Dobrý den,
už pár dní mám problém s internetovými prohlížeči. Vždy, když otevřu nějakou stránku, automaticky se přesměruji jinam a mnou požadovaná stránka se otevře na vedlejším listě a tak se to děje asi třikrát, po té už mnou požadovaná stránka normálně funguje. Jedná se o prohlížeče Chrome a Opera. Děkuji za pomoc
přikládám log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.02.2018
Ran by Vojtěch (administrator) on VOJTA-PC (21-02-2018 19:21:14)
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\windows\System32\atiesrxx.exe
(AMD) C:\windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Conexant Systems Inc.) C:\windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Tracker Software Products Ltd.) C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
() C:\Users\Vojtěch\AppData\Roaming\ICQ\bin\icq.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(BitTorrent Inc.) C:\Users\Vojtěch\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Vojtěch\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(BitTorrent Inc.) C:\Users\Vojtěch\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(Microsoft Corporation) C:\windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\windows\System32\dllhost.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Greyfirst Corporation) C:\Program Files (x86)\Celtx\celtx.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddpe.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(forum.viry.cz) C:\Users\Vojtěch\Desktop\Viry\FRSTLauncher.exe
(Microsoft Corporation) C:\windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-06-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2016-09-09] (Adobe Systems Incorporated)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [148601744 2017-04-13] (Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [pdfSaver3] => c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [385024 2004-05-19] (Tracker Software Products Ltd.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-02] (Disc Soft Ltd)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [icq.desktop] => C:\Users\Vojtěch\AppData\Roaming\ICQ\bin\icq.exe [25789064 2017-11-13] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #5] => C:\Users\Vojtěch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #3] => C:\Users\Vojtěch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\MountPoints2: {c6ee9d95-6520-11e7-829c-3010b3a29d32} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\Vojtěch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
Startup: C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-01-03]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959
Tcpip\Parameters: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{173A98E2-94CF-4C66-96EE-C074DC1B9306}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ECE2C3ED-447F-484F-8245-99B223E062FE}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
ManualProxies: 0hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
URLSearchHook: [S-1-5-21-866432661-1050328576-855569735-1002] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-866432661-1050328576-855569735-1002 -> {ECAD7C5B-257A-4BBE-80AD-94EC3417AC9C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-19] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Vojtěch\AppData\Roaming\Greyfirst\Celtx\Profiles\03mji8zv.default [2018-02-14]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2015-12-28] [Legacy] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2015-12-28] [Legacy] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... XXW3828BJH"
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-18] <==== ATTENTION
CHR Extension: (Prezentace) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
CHR Extension: (YouTube) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
CHR Extension: (Adblock Plus) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-06]
CHR Extension: (Tabulky) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-21]
CHR Extension: (AdBlock) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Gmail) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-14]
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-14]
CHR HKU\S-1-5-21-866432661-1050328576-855569735-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Vojtěch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-02-04]
OPR Extension: (Adblocker pro Youtube™) - C:\Users\Vojtěch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-03-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-02] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-14] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-14] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-09-14] (Lenovo)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-09-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)
R2 APXACC; C:\windows\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2017-02-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2017-02-04] (Disc Soft Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
U0 sptd; C:\windows\System32\Drivers\sptd.sys [394296 2017-12-31] (Duplex Secure Ltd.)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-21 19:24 - 2018-02-21 19:24 - 000003625 _____ C:\Users\Vojtěch\Documents\zakon.celtx
2018-02-21 19:23 - 2018-02-21 19:23 - 000000154 _____ C:\Users\Vojtěch\Desktop\prubezne_poznamky.txt
2018-02-21 19:21 - 2018-02-21 19:23 - 000024679 _____ C:\Users\Vojtěch\Desktop\FRST.txt
2018-02-21 19:20 - 2018-02-21 19:20 - 000015327 _____ C:\Users\Vojtěch\Desktop\LM.bat
2018-02-21 19:15 - 2018-02-21 19:20 - 000000000 ____D C:\Users\Vojtěch\Desktop\Viry
2018-02-21 19:15 - 2018-02-21 19:16 - 002403328 _____ (Farbar) C:\Users\Vojtěch\Desktop\FRST64.exe
2018-02-21 19:12 - 2018-02-21 19:24 - 000000000 ____D C:\Users\Vojtěch\Desktop\MOTOL
2018-02-18 16:53 - 2018-02-18 16:53 - 000001235 _____ C:\Users\Vojtěch\Desktop\Torino 2006.lnk
