => C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [157520 2010-03-24] (NewSoft)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2882400 2017-05-18] (IntelliBreeze Software AB)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [ATnotes.exe] => C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epson Stylus SX110] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-11-02] (Epic Privacy Browser)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2017-01-20] (BlazeVideo Company)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [aWARemote 3.0] => C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe [1733120 2014-11-03] (GeB Development)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [EPSON SX110 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [8701744 2017-05-15] (Sand Studio)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: E - "E:\Setup.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2016-05-24] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2017-03-08]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2017-06-14]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk [2017-06-21]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C6E367B2-F55B-4323-999C-A41A39572233}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FireFox:
========
FF DefaultProfile: esgz87fp.default
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default [2017-06-21]
FF Homepage: Mozilla\Firefox\Profiles\esgz87fp.default -> google.sk
FF Session Restore: Mozilla\Firefox\Profiles\esgz87fp.default -> is enabled.
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\artur.dubovoy@gmail.com [2017-04-28]
FF Extension: (MEGA) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\firefox@mega.co.nz.xpi [2017-05-25]
FF Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2017-01-09]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-04-30]
FF Extension: (Slovníky slovenského pravopisu) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\sk@dictionaries.addons.mozilla.org [2017-01-16]
FF Extension: (Adblock Plus) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-07]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2017-05-25]
FF Extension: (JavaScript Debugger) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-02]
FF Extension: (Disable Prefetch) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\features\{10694810-da9a-46da-93a1-fc0f2fd74b2d}\disable-prefetch@mozilla.org.xpi [2017-04-15]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-07-16] ()
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009-12-21] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.sk/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2017-06-22]
CHR Extension: (QR kód) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2015-04-08]
CHR Extension: (Prezentácie Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-05-13]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-08]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-04-08]
CHR Extension: (Angry Birds) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-08]
CHR Extension: (Magio GO) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Disk Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Browser To Phone) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2015-04-08]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (uBlock) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2016-10-22]
CHR Extension: (Tabuľky Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (Marlies Dekkers) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-04-08]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2016-03-02]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-06-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (The Great Suspender) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-06-13]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-04-08]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2015-04-08]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-08]
CHR Extension: (Plants vs Zombies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-08]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-23]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-08]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR Extension: (FullRip.net YT Mp3 Downloader) - C:\Program Files (x86)\Google\Chrome\Application\addon [2016-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1524216 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [356256 2017-06-08] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe [71512 2017-05-09] (Spoločnosť Google Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-03-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe [3727360 2010-09-17] (Firebird Project) [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 hasplms; C:\windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-26] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-26] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-26] (Lenovo)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-26] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-07] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [167504 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [164824 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [38048 2017-06-14] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-12] (REALiX(tm))
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [228624 2017-02-14] (Intel Corporation)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3517200 2017-02-14] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [237968 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39056 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [418784 2017-02-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [3127552 2017-02-14] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2017-03-12] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 TTDrv; D:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
S3 usbrndis6; C:\windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-31] (Basil Projects)
R3 WinDriver6; C:\windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-22 17:14 - 2017-06-22 17:15 - 00037161 _____ C:\Users\Pedro\Desktop\FRST.txt
2017-06-22 17:14 - 2017-06-22 17:14 - 00000000 ____D C:\Users\Pedro\Desktop\FRST-OlderVersion
2017-06-22 17:13 - 2017-06-22 17:13 - 00015327 _____ C:\Users\Pedro\Desktop\LM.bat
2017-06-22 17:12 - 2017-06-22 17:12 - 00112640 _____ (forum.viry.cz) C:\Users\Pedro\Desktop\Nepotvrdené 484854.crdownload
2017-06-21 22:56 - 2017-06-21 22:56 - 04110280 _____ C:\Users\Pedro\Desktop\adwcleaner_6.047.exe
2017-06-21 17:00 - 2017-06-22 17:13 - 00029696 _____ C:\Users\Pedro\AppData\Local\MSGBOX.EXE
2017-06-21 16:31 - 2017-06-22 17:14 - 02439680 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2017-06-17 08:44 - 2017-06-17 08:44 - 00000928 _____ C:\Users\Public\Desktop\iSpy (64 bit).lnk
2017-06-17 08:44 - 2017-06-17 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy
2017-06-17 08:38 - 2017-06-17 08:39 - 25498378 _____ C:\Users\Pedro\Downloads\iSpy64_6_8_0_0.zip
2017-06-16 18:10 - 2017-06-16 18:10 - 00030662 _____ C:\Users\Pedro\Downloads\[SkT]Windows_10_Home-Pro_RS2_v1703_build_15063_(x86-x64)(CZ).torrent
2017-06-16 17:51 - 2017-06-16 17:51 - 00014358 _____ C:\Users\Pedro\Downloads\[SkT]Windows_10_-_Pred_-_Aktivovane_(2015).torrent
2017-06-16 15:54 - 2017-06-16 16:14 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Foxit Scanner Images
2017-06-16 00:55 - 2017-06-16 00:55 - 00139032 _____ C:\Users\Pedro\Desktop\V000005.pdf
2017-06-14 18:48 - 2017-06-14 18:48 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avdevprot.sys
2017-06-14 17:34 - 2017-06-14 17:34 - 09598376 _____ (Piriform Ltd) C:\Users\Pedro\Downloads\ccsetup531.exe
2017-06-13 19:24 - 2017-06-13 19:32 - 00000000 ____D C:\Users\Public\Documents\AirDroid
2017-06-13 19:23 - 2017-06-22 14:17 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\AirDroid
2017-06-13 19:23 - 2017-06-13 19:24 - 00001968 _____ C:\Users\Public\Desktop\AirDroid.lnk
2017-06-13 19:23 - 2017-06-13 19:24 - 00000000 ____D C:\Users\Pedro\Documents\AirDroid
2017-06-13 19:23 - 2017-06-13 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2017-06-13 19:23 - 2017-06-13 19:23 - 00000000 ____D C:\ProgramData\AirDroid
2017-06-13 19:22 - 2017-06-14 17:23 - 00000000 ____D C:\Program Files (x86)\AirDroid
2017-06-13 19:15 - 2017-06-13 19:16 - 23089240 _____ C:\Users\Pedro\Downloads\AirDroid_Desktop_Client_3.4.2.0.exe
2017-05-31 17:03 - 2017-06-21 11:42 - 00004992 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenpedro-Pedro Lenpedro
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-22 17:16 - 2014-12-30 23:24 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2121847970-1608828601-3914908799-1001
2017-06-22 17:14 - 2016-06-17 15:34 - 00000000 ____D C:\FRST
2017-06-22 16:57 - 2015-01-02 10:50 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\GmailNotifierPro
2017-06-22 15:55 - 2017-04-18 22:40 - 00000416 _____ C:\windows\Tasks\update-sys.job
2017-06-22 13:38 - 2017-04-18 21:46 - 00000406 _____ C:\windows\Tasks\update-S-1-5-21-2121847970-1608828601-3914908799-1001.job
2017-06-22 10:29 - 2014-12-31 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-22 10:29 - 2014-09-26 21:53 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-21 23:16 - 2015-01-24 15:13 - 00024804 _____ C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-06-21 23:13 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2017-06-21 23:12 - 2014-12-31 16:04 - 00000000 ___RD C:\gd
2017-06-21 23:08 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-06-21 23:07 - 2013-08-22 15:25 - 00524288 ___SH C:\windows\system32\config\BBI
2017-06-21 23:04 - 2016-09-10 21:35 - 00000000 ____D C:\AdwCleaner
2017-06-21 23:04 - 2014-09-26 22:37 - 00006656 _____ C:\windows\system32\VfService.trf
2017-06-21 17:09 - 2015-01-08 00:51 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\MPC-HC
2017-06-21 17:09 - 2015-01-02 18:53 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2017-06-21 14:27 - 2016-12-02 09:44 - 00000000 ____D C:\ProgramData\firebird
2017-06-21 09:36 - 2014-12-30 23:18 - 00000000 ____D C:\Users\Pedro\AppData\Local\Packages
2017-06-20 21:20 - 2015-01-02 18:57 - 00000000 ____D C:\=DOWNLOADS=
2017-06-18 21:56 - 2016-12-18 14:11 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2017-06-18 00:00 - 2016-10-21 12:46 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\iSpy
2017-06-17 08:44 - 2016-10-21 12:32 - 00000000 ____D C:\Program Files\iSpy
2017-06-16 17:24 - 2015-03-22 15:18 - 00004288 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-06-16 17:23 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-06-16 17:23 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\Macromed
2017-06-16 16:53 - 2014-12-31 20:33 - 00000000 ____D C:\+SHARE+
2017-06-16 10:30 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2017-06-14 18:48 - 2016-10-11 21:27 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2017-06-14 18:48 - 2014-12-31 01:26 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2017-06-14 18:48 - 2014-12-31 01:26 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2017-06-14 18:01 - 2014-03-18 11:53 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
2017-06-14 17:58 - 2017-02-12 00:17 - 00002886 _____ C:\windows\System32\Tasks\Driver Booster SkipUAC (Pedro)
2017-06-14 17:35 - 2017-02-07 21:54 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-13 19:50 - 2016-10-20 17:48 - 00000000 ____D C:\Users\Pedro\.android
2017-06-12 22:58 - 2014-12-31 01:30 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2017-06-06 08:34 - 2014-12-31 15:25 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-25 14:07 - 2017-01-09 22:46 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2017-05-25 13:58 - 2017-04-28 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-25 13:58 - 2015-01-02 10:50 - 00000000 ____D C:\Users\Pedro\AppData\Local\GmailNotifierPro
2017-05-25 13:54 - 2014-12-31 00:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 07:01 - 2017-03-03 20:35 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\aWARemote Server
==================== Files in the root of some directories =======
2015-01-21 17:05 - 2000-06-08 15:46 - 0003638 _____ () C:\Program Files (x86)\Common Files\Config.ico
2015-01-21 17:05 - 2008-07-25 12:17 - 0558080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP80.dll
2015-01-21 17:05 - 2008-07-25 12:17 - 0635904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR80.dll
2015-02-12 19:16 - 2015-04-21 13:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-03-08 18:46 - 2017-05-19 00:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-24 15:13 - 2017-06-21 23:16 - 0024804 _____ () C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-01-20 19:22 - 2017-01-20 19:22 - 0004608 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-21 17:00 - 2017-06-22 17:13 - 0029696 _____ () C:\Users\Pedro\AppData\Local\MSGBOX.EXE
2015-01-02 13:47 - 2015-01-02 13:47 - 0000017 _____ () C:\Users\Pedro\AppData\Local\resmon.resmoncfg
2016-05-19 09:08 - 2016-05-19 09:08 - 0000003 _____ () C:\Users\Pedro\AppData\Local\updater.log
2016-05-19 09:08 - 2017-05-08 09:26 - 0000425 _____ () C:\Users\Pedro\AppData\Local\UserProducts.xml
2017-02-14 00:13 - 2017-02-14 00:13 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-01-13 21:52 - 2017-01-13 21:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LmeUSB.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001780 _____ () C:\ProgramData\LmeZJSW.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LSDmbTH.log
2016-05-26 13:46 - 2016-05-26 13:46 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-20 16:09
==================== End of FRST.txt ============================
Ran by Pedro (administrator) on LENPEDRO (22-06-2017 17:14:21)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Users\Pedro\AppData\Local\Apps\2.0\GLB6A68H.18G\OMOPLGW2.8BM\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(forum.viry.cz) C:\Users\Pedro\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-26] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-26] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [5158144 2017-02-14] (Realtek semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [918008 2017-06-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-01-21] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ChangeFilterMerit] => C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (NewSoft)
HKLM-x32\...\Run: [Presto! PVR Monitor] => C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [157520 2010-03-24] (NewSoft)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2882400 2017-05-18] (IntelliBreeze Software AB)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [ATnotes.exe] => C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epson Stylus SX110] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-11-02] (Epic Privacy Browser)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2017-01-20] (BlazeVideo Company)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [aWARemote 3.0] => C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe [1733120 2014-11-03] (GeB Development)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [EPSON SX110 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [8701744 2017-05-15] (Sand Studio)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: E - "E:\Setup.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2016-05-24] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2017-03-08]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2017-06-14]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk [2017-06-21]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C6E367B2-F55B-4323-999C-A41A39572233}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FireFox:
========
FF DefaultProfile: esgz87fp.default
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default [2017-06-21]
FF Homepage: Mozilla\Firefox\Profiles\esgz87fp.default -> google.sk
FF Session Restore: Mozilla\Firefox\Profiles\esgz87fp.default -> is enabled.