2018-02-18 16:53 - 2018-02-18 16:53 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-18 16:49 - 2018-02-18 16:50 - 000000000 ____D C:\Users\Vojtěch\Desktop\tor322
2018-02-18 16:49 - 2006-01-26 01:24 - 695432304 _____ C:\Users\Vojtěch\Desktop\rld-tora.bin
2018-02-18 16:49 - 2006-01-26 01:24 - 000000074 _____ C:\Users\Vojtěch\Desktop\rld-tora.cue
2018-02-18 16:46 - 2018-02-18 16:46 - 000000000 ____D C:\Users\Vojtěch\Desktop\Torino.Winter.Olympics.2006-RELOADED
2018-02-18 16:01 - 2018-02-18 16:01 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\ESET
2018-02-18 15:48 - 2018-02-18 16:41 - 1245928509 _____ C:\Users\Vojtěch\Downloads\Torino.Winter.Olympics.2006-RELOADED.7z
2018-02-18 15:41 - 2018-02-18 15:41 - 004260984 _____ (ESET) C:\Users\Vojtěch\Downloads\eset_nod32_antivirus_live_installer.exe
2018-02-18 15:29 - 2018-02-18 15:30 - 000901120 _____ C:\Users\Vojtěch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key (1).iso
2018-02-18 15:29 - 2018-02-18 15:29 - 000901120 _____ C:\Users\Vojtěch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key.iso
2018-02-18 15:22 - 2018-02-18 15:30 - 000000000 ____D C:\Program Files (x86)\DllKitPRO
2018-02-18 15:22 - 2018-02-18 15:29 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2018-02-18 15:22 - 2018-02-18 15:27 - 000003306 _____ C:\windows\System32\Tasks\DllKitPRO
2018-02-18 15:13 - 2018-02-18 15:13 - 000000000 ____D C:\windows\System32\Tasks\Games
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\windows\SysWOW64\xlive
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2018-02-18 14:56 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2018-02-18 14:54 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2018-02-18 14:53 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2018-02-18 14:53 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2018-02-18 14:53 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2018-02-18 14:53 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2018-02-18 14:53 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2018-02-18 14:53 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2018-02-18 14:53 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2018-02-18 14:53 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2018-02-18 14:53 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2018-02-18 14:53 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2018-02-17 20:59 - 2018-02-17 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-17 20:26 - 2018-02-18 16:51 - 000000000 ____D C:\Program Files (x86)\2K Sports
2018-02-05 20:59 - 2018-02-05 20:59 - 011047898 _____ C:\Users\Vojtěch\Downloads\SoupalJ_ExtracorporalniOxygenace_LD_2016.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 006449264 _____ C:\Users\Vojtěch\Downloads\DPTX_2013_1_11110_0_376713_0_141163.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 000998622 _____ C:\Users\Vojtěch\Downloads\BPTX_2011_1__0_299860_0_120473.pdf
2018-02-05 20:55 - 2018-02-05 20:55 - 001809523 _____ C:\Users\Vojtěch\Downloads\kardioanestezie-a-perioperacni-pece-v-kardiochirurgii_nahled.pdf
2018-01-31 14:40 - 2018-01-31 14:40 - 000973131 _____ C:\Users\Vojtěch\Downloads\IPTX_2010_1_11150_F1P009_193093_0_95091 (1).pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-21 19:24 - 2015-01-19 00:01 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\uTorrent
2018-02-21 19:23 - 2017-03-20 17:10 - 000000154 _____ C:\Users\Vojtěch\Desktop\Nový textový dokument (2).txt
2018-02-21 19:23 - 2017-02-04 14:54 - 008643130 _____ C:\windows\ZAM_Guard.krnl.trace
2018-02-21 19:23 - 2017-02-04 14:54 - 008399970 _____ C:\windows\ZAM.krnl.trace
2018-02-21 19:21 - 2017-03-12 16:55 - 000000000 ____D C:\FRST
2018-02-21 19:20 - 2017-03-12 16:51 - 000029696 _____ C:\Users\Vojtěch\AppData\Local\MSGBOX.EXE
2018-02-21 18:49 - 2015-01-18 23:58 - 000003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-866432661-1050328576-855569735-1002
2018-02-21 16:02 - 2015-01-18 23:57 - 000000000 ____D C:\Program Files (x86)\Opera
2018-02-21 15:59 - 2015-01-19 00:13 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\Skype
2018-02-21 14:17 - 2015-01-18 23:56 - 000003834 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{AC9158A3-4C3C-4033-B028-C1C6C126075D}
2018-02-21 13:09 - 2015-01-19 15:55 - 000000568 _____ C:\windows\Tasks\MATLAB R2012b Startup Accelerator.job
2018-02-20 22:14 - 2015-01-18 23:58 - 000003846 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1421621899
2018-02-20 19:58 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2018-02-20 19:58 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2018-02-19 19:55 - 2015-01-19 00:13 - 000000000 ____D C:\ProgramData\Skype
2018-02-18 21:04 - 2016-02-11 23:16 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\WOW
2018-02-18 16:57 - 2016-04-04 18:05 - 001425408 ___SH C:\Users\Vojtěch\Desktop\Thumbs.db
2018-02-18 16:54 - 2015-01-31 13:27 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\CrashDumps
2018-02-18 15:32 - 2014-09-13 23:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-17 21:01 - 2017-12-31 11:58 - 000000000 ____D C:\Users\Vojtěch\Documents\My ISO Files
2018-02-16 22:36 - 2017-12-09 19:25 - 000000000 ____D C:\Users\Vojtěch\Downloads\Ed Sheeran - x [Deluxe Edition] [2014 ALBUM]
2018-02-14 12:04 - 2015-08-24 14:39 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-14 12:03 - 2017-05-19 05:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-12 15:38 - 2014-09-13 23:17 - 005789688 _____ C:\windows\system32\perfh005.dat
2018-02-12 15:38 - 2014-09-13 23:17 - 001778134 _____ C:\windows\system32\perfc005.dat
2018-02-12 15:38 - 2014-03-18 10:53 - 000005430 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-07 20:33 - 2017-03-12 19:05 - 000000000 ____D C:\Users\Vojtěch\Downloads\ICQ