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\artur.dubovoy@gmail.com [2017-04-28]
FF Extension: (MEGA) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\firefox@mega.co.nz.xpi [2017-05-25]
FF Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2017-01-09]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-04-30]
FF Extension: (Slovníky slovenského pravopisu) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\sk@dictionaries.addons.mozilla.org [2017-01-16]
FF Extension: (Adblock Plus) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-07]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2017-05-25]
FF Extension: (JavaScript Debugger) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-02]
FF Extension: (Disable Prefetch) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\features\{10694810-da9a-46da-93a1-fc0f2fd74b2d}\disable-prefetch@mozilla.org.xpi [2017-04-15]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-07-16] ()
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009-12-21] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.sk/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2017-06-22]
CHR Extension: (QR kód) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2015-04-08]
CHR Extension: (Prezentácie Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-05-13]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-08]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-04-08]
CHR Extension: (Angry Birds) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-08]
CHR Extension: (Magio GO) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Disk Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Browser To Phone) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2015-04-08]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (uBlock) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2016-10-22]
CHR Extension: (Tabuľky Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (Marlies Dekkers) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-04-08]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2016-03-02]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-06-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (The Great Suspender) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-06-13]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-04-08]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2015-04-08]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-08]
CHR Extension: (Plants vs Zombies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-08]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-23]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-08]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR Extension: (FullRip.net YT Mp3 Downloader) - C:\Program Files (x86)\Google\Chrome\Application\addon [2016-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1524216 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [356256 2017-06-08] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe [71512 2017-05-09] (Spoločnosť Google Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-03-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe [3727360 2010-09-17] (Firebird Project) [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 hasplms; C:\windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-26] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-26] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-26] (Lenovo)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-26] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-07] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [167504 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [164824 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [38048 2017-06-14] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-12] (REALiX(tm))
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [228624 2017-02-14] (Intel Corporation)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3517200 2017-02-14] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [237968 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39056 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [418784 2017-02-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [3127552 2017-02-14] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2017-03-12] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 TTDrv; D:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
S3 usbrndis6; C:\windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-31] (Basil Projects)
R3 WinDriver6; C:\windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-22 17:14 - 2017-06-22 17:15 - 00037161 _____ C:\Users\Pedro\Desktop\FRST.txt
2017-06-22 17:14 - 2017-06-22 17:14 - 00000000 ____D C:\Users\Pedro\Desktop\FRST-OlderVersion
2017-06-22 17:13 - 2017-06-22 17:13 - 00015327 _____ C:\Users\Pedro\Desktop\LM.bat
2017-06-22 17:12 - 2017-06-22 17:12 - 00112640 _____ (forum.viry.cz) C:\Users\Pedro\Desktop\Nepotvrdené 484854.crdownload
2017-06-21 22:56 - 2017-06-21 22:56 - 04110280 _____ C:\Users\Pedro\Desktop\adwcleaner_6.047.exe
2017-06-21 17:00 - 2017-06-22 17:13 - 00029696 _____ C:\Users\Pedro\AppData\Local\MSGBOX.EXE
2017-06-21 16:31 - 2017-06-22 17:14 - 02439680 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2017-06-17 08:44 - 2017-06-17 08:44 - 00000928 _____ C:\Users\Public\Desktop\iSpy (64 bit).lnk
2017-06-17 08:44 - 2017-06-17 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy
2017-06-17 08:38 - 2017-06-17 08:39 - 25498378 _____ C:\Users\Pedro\Downloads\iSpy64_6_8_0_0.zip
2017-06-16 18:10 - 2017-06-16 18:10 - 00030662 _____ C:\Users\Pedro\Downloads\[SkT]Windows_10_Home-Pro_RS2_v1703_build_15063_(x86-x64)(CZ).torrent
2017-06-16 17:51 - 2017-06-16 17:51 - 00014358 _____ C:\Users\Pedro\Downloads\[SkT]Windows_10_-_Pred_-_Aktivovane_(2015).torrent
2017-06-16 15:54 - 2017-06-16 16:14 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Foxit Scanner Images
2017-06-16 00:55 - 2017-06-16 00:55 - 00139032 _____ C:\Users\Pedro\Desktop\V000005.pdf
2017-06-14 18:48 - 2017-06-14 18:48 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avdevprot.sys
2017-06-14 17:34 - 2017-06-14 17:34 - 09598376 _____ (Piriform Ltd) C:\Users\Pedro\Downloads\ccsetup531.exe
2017-06-13 19:24 - 2017-06-13 19:32 - 00000000 ____D C:\Users\Public\Documents\AirDroid
2017-06-13 19:23 - 2017-06-22 14:17 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\AirDroid
2017-06-13 19:23 - 2017-06-13 19:24 - 00001968 _____ C:\Users\Public\Desktop\AirDroid.lnk
2017-06-13 19:23 - 2017-06-13 19:24 - 00000000 ____D C:\Users\Pedro\Documents\AirDroid
2017-06-13 19:23 - 2017-06-13 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2017-06-13 19:23 - 2017-06-13 19:23 - 00000000 ____D C:\ProgramData\AirDroid
2017-06-13 19:22 - 2017-06-14 17:23 - 00000000 ____D C:\Program Files (x86)\AirDroid
2017-06-13 19:15 - 2017-06-13 19:16 - 23089240 _____ C:\Users\Pedro\Downloads\AirDroid_Desktop_Client_3.4.2.0.exe
2017-05-31 17:03 - 2017-06-21 11:42 - 00004992 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenpedro-Pedro Lenpedro
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-22 17:16 - 2014-12-30 23:24 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2121847970-1608828601-3914908799-1001
2017-06-22 17:14 - 2016-06-17 15:34 - 00000000 ____D C:\FRST
2017-06-22 16:57 - 2015-01-02 10:50 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\GmailNotifierPro
2017-06-22 15:55 - 2017-04-18 22:40 - 00000416 _____ C:\windows\Tasks\update-sys.job
2017-06-22 13:38 - 2017-04-18 21:46 - 00000406 _____ C:\windows\Tasks\update-S-1-5-21-2121847970-1608828601-3914908799-1001.job
2017-06-22 10:29 - 2014-12-31 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-22 10:29 - 2014-09-26 21:53 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-21 23:16 - 2015-01-24 15:13 - 00024804 _____ C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-06-21 23:13 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2017-06-21 23:12 - 2014-12-31 16:04 - 00000000 ___RD C:\gd
2017-06-21 23:08 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-06-21 23:07 - 2013-08-22 15:25 - 00524288 ___SH C:\windows\system32\config\BBI
2017-06-21 23:04 - 2016-09-10 21:35 - 00000000 ____D C:\AdwCleaner
2017-06-21 23:04 - 2014-09-26 22:37 - 00006656 _____ C:\windows\system32\VfService.trf
2017-06-21 17:09 - 2015-01-08 00:51 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\MPC-HC
2017-06-21 17:09 - 2015-01-02 18:53 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2017-06-21 14:27 - 2016-12-02 09:44 - 00000000 ____D C:\ProgramData\firebird
2017-06-21 09:36 - 2014-12-30 23:18 - 00000000 ____D C:\Users\Pedro\AppData\Local\Packages
2017-06-20 21:20 - 2015-01-02 18:57 - 00000000 ____D C:\=DOWNLOADS=
2017-06-18 21:56 - 2016-12-18 14:11 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2017-06-18 00:00 - 2016-10-21 12:46 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\iSpy
2017-06-17 08:44 - 2016-10-21 12:32 - 00000000 ____D C:\Program Files\iSpy
2017-06-16 17:24 - 2015-03-22 15:18 - 00004288 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-06-16 17:23 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-06-16 17:23 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\Macromed
2017-06-16 16:53 - 2014-12-31 20:33 - 00000000 ____D C:\+SHARE+
2017-06-16 10:30 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2017-06-14 18:48 - 2016-10-11 21:27 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2017-06-14 18:48 - 2014-12-31 01:26 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2017-06-14 18:48 - 2014-12-31 01:26 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2017-06-14 18:01 - 2014-03-18 11:53 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
2017-06-14 17:58 - 2017-02-12 00:17 - 00002886 _____ C:\windows\System32\Tasks\Driver Booster SkipUAC (Pedro)
2017-06-14 17:35 - 2017-02-07 21:54 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-13 19:50 - 2016-10-20 17:48 - 00000000 ____D C:\Users\Pedro\.android
2017-06-12 22:58 - 2014-12-31 01:30 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2017-06-06 08:34 - 2014-12-31 15:25 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-25 14:07 - 2017-01-09 22:46 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2017-05-25 13:58 - 2017-04-28 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-25 13:58 - 2015-01-02 10:50 - 00000000 ____D C:\Users\Pedro\AppData\Local\GmailNotifierPro
2017-05-25 13:54 - 2014-12-31 00:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 07:01 - 2017-03-03 20:35 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\aWARemote Server
==================== Files in the root of some directories =======
2015-01-21 17:05 - 2000-06-08 15:46 - 0003638 _____ () C:\Program Files (x86)\Common Files\Config.ico
2015-01-21 17:05 - 2008-07-25 12:17 - 0558080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP80.dll
2015-01-21 17:05 - 2008-07-25 12:17 - 0635904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR80.dll
2015-02-12 19:16 - 2015-04-21 13:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-03-08 18:46 - 2017-05-19 00:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-24 15:13 - 2017-06-21 23:16 - 0024804 _____ () C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-01-20 19:22 - 2017-01-20 19:22 - 0004608 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-21 17:00 - 2017-06-22 17:13 - 0029696 _____ () C:\Users\Pedro\AppData\Local\MSGBOX.EXE
2015-01-02 13:47 - 2015-01-02 13:47 - 0000017 _____ () C:\Users\Pedro\AppData\Local\resmon.resmoncfg
2016-05-19 09:08 - 2016-05-19 09:08 - 0000003 _____ () C:\Users\Pedro\AppData\Local\updater.log
2016-05-19 09:08 - 2017-05-08 09:26 - 0000425 _____ () C:\Users\Pedro\AppData\Local\UserProducts.xml
2017-02-14 00:13 - 2017-02-14 00:13 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-01-13 21:52 - 2017-01-13 21:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LmeUSB.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001780 _____ () C:\ProgramData\LmeZJSW.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LSDmbTH.log
2016-05-26 13:46 - 2016-05-26 13:46 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-20 16:09
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie systému (FRST log)
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: E - "E:\Setup.exe"
GroupPolicy: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie systému (FRST log)
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
Ran by Pedro (22-06-2017 18:36:31) Run:2
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: E - "E:\Setup.exe"
GroupPolicy: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => key removed successfully
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC5134AD-236A-4D0A-996F-7C41A1CC9C50} => key removed successfully
HKLM\Software\Classes\CLSID\{EC5134AD-236A-4D0A-996F-7C41A1CC9C50} => key not found.
HKLM\Software\Classes\PROTOCOLS\Handler\skypec2c => key removed successfully
HKLM\Software\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => key removed successfully
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36570786 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 4755872 B
Edge => 0 B
Chrome => 22768385 B
Firefox => 10128017 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 917672 B
LocalService => 55082 B
NetworkService => 0 B
Pedro => 44410053 B
RecycleBin => 2601999 B
EmptyTemp: => 124.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:37:16 ====
Ran by Pedro (22-06-2017 18:36:31) Run:2
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: E - "E:\Setup.exe"
GroupPolicy: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => key removed successfully
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC5134AD-236A-4D0A-996F-7C41A1CC9C50} => key removed successfully
HKLM\Software\Classes\CLSID\{EC5134AD-236A-4D0A-996F-7C41A1CC9C50} => key not found.
HKLM\Software\Classes\PROTOCOLS\Handler\skypec2c => key removed successfully
HKLM\Software\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => key removed successfully
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36570786 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 4755872 B
Edge => 0 B
Chrome => 22768385 B
Firefox => 10128017 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 917672 B
LocalService => 55082 B
NetworkService => 0 B
Pedro => 44410053 B
RecycleBin => 2601999 B
EmptyTemp: => 124.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:37:16 ====
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie systému (FRST log)
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie systému (FRST log)
Vyzerá, že to je ovela lepšie Už môžem zmazať tú kopu .txt-čiek, čo vytvoril FRST na ploche?
Už môžem zmazať tú kopu .txt-čiek, čo vytvoril FRST na ploche?-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie systému (FRST log)
OK, to jsem rád. Smazat můžete a můžete i odinstalovat ADW. Spusťte, rozklikněte levé roletové menu a klikněte na Odinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie systému (FRST log)
Ďakujem veľmi pekne za pomoc, ste super všetci, znova podporím v blízkej dobe 
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie systému (FRST log)
Nemáte zač a za podporu děkujeme!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie systému (FRST log)
Zasa sa mi sem niečo dostalo.
ADWC som vyčistil, potom ale FRST blbol cez Launcher, tak som dal samotný FRST.