2018-02-07 16:08 - 2015-05-25 16:41 - 000004294 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-07 16:08 - 2015-05-25 16:41 - 000004236 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2018-02-04 23:46 - 2015-01-19 01:35 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\vlc
2018-01-30 14:32 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2018-01-26 11:27 - 2015-12-25 18:21 - 000000000 ___RD C:\Users\Vojtěch\Desktop\Fotky
==================== Files in the root of some directories =======
2017-03-12 16:51 - 2018-02-21 19:20 - 000029696 _____ () C:\Users\Vojtěch\AppData\Local\MSGBOX.EXE
2017-03-07 15:47 - 2017-03-07 15:47 - 000000031 _____ () C:\Users\Vojtěch\AppData\Local\SQ.RemoverDelete.bat
2017-03-07 15:37 - 2017-03-07 15:37 - 000032038 _____ () C:\Users\Vojtěch\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
Some files in TEMP:
====================
2018-02-17 21:01 - 2018-02-18 16:51 - 000046596 _____ (Sony DADC Austria AG) C:\Users\Vojtěch\AppData\Local\Temp\drm_dialogs.dll
2017-04-03 14:30 - 2018-01-11 09:37 - 058804680 _____ (Skype Technologies S.A.) C:\Users\Vojtěch\AppData\Local\Temp\SkypeSetup.exe
2018-01-11 20:35 - 2017-04-25 15:44 - 000380928 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Vojtěch\AppData\Local\Temp\_unps.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-16 02:57
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu LOGu, infiltrované prohlížeče
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu LOGu, infiltrované prohlížeče
- Přílohy
-
- Addition.rar
- (16.36 KiB) Staženo 63 x
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu LOGu, infiltrované prohlížeče
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu LOGu, infiltrované prohlížeče
# AdwCleaner 7.0.8.0 - Logfile created on Wed Feb 21 19:03:41 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\Elex-tech
Deleted: C:\Users\Vojtěch\AppData\Roaming\Elex-tech
Deleted: C:\Users\Vojtěch\AppData\Roaming\\Firefox
Deleted: C:\Users\Vojtěch\AppData\Roaming\Kuaizip
Deleted: C:\Program Files (x86)\DllKitPRO
***** [ Files ] *****
Deleted: C:\Users\All Users\Documents\\report.dat
Deleted: C:\Users\Public\Documents\\report.dat
Deleted: C:\Users\All Users\Documents\\temp.dat
Deleted: C:\Users\Public\Documents\\temp.dat
Deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: DllKitPRO
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C8B797A0-024C-4D90-80F5-4CCC0988013A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED87E2F4-838D-46BA-BFD9-DFA28310934B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4511A7B0-96B2-47A7-84AB-FB76078EA007}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files\Enigma Software Group\SpyHunter\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files\Enigma Software Group\
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{735CBB11-3E26-4197-9B1D-8E26F2AE9E66}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Image File Execution Options%s keys deleted
::Prefetch files deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [15542 B] - [2017/3/12 15:26:34]
C:/AdwCleaner/AdwCleaner[C2].txt - [1370 B] - [2017/3/12 15:37:57]
C:/AdwCleaner/AdwCleaner[C3].txt - [26933 B] - [2017/3/21 13:22:51]
C:/AdwCleaner/AdwCleaner[S0].txt - [14350 B] - [2017/3/12 15:21:27]
C:/AdwCleaner/AdwCleaner[S1].txt - [1596 B] - [2017/3/12 15:35:18]
C:/AdwCleaner/AdwCleaner[S2].txt - [1663 B] - [2017/3/12 16:29:11]
C:/AdwCleaner/AdwCleaner[S3].txt - [1736 B] - [2017/3/12 17:37:1]
C:/AdwCleaner/AdwCleaner[S4].txt - [23621 B] - [2017/3/21 13:21:11]
C:/AdwCleaner/AdwCleaner[S5].txt - [4587 B] - [2018/2/21 19:2:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\Elex-tech
Deleted: C:\Users\Vojtěch\AppData\Roaming\Elex-tech
Deleted: C:\Users\Vojtěch\AppData\Roaming\\Firefox
Deleted: C:\Users\Vojtěch\AppData\Roaming\Kuaizip
Deleted: C:\Program Files (x86)\DllKitPRO
***** [ Files ] *****
Deleted: C:\Users\All Users\Documents\\report.dat
Deleted: C:\Users\Public\Documents\\report.dat
Deleted: C:\Users\All Users\Documents\\temp.dat
Deleted: C:\Users\Public\Documents\\temp.dat
Deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: DllKitPRO
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C8B797A0-024C-4D90-80F5-4CCC0988013A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED87E2F4-838D-46BA-BFD9-DFA28310934B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4511A7B0-96B2-47A7-84AB-FB76078EA007}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files\Enigma Software Group\SpyHunter\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files\Enigma Software Group\
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{735CBB11-3E26-4197-9B1D-8E26F2AE9E66}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Image File Execution Options%s keys deleted
::Prefetch files deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [15542 B] - [2017/3/12 15:26:34]
C:/AdwCleaner/AdwCleaner[C2].txt - [1370 B] - [2017/3/12 15:37:57]
C:/AdwCleaner/AdwCleaner[C3].txt - [26933 B] - [2017/3/21 13:22:51]
C:/AdwCleaner/AdwCleaner[S0].txt - [14350 B] - [2017/3/12 15:21:27]
C:/AdwCleaner/AdwCleaner[S1].txt - [1596 B] - [2017/3/12 15:35:18]
C:/AdwCleaner/AdwCleaner[S2].txt - [1663 B] - [2017/3/12 16:29:11]
C:/AdwCleaner/AdwCleaner[S3].txt - [1736 B] - [2017/3/12 17:37:1]
C:/AdwCleaner/AdwCleaner[S4].txt - [23621 B] - [2017/3/21 13:21:11]
C:/AdwCleaner/AdwCleaner[S5].txt - [4587 B] - [2018/2/21 19:2:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu LOGu, infiltrované prohlížeče
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu LOGu, infiltrované prohlížeče
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.02.2018
Ran by Vojtěch (administrator) on VOJTA-PC (21-02-2018 21:06:14)
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\windows\System32\atiesrxx.exe