# AdwCleaner 7.0.0.0 - Logfile created on Wed Jul 19 06:44:42 2017
# Updated on 2017/17/07 by Malwarebytes
# Database: 07-19-2017.3
# Running on Windows 8.1 (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
PUP.Adware.Heuristic, AdAppMgrSvc
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
SearchProvider found: Softonic EN - folder_colorizer.en.softonic.com
SearchProvider found: Softonic EN - kmplayer.en.softonic.com
SearchProvider found: Softonic EN - winamp.en.softonic.com
SearchProvider found: Softonic EN - smplayer.en.softonic.com
SearchProvider found: Softonic EN - zoom-player.en.softonic.com
SearchProvider found: slunecnice.cz - slunecnice.cz
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [4956 B] - [2016/9/10 19:48:47]
C:/AdwCleaner/AdwCleaner[C2].txt - [2356 B] - [2017/1/11 20:10:24]
C:/AdwCleaner/AdwCleaner[C3].txt - [2464 B] - [2017/6/21 21:4:44]
C:/AdwCleaner/AdwCleaner[S0].txt - [4874 B] - [2016/9/10 19:38:1]
C:/AdwCleaner/AdwCleaner[S1].txt - [2395 B] - [2017/1/11 20:2:6]
C:/AdwCleaner/AdwCleaner[S2].txt - [2613 B] - [2017/6/21 21:3:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
Ran by Pedro (administrator) on LENPEDRO (19-07-2017 16:45:17)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\60.0.3112.25\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\60.0.3112.25\remoting_host.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(GeB Development) C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Users\Pedro\AppData\Local\Apps\2.0\GLB6A68H.18G\OMOPLGW2.8BM\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
() C:\Program Files\Notepad2\Notepad2.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-26] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-26] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [5158144 2017-02-14] (Realtek semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [918008 2017-07-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-01-21] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ChangeFilterMerit] => C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (NewSoft)
HKLM-x32\...\Run: [Presto! PVR Monitor] => C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [157520 2010-03-24] (NewSoft)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2882400 2017-05-18] (IntelliBreeze Software AB)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [ATnotes.exe] => C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epson Stylus SX110] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-11-02] (Epic Privacy Browser)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2017-01-20] (BlazeVideo Company)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [aWARemote 3.0] => C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe [1733120 2014-11-03] (GeB Development)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [EPSON SX110 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2017-03-08]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2017-06-14]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk [2017-07-19]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C6E367B2-F55B-4323-999C-A41A39572233}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: esgz87fp.default
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default [2017-07-19]
FF Homepage: Mozilla\Firefox\Profiles\esgz87fp.default -> google.sk
FF Session Restore: Mozilla\Firefox\Profiles\esgz87fp.default -> is enabled.
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\artur.dubovoy@gmail.com [2017-04-28]
FF Extension: (MEGA) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\firefox@mega.co.nz.xpi [2017-07-13]
FF Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2017-01-09]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-07-02]
FF Extension: (Slovníky slovenského pravopisu) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\sk@dictionaries.addons.mozilla.org [2017-01-16]
FF Extension: (Adblock Plus) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-01]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2017-05-25]
FF Extension: (JavaScript Debugger) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-02]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-07-16] ()
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009-12-21] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.sk/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2017-07-19]
CHR Extension: (QR kód) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2015-04-08]
CHR Extension: (Prezentácie Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-05-13]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-08]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-04-08]
CHR Extension: (Angry Birds) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-08]
CHR Extension: (Magio GO) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Disk Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Browser To Phone) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2015-04-08]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (uBlock) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2016-10-22]
CHR Extension: (Tabuľky Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (Marlies Dekkers) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-04-08]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2016-03-02]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-06-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (The Great Suspender) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-06-13]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-04-08]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2015-04-08]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-08]
CHR Extension: (Plants vs Zombies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-08]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-06-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-23]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-08]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-16]
CHR Extension: (FullRip.net YT Mp3 Downloader) - C:\Program Files (x86)\Google\Chrome\Application\addon [2016-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-07-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1524216 2017-07-13] (Avira Operations GmbH & Co. KG)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\60.0.3112.25\remoting_host.exe [71512 2017-06-08] (Spoločnosť Google Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-03-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 hasplms; C:\windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-26] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-26] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-26] (Lenovo)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-26] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-07] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [167504 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [164824 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [38048 2017-06-14] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-12] (REALiX(tm))
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [228624 2017-02-14] (Intel Corporation)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3517200 2017-02-14] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [237968 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39056 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [418784 2017-02-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [3127552 2017-02-14] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2017-03-12] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 TTDrv; D:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