(AMD) C:\windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Conexant Systems Inc.) C:\windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\windows\System32\dllhost.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Tracker Software Products Ltd.) C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Users\Vojtěch\AppData\Roaming\ICQ\bin\icq.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(forum.viry.cz) C:\Users\Vojtěch\Desktop\Viry\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-06-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2016-09-09] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [pdfSaver3] => c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [385024 2004-05-19] (Tracker Software Products Ltd.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-02] (Disc Soft Ltd)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [icq.desktop] => C:\Users\Vojtěch\AppData\Roaming\ICQ\bin\icq.exe [25955976 2018-02-16] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #5] => C:\Users\Vojtěch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #3] => C:\Users\Vojtěch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\MountPoints2: {c6ee9d95-6520-11e7-829c-3010b3a29d32} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\Vojtěch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
Startup: C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštěnà aplikace OneNote 2010.lnk [2017-01-03]
ShortcutTarget: Výřezy obrazovky a spuštěnà aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959
Tcpip\Parameters: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{173A98E2-94CF-4C66-96EE-C074DC1B9306}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ECE2C3ED-447F-484F-8245-99B223E062FE}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
ManualProxies: 0hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
URLSearchHook: [S-1-5-21-866432661-1050328576-855569735-1002] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-866432661-1050328576-855569735-1002 -> {ECAD7C5B-257A-4BBE-80AD-94EC3417AC9C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-19] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Vojtěch\AppData\Roaming\Greyfirst\Celtx\Profiles\03mji8zv.default [2018-02-21]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2015-12-28] [Legacy] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2015-12-28] [Legacy] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... XXW3828BJH"
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-21] <==== ATTENTION
CHR Extension: (Prezentace) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
CHR Extension: (YouTube) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
CHR Extension: (Adblock Plus) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-06]
CHR Extension: (Tabulky) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-21]
CHR Extension: (AdBlock) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Gmail) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-14]
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-14]
CHR HKU\S-1-5-21-866432661-1050328576-855569735-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Vojtěch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-02-04]
OPR Extension: (Adblocker pro Youtube™) - C:\Users\Vojtěch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-03-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-02] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-14] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-14] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-09-14] (Lenovo)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-09-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)
R2 APXACC; C:\windows\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2017-02-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2017-02-04] (Disc Soft Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\windows\System32\Drivers\sptd.sys [394296 2017-12-31] (Duplex Secure Ltd.)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-21 19:31 - 2018-02-21 19:31 - 000016748 _____ C:\Users\Vojtěch\Desktop\Addition.rar
2018-02-21 19:24 - 2018-02-21 19:24 - 000003625 _____ C:\Users\Vojtěch\Documents\zakon.celtx
2018-02-21 19:23 - 2018-02-21 19:23 - 000000154 _____ C:\Users\Vojtěch\Desktop\prubezne_poznamky.txt
2018-02-21 19:21 - 2018-02-21 21:07 - 000023329 _____ C:\Users\Vojtěch\Desktop\FRST.txt
2018-02-21 19:15 - 2018-02-21 21:06 - 000000000 ____D C:\Users\Vojtěch\Desktop\Viry
2018-02-21 19:15 - 2018-02-21 19:16 - 002403328 _____ (Farbar) C:\Users\Vojtěch\Desktop\FRST64.exe
2018-02-21 19:12 - 2018-02-21 19:29 - 000000000 ____D C:\Users\Vojtěch\Desktop\MOTOL
2018-02-18 16:53 - 2018-02-18 16:53 - 000001235 _____ C:\Users\Vojtěch\Desktop\Torino 2006.lnk
2018-02-18 16:53 - 2018-02-18 16:53 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-18 16:49 - 2018-02-18 16:50 - 000000000 ____D C:\Users\Vojtěch\Desktop\tor322
2018-02-18 16:49 - 2006-01-26 01:24 - 695432304 _____ C:\Users\Vojtěch\Desktop\rld-tora.bin
2018-02-18 16:49 - 2006-01-26 01:24 - 000000074 _____ C:\Users\Vojtěch\Desktop\rld-tora.cue
2018-02-18 16:46 - 2018-02-18 16:46 - 000000000 ____D C:\Users\Vojtěch\Desktop\Torino.Winter.Olympics.2006-RELOADED
2018-02-18 16:01 - 2018-02-18 16:01 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\ESET
2018-02-18 15:48 - 2018-02-18 16:41 - 1245928509 _____ C:\Users\Vojtěch\Downloads\Torino.Winter.Olympics.2006-RELOADED.7z
2018-02-18 15:41 - 2018-02-18 15:41 - 004260984 _____ (ESET) C:\Users\Vojtěch\Downloads\eset_nod32_antivirus_live_installer.exe
2018-02-18 15:29 - 2018-02-18 15:30 - 000901120 _____ C:\Users\Vojtěch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key (1).iso
2018-02-18 15:29 - 2018-02-18 15:29 - 000901120 _____ C:\Users\Vojtěch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key.iso
2018-02-18 15:22 - 2018-02-18 15:29 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2018-02-18 15:13 - 2018-02-18 15:13 - 000000000 ____D C:\windows\System32\Tasks\Games
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\windows\SysWOW64\xlive