S3 usbrndis6; C:\windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-31] (Basil Projects)
R3 WinDriver6; C:\windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-07-19 16:44 - 2017-07-19 16:45 - 02382336 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2017-07-19 09:29 - 2017-07-19 09:29 - 00041829 _____ C:\Users\Pedro\Desktop\Addition.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00001068 _____ C:\Users\Pedro\Desktop\FRST2.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000362 _____ C:\Users\Pedro\Desktop\sixth4.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000358 _____ C:\Users\Pedro\Desktop\sixth3.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000002 _____ C:\Users\Pedro\Desktop\first11.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000000 _____ C:\Users\Pedro\Desktop\first9.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000000 _____ C:\Users\Pedro\Desktop\first.txt
2017-07-19 09:27 - 2017-07-19 16:45 - 00033472 _____ C:\Users\Pedro\Desktop\FRST.txt
2017-07-19 09:27 - 2017-07-19 09:27 - 00015327 _____ C:\Users\Pedro\Desktop\LM.bat
2017-07-19 09:00 - 2017-07-19 09:00 - 00112640 _____ (forum.viry.cz) C:\Users\Pedro\Desktop\FRSTLauncher.exe
2017-07-19 08:34 - 2017-07-19 08:34 - 08162248 _____ (Malwarebytes) C:\Users\Pedro\Desktop\adwcleaner_7.0.0.0.exe
2017-07-16 20:29 - 2017-07-16 20:43 - 00000495 _____ C:\Users\Pedro\Desktop\ZIVNOSTI.txt
2017-07-07 12:15 - 2017-07-07 12:23 - 00000000 ____D C:\Users\Pedro\Desktop\CIVIC
2017-07-06 09:56 - 2017-07-06 09:56 - 00000000 ____D C:\windows\LastGood.Tmp
2017-06-22 18:48 - 2017-06-22 18:48 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-21 17:00 - 2017-07-19 09:27 - 00029696 _____ C:\Users\Pedro\AppData\Local\MSGBOX.EXE
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-07-19 16:41 - 2016-09-10 21:35 - 00000000 ____D C:\AdwCleaner
2017-07-19 16:41 - 2014-12-30 23:24 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2121847970-1608828601-3914908799-1001
2017-07-19 16:39 - 2015-01-02 10:50 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\GmailNotifierPro
2017-07-19 09:46 - 2014-12-31 16:04 - 00000000 ___RD C:\gd
2017-07-19 09:38 - 2017-04-18 21:46 - 00000406 _____ C:\windows\Tasks\update-S-1-5-21-2121847970-1608828601-3914908799-1001.job
2017-07-19 09:37 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-07-19 09:37 - 2013-08-22 15:25 - 00524288 ___SH C:\windows\system32\config\BBI
2017-07-19 09:36 - 2014-09-26 22:37 - 00006656 _____ C:\windows\system32\VfService.trf
2017-07-19 09:27 - 2015-01-24 15:13 - 00024804 _____ C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-07-19 09:06 - 2016-06-17 15:34 - 00000000 ____D C:\FRST
2017-07-19 09:05 - 2016-05-05 08:17 - 00000000 ____D C:\Users\Pedro\Desktop\Plocha 2
2017-07-19 09:03 - 2017-01-09 22:46 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2017-07-19 08:59 - 2014-03-18 11:53 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
2017-07-19 08:59 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2017-07-19 08:51 - 2017-04-28 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-19 08:51 - 2017-01-06 16:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-07-19 08:51 - 2014-12-31 00:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-19 08:25 - 2016-12-18 14:11 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2017-07-19 08:25 - 2015-01-02 18:53 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2017-07-17 23:55 - 2017-04-18 22:40 - 00000416 _____ C:\windows\Tasks\update-sys.job
2017-07-16 20:01 - 2016-12-02 09:22 - 00000000 ____D C:\Program Files (x86)\Firebird
2017-07-16 12:23 - 2017-02-12 00:17 - 00000000 ____D C:\ProgramData\ProductData
2017-07-14 22:54 - 2014-12-30 23:18 - 00000000 ____D C:\Users\Pedro\AppData\Local\Packages
2017-07-14 09:30 - 2017-05-31 17:03 - 00004992 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenpedro-Pedro Lenpedro
2017-07-13 23:21 - 2014-12-31 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-13 23:15 - 2014-09-26 21:53 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-12 07:54 - 2015-03-22 15:18 - 00004288 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-07-12 07:54 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-07-12 07:54 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\Macromed
2017-07-10 21:04 - 2016-01-26 16:12 - 00018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys
2017-07-07 12:15 - 2016-12-26 13:42 - 00000000 ____D C:\Users\Pedro\Desktop\SOUNDS
2017-07-07 01:50 - 2015-01-02 18:57 - 00000000 ____D C:\=DOWNLOADS=
2017-07-05 02:52 - 2014-12-31 01:30 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2017-06-26 19:39 - 2014-12-31 15:25 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-26 19:37 - 2015-04-06 01:28 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-22 18:47 - 2015-01-08 00:51 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\MPC-HC
2017-06-22 18:40 - 2017-03-14 23:18 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-22 18:36 - 2013-08-22 17:36 - 00000000 ___HD C:\windows\system32\GroupPolicy
2017-06-22 18:36 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
==================== Files in the root of some directories =======
2015-01-21 17:05 - 2000-06-08 15:46 - 0003638 _____ () C:\Program Files (x86)\Common Files\Config.ico
2015-01-21 17:05 - 2008-07-25 12:17 - 0558080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP80.dll
2015-01-21 17:05 - 2008-07-25 12:17 - 0635904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR80.dll
2015-02-12 19:16 - 2015-04-21 13:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-03-08 18:46 - 2017-05-19 00:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-24 15:13 - 2017-07-19 09:27 - 0024804 _____ () C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-06-21 17:00 - 2017-07-19 09:27 - 0029696 _____ () C:\Users\Pedro\AppData\Local\MSGBOX.EXE
2015-01-02 13:47 - 2015-01-02 13:47 - 0000017 _____ () C:\Users\Pedro\AppData\Local\resmon.resmoncfg
2016-05-19 09:08 - 2016-05-19 09:08 - 0000003 _____ () C:\Users\Pedro\AppData\Local\updater.log
2016-05-19 09:08 - 2017-05-08 09:26 - 0000425 _____ () C:\Users\Pedro\AppData\Local\UserProducts.xml
2017-02-14 00:13 - 2017-02-14 00:13 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-06-22 18:48 - 2017-06-22 18:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LmeUSB.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001780 _____ () C:\ProgramData\LmeZJSW.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LSDmbTH.log
2016-05-26 13:46 - 2016-05-26 13:46 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
2017-07-07 12:30 - 2017-07-07 12:30 - 0131072 _____ () C:\Users\Pedro\AppData\Local\Temp\DevSetup32.dll
2017-07-07 12:30 - 2017-07-07 12:30 - 0126976 _____ () C:\Users\Pedro\AppData\Local\Temp\DevSetup64.dll
2017-07-07 12:30 - 2017-07-07 12:30 - 0098304 _____ () C:\Users\Pedro\AppData\Local\Temp\DriverInstall32.exe
2017-07-07 12:30 - 2017-07-07 12:30 - 0098304 _____ () C:\Users\Pedro\AppData\Local\Temp\DriverInstall64.exe
2017-07-07 12:30 - 2017-07-07 12:30 - 0016384 _____ () C:\Users\Pedro\AppData\Local\Temp\KillProcess.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-07-10 11:31
==================== End of FRST.txt ============================
ADWC som vyčistil, potom ale FRST blbol cez Launcher, tak som dal samotný FRST.
# AdwCleaner 7.0.0.0 - Logfile created on Wed Jul 19 06:44:42 2017
# Updated on 2017/17/07 by Malwarebytes
# Database: 07-19-2017.3
# Running on Windows 8.1 (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
PUP.Adware.Heuristic, AdAppMgrSvc
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
SearchProvider found: Softonic EN - folder_colorizer.en.softonic.com
SearchProvider found: Softonic EN - kmplayer.en.softonic.com
SearchProvider found: Softonic EN - winamp.en.softonic.com
SearchProvider found: Softonic EN - smplayer.en.softonic.com
SearchProvider found: Softonic EN - zoom-player.en.softonic.com
SearchProvider found: slunecnice.cz - slunecnice.cz
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [4956 B] - [2016/9/10 19:48:47]
C:/AdwCleaner/AdwCleaner[C2].txt - [2356 B] - [2017/1/11 20:10:24]
C:/AdwCleaner/AdwCleaner[C3].txt - [2464 B] - [2017/6/21 21:4:44]
C:/AdwCleaner/AdwCleaner[S0].txt - [4874 B] - [2016/9/10 19:38:1]
C:/AdwCleaner/AdwCleaner[S1].txt - [2395 B] - [2017/1/11 20:2:6]
C:/AdwCleaner/AdwCleaner[S2].txt - [2613 B] - [2017/6/21 21:3:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
Ran by Pedro (administrator) on LENPEDRO (19-07-2017 16:45:17)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\60.0.3112.25\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\60.0.3112.25\remoting_host.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(GeB Development) C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Users\Pedro\AppData\Local\Apps\2.0\GLB6A68H.18G\OMOPLGW2.8BM\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
() C:\Program Files\Notepad2\Notepad2.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-26] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-26] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [5158144 2017-02-14] (Realtek semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [918008 2017-07-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-01-21] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ChangeFilterMerit] => C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (NewSoft)
HKLM-x32\...\Run: [Presto! PVR Monitor] => C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [157520 2010-03-24] (NewSoft)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2882400 2017-05-18] (IntelliBreeze Software AB)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [ATnotes.exe] => C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epson Stylus SX110] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-11-02] (Epic Privacy Browser)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2017-01-20] (BlazeVideo Company)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [aWARemote 3.0] => C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe [1733120 2014-11-03] (GeB Development)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [EPSON SX110 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2017-03-08]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2017-06-14]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk [2017-07-19]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C6E367B2-F55B-4323-999C-A41A39572233}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: esgz87fp.default
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default [2017-07-19]
FF Homepage: Mozilla\Firefox\Profiles\esgz87fp.default -> google.sk
FF Session Restore: Mozilla\Firefox\Profiles\esgz87fp.default -> is enabled.
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\artur.dubovoy@gmail.com [2017-04-28]
FF Extension: (MEGA) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\firefox@mega.co.nz.xpi [2017-07-13]
FF Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2017-01-09]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-07-02]
FF Extension: (Slovníky slovenského pravopisu) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\sk@dictionaries.addons.mozilla.org [2017-01-16]
FF Extension: (Adblock Plus) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-01]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2017-05-25]
FF Extension: (JavaScript Debugger) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-02]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-07-16] ()
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009-12-21] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.sk/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2017-07-19]
CHR Extension: (QR kód) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2015-04-08]
CHR Extension: (Prezentácie Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-05-13]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-08]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-04-08]
CHR Extension: (Angry Birds) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-08]
CHR Extension: (Magio GO) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Disk Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Browser To Phone) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2015-04-08]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (uBlock) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2016-10-22]
CHR Extension: (Tabuľky Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (Marlies Dekkers) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-04-08]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2016-03-02]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-06-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (The Great Suspender) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-06-13]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-04-08]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2015-04-08]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-08]
CHR Extension: (Plants vs Zombies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-08]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-06-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-23]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-08]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-16]
CHR Extension: (FullRip.net YT Mp3 Downloader) - C:\Program Files (x86)\Google\Chrome\Application\addon [2016-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-07-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1524216 2017-07-13] (Avira Operations GmbH & Co. KG)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\60.0.3112.25\remoting_host.exe [71512 2017-06-08] (Spoločnosť Google Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-03-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 hasplms; C:\windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-26] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-26] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-26] (Lenovo)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-26] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-07] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [167504 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [164824 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [38048 2017-06-14] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-12] (REALiX(tm))
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [228624 2017-02-14] (Intel Corporation)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3517200 2017-02-14] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [237968 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39056 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [418784 2017-02-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [3127552 2017-02-14] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2017-03-12] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 TTDrv; D:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
S3 usbrndis6; C:\windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-31] (Basil Projects)