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2018-02-18 14:56 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2018-02-18 14:54 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2018-02-18 14:53 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2018-02-18 14:53 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2018-02-18 14:53 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2018-02-18 14:53 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2018-02-18 14:53 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2018-02-18 14:53 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2018-02-18 14:53 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2018-02-18 14:53 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2018-02-18 14:53 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2018-02-18 14:53 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2018-02-17 20:59 - 2018-02-17 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-17 20:26 - 2018-02-18 16:51 - 000000000 ____D C:\Program Files (x86)\2K Sports
2018-02-05 20:59 - 2018-02-05 20:59 - 011047898 _____ C:\Users\Vojtěch\Downloads\SoupalJ_ExtracorporalniOxygenace_LD_2016.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 006449264 _____ C:\Users\Vojtěch\Downloads\DPTX_2013_1_11110_0_376713_0_141163.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 000998622 _____ C:\Users\Vojtěch\Downloads\BPTX_2011_1__0_299860_0_120473.pdf
2018-02-05 20:55 - 2018-02-05 20:55 - 001809523 _____ C:\Users\Vojtěch\Downloads\kardioanestezie-a-perioperacni-pece-v-kardiochirurgii_nahled.pdf
2018-01-31 14:40 - 2018-01-31 14:40 - 000973131 _____ C:\Users\Vojtěch\Downloads\IPTX_2010_1_11150_F1P009_193093_0_95091 (1).pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-21 21:07 - 2017-02-04 14:54 - 000068699 _____ C:\windows\ZAM.krnl.trace
2018-02-21 21:07 - 2017-02-04 14:54 - 000037996 _____ C:\windows\ZAM_Guard.krnl.trace
2018-02-21 21:06 - 2017-03-12 16:55 - 000000000 ____D C:\FRST
2018-02-21 20:42 - 2014-09-13 23:17 - 005803340 _____ C:\windows\system32\perfh005.dat
2018-02-21 20:42 - 2014-09-13 23:17 - 001782534 _____ C:\windows\system32\perfc005.dat
2018-02-21 20:42 - 2014-03-18 10:53 - 000005430 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-21 20:41 - 2015-01-18 23:56 - 000003834 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{AC9158A3-4C3C-4033-B028-C1C6C126075D}
2018-02-21 20:40 - 2015-01-18 23:58 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-866432661-1050328576-855569735-1002
2018-02-21 20:15 - 2015-08-24 14:38 - 000001279 _____ C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2018-02-21 20:15 - 2015-01-18 23:59 - 000000000 ____D C:\ProgramData\LU
2018-02-21 20:09 - 2015-01-31 13:27 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\CrashDumps
2018-02-21 20:08 - 2017-03-22 14:15 - 000000000 ___DO C:\Users\Vojtěch\OneDrive
2018-02-21 20:08 - 2015-01-23 18:37 - 000000000 ____D C:\windows\system32\MRT
2018-02-21 20:06 - 2017-03-12 11:46 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\ICQ
2018-02-21 20:06 - 2015-01-19 15:55 - 000000568 _____ C:\windows\Tasks\MATLAB R2012b Startup Accelerator.job
2018-02-21 20:06 - 2014-09-14 00:13 - 000000000 ____D C:\ProgramData\Energy Manager
2018-02-21 20:04 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-02-21 20:04 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-02-21 20:03 - 2017-03-22 13:47 - 000000000 ____D C:\windows\system32\log
2018-02-21 20:03 - 2015-01-18 23:47 - 000000000 ____D C:\Users\Vojtěch
2018-02-21 20:03 - 2014-09-14 00:01 - 000006656 _____ C:\windows\system32\VfService.trf
2018-02-21 20:03 - 2014-09-13 23:11 - 000065536 _____ C:\windows\system32\spu_storage.bin
2018-02-21 20:02 - 2017-03-12 16:17 - 000000000 ____D C:\AdwCleaner
2018-02-21 20:00 - 2015-01-19 00:01 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\uTorrent
2018-02-21 19:55 - 2015-01-19 01:35 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\vlc
2018-02-21 19:23 - 2017-03-20 17:10 - 000000154 _____ C:\Users\Vojtěch\Desktop\Nový textový dokument (2).txt
2018-02-21 16:02 - 2015-01-18 23:57 - 000000000 ____D C:\Program Files (x86)\Opera
2018-02-21 15:59 - 2015-01-19 00:13 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\Skype
2018-02-20 22:14 - 2015-01-18 23:58 - 000003846 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1421621899
2018-02-20 19:58 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2018-02-20 19:58 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2018-02-19 19:55 - 2015-01-19 00:13 - 000000000 ____D C:\ProgramData\Skype
2018-02-18 21:04 - 2016-02-11 23:16 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\WOW
2018-02-18 16:57 - 2016-04-04 18:05 - 001425408 ___SH C:\Users\Vojtěch\Desktop\Thumbs.db
2018-02-18 15:32 - 2014-09-13 23:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-17 21:01 - 2017-12-31 11:58 - 000000000 ____D C:\Users\Vojtěch\Documents\My ISO Files
2018-02-16 22:36 - 2017-12-09 19:25 - 000000000 ____D C:\Users\Vojtěch\Downloads\Ed Sheeran - x [Deluxe Edition] [2014 ALBUM]
2018-02-14 12:04 - 2015-08-24 14:39 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-14 12:03 - 2017-05-19 05:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-07 20:33 - 2017-03-12 19:05 - 000000000 ____D C:\Users\Vojtěch\Downloads\ICQ
2018-02-07 16:08 - 2015-05-25 16:41 - 000004294 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-07 16:08 - 2015-05-25 16:41 - 000004236 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2018-01-30 14:32 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2018-01-26 11:27 - 2015-12-25 18:21 - 000000000 ___RD C:\Users\Vojtěch\Desktop\Fotky
==================== Files in the root of some directories =======
2017-03-07 15:47 - 2017-03-07 15:47 - 000000031 _____ () C:\Users\Vojtěch\AppData\Local\SQ.RemoverDelete.bat
2017-03-07 15:37 - 2017-03-07 15:37 - 000032038 _____ () C:\Users\Vojtěch\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
Some files in TEMP:
====================
2018-02-17 21:01 - 2018-02-18 16:51 - 000046596 _____ (Sony DADC Austria AG) C:\Users\Vojtěch\AppData\Local\Temp\drm_dialogs.dll
2017-04-03 14:30 - 2018-01-11 09:37 - 058804680 _____ (Skype Technologies S.A.) C:\Users\Vojtěch\AppData\Local\Temp\SkypeSetup.exe
2018-01-11 20:35 - 2017-04-25 15:44 - 000380928 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Vojtěch\AppData\Local\Temp\_unps.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d19311776010e3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\MATLAB R2012b Startup Accelerator.job => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\VojtŘch\Desktop" je 582239 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
LastRegBack: 2016-05-16 02:57
==================== End of FRST.txt ============================
Ran by Vojtěch (administrator) on VOJTA-PC (21-02-2018 21:06:14)
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\windows\System32\atiesrxx.exe
(AMD) C:\windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Conexant Systems Inc.) C:\windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\windows\System32\dllhost.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Tracker Software Products Ltd.) C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Users\Vojtěch\AppData\Roaming\ICQ\bin\icq.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(forum.viry.cz) C:\Users\Vojtěch\Desktop\Viry\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-06-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2016-09-09] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [pdfSaver3] => c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [385024 2004-05-19] (Tracker Software Products Ltd.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-02] (Disc Soft Ltd)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [icq.desktop] => C:\Users\Vojtěch\AppData\Roaming\ICQ\bin\icq.exe [25955976 2018-02-16] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #5] => C:\Users\Vojtěch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #3] => C:\Users\Vojtěch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\MountPoints2: {c6ee9d95-6520-11e7-829c-3010b3a29d32} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\Vojtěch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
Startup: C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštěnà aplikace OneNote 2010.lnk [2017-01-03]
ShortcutTarget: Výřezy obrazovky a spuštěnà aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959
Tcpip\Parameters: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{173A98E2-94CF-4C66-96EE-C074DC1B9306}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ECE2C3ED-447F-484F-8245-99B223E062FE}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
ManualProxies: 0hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
URLSearchHook: [S-1-5-21-866432661-1050328576-855569735-1002] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-866432661-1050328576-855569735-1002 -> {ECAD7C5B-257A-4BBE-80AD-94EC3417AC9C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-19] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Vojtěch\AppData\Roaming\Greyfirst\Celtx\Profiles\03mji8zv.default [2018-02-21]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2015-12-28] [Legacy] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2015-12-28] [Legacy] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... XXW3828BJH"
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-21] <==== ATTENTION
CHR Extension: (Prezentace) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
CHR Extension: (YouTube) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
CHR Extension: (Adblock Plus) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-06]
CHR Extension: (Tabulky) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-21]
CHR Extension: (AdBlock) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Gmail) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-14]
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-14]
CHR HKU\S-1-5-21-866432661-1050328576-855569735-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Vojtěch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-02-04]
OPR Extension: (Adblocker pro Youtube™) - C:\Users\Vojtěch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-03-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-02] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-14] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-14] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-09-14] (Lenovo)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-09-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)
R2 APXACC; C:\windows\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2017-02-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2017-02-04] (Disc Soft Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\windows\System32\Drivers\sptd.sys [394296 2017-12-31] (Duplex Secure Ltd.)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-21 19:31 - 2018-02-21 19:31 - 000016748 _____ C:\Users\Vojtěch\Desktop\Addition.rar
2018-02-21 19:24 - 2018-02-21 19:24 - 000003625 _____ C:\Users\Vojtěch\Documents\zakon.celtx
2018-02-21 19:23 - 2018-02-21 19:23 - 000000154 _____ C:\Users\Vojtěch\Desktop\prubezne_poznamky.txt
2018-02-21 19:21 - 2018-02-21 21:07 - 000023329 _____ C:\Users\Vojtěch\Desktop\FRST.txt
2018-02-21 19:15 - 2018-02-21 21:06 - 000000000 ____D C:\Users\Vojtěch\Desktop\Viry
2018-02-21 19:15 - 2018-02-21 19:16 - 002403328 _____ (Farbar) C:\Users\Vojtěch\Desktop\FRST64.exe
2018-02-21 19:12 - 2018-02-21 19:29 - 000000000 ____D C:\Users\Vojtěch\Desktop\MOTOL
2018-02-18 16:53 - 2018-02-18 16:53 - 000001235 _____ C:\Users\Vojtěch\Desktop\Torino 2006.lnk