R3 WinDriver6; C:\windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-07-19 16:44 - 2017-07-19 16:45 - 02382336 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2017-07-19 09:29 - 2017-07-19 09:29 - 00041829 _____ C:\Users\Pedro\Desktop\Addition.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00001068 _____ C:\Users\Pedro\Desktop\FRST2.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000362 _____ C:\Users\Pedro\Desktop\sixth4.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000358 _____ C:\Users\Pedro\Desktop\sixth3.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000002 _____ C:\Users\Pedro\Desktop\first11.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000000 _____ C:\Users\Pedro\Desktop\first9.txt
2017-07-19 09:29 - 2017-07-19 09:29 - 00000000 _____ C:\Users\Pedro\Desktop\first.txt
2017-07-19 09:27 - 2017-07-19 16:45 - 00033472 _____ C:\Users\Pedro\Desktop\FRST.txt
2017-07-19 09:27 - 2017-07-19 09:27 - 00015327 _____ C:\Users\Pedro\Desktop\LM.bat
2017-07-19 09:00 - 2017-07-19 09:00 - 00112640 _____ (forum.viry.cz) C:\Users\Pedro\Desktop\FRSTLauncher.exe
2017-07-19 08:34 - 2017-07-19 08:34 - 08162248 _____ (Malwarebytes) C:\Users\Pedro\Desktop\adwcleaner_7.0.0.0.exe
2017-07-16 20:29 - 2017-07-16 20:43 - 00000495 _____ C:\Users\Pedro\Desktop\ZIVNOSTI.txt
2017-07-07 12:15 - 2017-07-07 12:23 - 00000000 ____D C:\Users\Pedro\Desktop\CIVIC
2017-07-06 09:56 - 2017-07-06 09:56 - 00000000 ____D C:\windows\LastGood.Tmp
2017-06-22 18:48 - 2017-06-22 18:48 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-21 17:00 - 2017-07-19 09:27 - 00029696 _____ C:\Users\Pedro\AppData\Local\MSGBOX.EXE
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-07-19 16:41 - 2016-09-10 21:35 - 00000000 ____D C:\AdwCleaner
2017-07-19 16:41 - 2014-12-30 23:24 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2121847970-1608828601-3914908799-1001
2017-07-19 16:39 - 2015-01-02 10:50 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\GmailNotifierPro
2017-07-19 09:46 - 2014-12-31 16:04 - 00000000 ___RD C:\gd
2017-07-19 09:38 - 2017-04-18 21:46 - 00000406 _____ C:\windows\Tasks\update-S-1-5-21-2121847970-1608828601-3914908799-1001.job
2017-07-19 09:37 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-07-19 09:37 - 2013-08-22 15:25 - 00524288 ___SH C:\windows\system32\config\BBI
2017-07-19 09:36 - 2014-09-26 22:37 - 00006656 _____ C:\windows\system32\VfService.trf
2017-07-19 09:27 - 2015-01-24 15:13 - 00024804 _____ C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-07-19 09:06 - 2016-06-17 15:34 - 00000000 ____D C:\FRST
2017-07-19 09:05 - 2016-05-05 08:17 - 00000000 ____D C:\Users\Pedro\Desktop\Plocha 2
2017-07-19 09:03 - 2017-01-09 22:46 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2017-07-19 08:59 - 2014-03-18 11:53 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
2017-07-19 08:59 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2017-07-19 08:51 - 2017-04-28 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-19 08:51 - 2017-01-06 16:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-07-19 08:51 - 2014-12-31 00:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-19 08:25 - 2016-12-18 14:11 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2017-07-19 08:25 - 2015-01-02 18:53 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2017-07-17 23:55 - 2017-04-18 22:40 - 00000416 _____ C:\windows\Tasks\update-sys.job
2017-07-16 20:01 - 2016-12-02 09:22 - 00000000 ____D C:\Program Files (x86)\Firebird
2017-07-16 12:23 - 2017-02-12 00:17 - 00000000 ____D C:\ProgramData\ProductData
2017-07-14 22:54 - 2014-12-30 23:18 - 00000000 ____D C:\Users\Pedro\AppData\Local\Packages
2017-07-14 09:30 - 2017-05-31 17:03 - 00004992 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenpedro-Pedro Lenpedro
2017-07-13 23:21 - 2014-12-31 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-13 23:15 - 2014-09-26 21:53 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-12 07:54 - 2015-03-22 15:18 - 00004288 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-07-12 07:54 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-07-12 07:54 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\Macromed
2017-07-10 21:04 - 2016-01-26 16:12 - 00018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys
2017-07-07 12:15 - 2016-12-26 13:42 - 00000000 ____D C:\Users\Pedro\Desktop\SOUNDS
2017-07-07 01:50 - 2015-01-02 18:57 - 00000000 ____D C:\=DOWNLOADS=
2017-07-05 02:52 - 2014-12-31 01:30 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2017-06-26 19:39 - 2014-12-31 15:25 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-26 19:37 - 2015-04-06 01:28 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-22 18:47 - 2015-01-08 00:51 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\MPC-HC
2017-06-22 18:40 - 2017-03-14 23:18 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-22 18:36 - 2013-08-22 17:36 - 00000000 ___HD C:\windows\system32\GroupPolicy
2017-06-22 18:36 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
==================== Files in the root of some directories =======
2015-01-21 17:05 - 2000-06-08 15:46 - 0003638 _____ () C:\Program Files (x86)\Common Files\Config.ico
2015-01-21 17:05 - 2008-07-25 12:17 - 0558080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP80.dll
2015-01-21 17:05 - 2008-07-25 12:17 - 0635904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR80.dll
2015-02-12 19:16 - 2015-04-21 13:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-03-08 18:46 - 2017-05-19 00:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-24 15:13 - 2017-07-19 09:27 - 0024804 _____ () C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-06-21 17:00 - 2017-07-19 09:27 - 0029696 _____ () C:\Users\Pedro\AppData\Local\MSGBOX.EXE
2015-01-02 13:47 - 2015-01-02 13:47 - 0000017 _____ () C:\Users\Pedro\AppData\Local\resmon.resmoncfg
2016-05-19 09:08 - 2016-05-19 09:08 - 0000003 _____ () C:\Users\Pedro\AppData\Local\updater.log
2016-05-19 09:08 - 2017-05-08 09:26 - 0000425 _____ () C:\Users\Pedro\AppData\Local\UserProducts.xml
2017-02-14 00:13 - 2017-02-14 00:13 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-06-22 18:48 - 2017-06-22 18:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LmeUSB.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001780 _____ () C:\ProgramData\LmeZJSW.log
2016-06-08 23:18 - 2017-01-20 00:04 - 0001813 _____ () C:\ProgramData\LSDmbTH.log
2016-05-26 13:46 - 2016-05-26 13:46 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
2017-07-07 12:30 - 2017-07-07 12:30 - 0131072 _____ () C:\Users\Pedro\AppData\Local\Temp\DevSetup32.dll
2017-07-07 12:30 - 2017-07-07 12:30 - 0126976 _____ () C:\Users\Pedro\AppData\Local\Temp\DevSetup64.dll
2017-07-07 12:30 - 2017-07-07 12:30 - 0098304 _____ () C:\Users\Pedro\AppData\Local\Temp\DriverInstall32.exe
2017-07-07 12:30 - 2017-07-07 12:30 - 0098304 _____ () C:\Users\Pedro\AppData\Local\Temp\DriverInstall64.exe
2017-07-07 12:30 - 2017-07-07 12:30 - 0016384 _____ () C:\Users\Pedro\AppData\Local\Temp\KillProcess.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-07-10 11:31
==================== End of FRST.txt ============================
Re: Spomalenie systému (FRST log)
Môže mať niečo spoločné s háveďou aj to, že sa nemôžem dostať do svojho Adsl routru? Internet ide, LAN funguje, ale 192-168-1-1 nechce zrazu načítať. Ani po reštarte routru. Po resete to asi deň ide a potom zasa. Ale iba cez Wifi sa pripájam ! Sieťovku mám rozbitú, takže RJ45 som neskúšal.
Dnes mi po dlhšom načítavaní dokonca browser vyhodil toto:
...a názov karty že "Asus router RT-N12D1" ...pritom mám TP link a po Asuse tuv okolí ani chýru o.O
Dnes mi po dlhšom načítavaní dokonca browser vyhodil toto:
...a názov karty že "Asus router RT-N12D1" ...pritom mám TP link a po Asuse tuv okolí ani chýru o.O
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie systému (FRST log)
Ach jo! Má to vůbec smysl čistit, když vám PC nevydrží čisté ani měsíc? Otevřte poznámkový blok a zkopírujte do něj:
Tak router zavirován být může, ale určitě nezpůsobí nedostupnost IP. Právě naopak slouží k tahání dat z PC.
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\windows\LastGood.Tmp
C:\ProgramData\DP45977C.lfl
C:\Users\Pedro\AppData\Local\Temp
EmptyTemp:
End
Tak router zavirován být může, ale určitě nezpůsobí nedostupnost IP. Právě naopak slouží k tahání dat z PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?