2018-02-18 16:53 - 2018-02-18 16:53 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-18 16:49 - 2018-02-18 16:50 - 000000000 ____D C:\Users\Vojtěch\Desktop\tor322
2018-02-18 16:49 - 2006-01-26 01:24 - 695432304 _____ C:\Users\Vojtěch\Desktop\rld-tora.bin
2018-02-18 16:49 - 2006-01-26 01:24 - 000000074 _____ C:\Users\Vojtěch\Desktop\rld-tora.cue
2018-02-18 16:46 - 2018-02-18 16:46 - 000000000 ____D C:\Users\Vojtěch\Desktop\Torino.Winter.Olympics.2006-RELOADED
2018-02-18 16:01 - 2018-02-18 16:01 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\ESET
2018-02-18 15:48 - 2018-02-18 16:41 - 1245928509 _____ C:\Users\Vojtěch\Downloads\Torino.Winter.Olympics.2006-RELOADED.7z
2018-02-18 15:41 - 2018-02-18 15:41 - 004260984 _____ (ESET) C:\Users\Vojtěch\Downloads\eset_nod32_antivirus_live_installer.exe
2018-02-18 15:29 - 2018-02-18 15:30 - 000901120 _____ C:\Users\Vojtěch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key (1).iso
2018-02-18 15:29 - 2018-02-18 15:29 - 000901120 _____ C:\Users\Vojtěch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key.iso
2018-02-18 15:22 - 2018-02-18 15:29 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2018-02-18 15:13 - 2018-02-18 15:13 - 000000000 ____D C:\windows\System32\Tasks\Games
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\windows\SysWOW64\xlive
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2018-02-18 14:56 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2018-02-18 14:54 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2018-02-18 14:53 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2018-02-18 14:53 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2018-02-18 14:53 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2018-02-18 14:53 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2018-02-18 14:53 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2018-02-18 14:53 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2018-02-18 14:53 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2018-02-18 14:53 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2018-02-18 14:53 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2018-02-18 14:53 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2018-02-17 20:59 - 2018-02-17 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-17 20:26 - 2018-02-18 16:51 - 000000000 ____D C:\Program Files (x86)\2K Sports
2018-02-05 20:59 - 2018-02-05 20:59 - 011047898 _____ C:\Users\Vojtěch\Downloads\SoupalJ_ExtracorporalniOxygenace_LD_2016.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 006449264 _____ C:\Users\Vojtěch\Downloads\DPTX_2013_1_11110_0_376713_0_141163.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 000998622 _____ C:\Users\Vojtěch\Downloads\BPTX_2011_1__0_299860_0_120473.pdf
2018-02-05 20:55 - 2018-02-05 20:55 - 001809523 _____ C:\Users\Vojtěch\Downloads\kardioanestezie-a-perioperacni-pece-v-kardiochirurgii_nahled.pdf
2018-01-31 14:40 - 2018-01-31 14:40 - 000973131 _____ C:\Users\Vojtěch\Downloads\IPTX_2010_1_11150_F1P009_193093_0_95091 (1).pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-21 21:07 - 2017-02-04 14:54 - 000068699 _____ C:\windows\ZAM.krnl.trace
2018-02-21 21:07 - 2017-02-04 14:54 - 000037996 _____ C:\windows\ZAM_Guard.krnl.trace
2018-02-21 21:06 - 2017-03-12 16:55 - 000000000 ____D C:\FRST
2018-02-21 20:42 - 2014-09-13 23:17 - 005803340 _____ C:\windows\system32\perfh005.dat
2018-02-21 20:42 - 2014-09-13 23:17 - 001782534 _____ C:\windows\system32\perfc005.dat
2018-02-21 20:42 - 2014-03-18 10:53 - 000005430 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-21 20:41 - 2015-01-18 23:56 - 000003834 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{AC9158A3-4C3C-4033-B028-C1C6C126075D}
2018-02-21 20:40 - 2015-01-18 23:58 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-866432661-1050328576-855569735-1002
2018-02-21 20:15 - 2015-08-24 14:38 - 000001279 _____ C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2018-02-21 20:15 - 2015-01-18 23:59 - 000000000 ____D C:\ProgramData\LU
2018-02-21 20:09 - 2015-01-31 13:27 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\CrashDumps
2018-02-21 20:08 - 2017-03-22 14:15 - 000000000 ___DO C:\Users\Vojtěch\OneDrive
2018-02-21 20:08 - 2015-01-23 18:37 - 000000000 ____D C:\windows\system32\MRT
2018-02-21 20:06 - 2017-03-12 11:46 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\ICQ
2018-02-21 20:06 - 2015-01-19 15:55 - 000000568 _____ C:\windows\Tasks\MATLAB R2012b Startup Accelerator.job
2018-02-21 20:06 - 2014-09-14 00:13 - 000000000 ____D C:\ProgramData\Energy Manager
2018-02-21 20:04 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-02-21 20:04 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-02-21 20:03 - 2017-03-22 13:47 - 000000000 ____D C:\windows\system32\log
2018-02-21 20:03 - 2015-01-18 23:47 - 000000000 ____D C:\Users\Vojtěch
2018-02-21 20:03 - 2014-09-14 00:01 - 000006656 _____ C:\windows\system32\VfService.trf
2018-02-21 20:03 - 2014-09-13 23:11 - 000065536 _____ C:\windows\system32\spu_storage.bin
2018-02-21 20:02 - 2017-03-12 16:17 - 000000000 ____D C:\AdwCleaner
2018-02-21 20:00 - 2015-01-19 00:01 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\uTorrent
2018-02-21 19:55 - 2015-01-19 01:35 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\vlc
2018-02-21 19:23 - 2017-03-20 17:10 - 000000154 _____ C:\Users\Vojtěch\Desktop\Nový textový dokument (2).txt
2018-02-21 16:02 - 2015-01-18 23:57 - 000000000 ____D C:\Program Files (x86)\Opera
2018-02-21 15:59 - 2015-01-19 00:13 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\Skype
2018-02-20 22:14 - 2015-01-18 23:58 - 000003846 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1421621899
2018-02-20 19:58 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2018-02-20 19:58 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2018-02-19 19:55 - 2015-01-19 00:13 - 000000000 ____D C:\ProgramData\Skype
2018-02-18 21:04 - 2016-02-11 23:16 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\WOW
2018-02-18 16:57 - 2016-04-04 18:05 - 001425408 ___SH C:\Users\Vojtěch\Desktop\Thumbs.db
2018-02-18 15:32 - 2014-09-13 23:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-17 21:01 - 2017-12-31 11:58 - 000000000 ____D C:\Users\Vojtěch\Documents\My ISO Files
2018-02-16 22:36 - 2017-12-09 19:25 - 000000000 ____D C:\Users\Vojtěch\Downloads\Ed Sheeran - x [Deluxe Edition] [2014 ALBUM]
2018-02-14 12:04 - 2015-08-24 14:39 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-14 12:03 - 2017-05-19 05:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-07 20:33 - 2017-03-12 19:05 - 000000000 ____D C:\Users\Vojtěch\Downloads\ICQ
2018-02-07 16:08 - 2015-05-25 16:41 - 000004294 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-07 16:08 - 2015-05-25 16:41 - 000004236 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2018-01-30 14:32 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2018-01-26 11:27 - 2015-12-25 18:21 - 000000000 ___RD C:\Users\Vojtěch\Desktop\Fotky
==================== Files in the root of some directories =======
2017-03-07 15:47 - 2017-03-07 15:47 - 000000031 _____ () C:\Users\Vojtěch\AppData\Local\SQ.RemoverDelete.bat
2017-03-07 15:37 - 2017-03-07 15:37 - 000032038 _____ () C:\Users\Vojtěch\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
Some files in TEMP:
====================
2018-02-17 21:01 - 2018-02-18 16:51 - 000046596 _____ (Sony DADC Austria AG) C:\Users\Vojtěch\AppData\Local\Temp\drm_dialogs.dll
2017-04-03 14:30 - 2018-01-11 09:37 - 058804680 _____ (Skype Technologies S.A.) C:\Users\Vojtěch\AppData\Local\Temp\SkypeSetup.exe
2018-01-11 20:35 - 2017-04-25 15:44 - 000380928 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Vojtěch\AppData\Local\Temp\_unps.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d19311776010e3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\MATLAB R2012b Startup Accelerator.job => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\VojtŘch\Desktop" je 582239 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
LastRegBack: 2016-05-16 02:57
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu LOGu, infiltrované prohlížeče
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\Vojtěch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b ... ef38278959
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
uid=ST1000LM014-SSHD-8GB_W3828BJHXXXXW3828BJH&type=hp","hxxp://www.startpageing123.com/?type=hp&ts=149 ... XXW3828BJH"
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-21] <==== ATTENTION
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
C:\Users\Vojtěch\AppData\Local\Temp
EmptyTemp:
End
Z logu:
To je příloš mnoho (a troufám si tvrdit, že jste překonal rekord) a může to způsobovat zpomalení startu systému. Vytpořte v C:\Users\Vojtěch novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístupVelikost slozky "C:\Users\VojtŘch\Desktop" je 582239 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu LOGu, infiltrované prohlížeče
Fix result of Farbar Recovery Scan Tool (x64) Version: 21.02.2018
Ran by Vojtěch (21-02-2018 22:14:45) Run:4
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\Vojtěch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b ... ef38278959
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
uid=ST1000LM014-SSHD-8GB_W3828BJHXXXXW3828BJH&type=hp","hxxp://www.startpageing123.com/?type=hp&ts=149 ... XXW3828BJH"
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-21] <==== ATTENTION
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
C:\Users\Vojtěch\AppData\Local\Temp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{21E0FCA4-DE4A-11E6-844B-64006A5CFC23}" => removed successfully
"HKLM\Software\Classes\CLSID\{21E0FCA4-DE4A-11E6-844B-64006A5CFC23}" => removed successfully
"HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
uid=ST1000LM014-SSHD-8GB_W3828BJHXXXXW3828BJH&type=hp","hxxp://www.startpageing123.com/?type=hp&ts=149 ... XXW3828BJH" => Error: No automatic fix found for this entry.
C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
ZAM => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\ZAM" => removed successfully
ZAM => service removed successfully
ZAM_Guard => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\ZAM_Guard" => removed successfully
ZAM_Guard => service removed successfully
"C:\Users\Vojtěch\AppData\Local\Temp" folder move:
Could not move "C:\Users\Vojtěch\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11833428 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 139018918 B
Edge => 0 B
Chrome => 245760 B
Firefox => 0 B
Opera => 361065305 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 3328 B
NetworkService => -654 B
Vojtěch => 9988286621 B
RecycleBin => 0 B
EmptyTemp: => 9.8 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-02-2018 22:34:16)
C:\Users\Vojtěch\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:34:19 ====
Vše se zdá být funkční...Mockrát děkuji za pomoc
Ran by Vojtěch (21-02-2018 22:14:45) Run:4
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\Vojtěch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b ... ef38278959
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
uid=ST1000LM014-SSHD-8GB_W3828BJHXXXXW3828BJH&type=hp","hxxp://www.startpageing123.com/?type=hp&ts=149 ... XXW3828BJH"
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-21] <==== ATTENTION
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
C:\Users\Vojtěch\AppData\Local\Temp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{21E0FCA4-DE4A-11E6-844B-64006A5CFC23}" => removed successfully
"HKLM\Software\Classes\CLSID\{21E0FCA4-DE4A-11E6-844B-64006A5CFC23}" => removed successfully
"HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
uid=ST1000LM014-SSHD-8GB_W3828BJHXXXXW3828BJH&type=hp","hxxp://www.startpageing123.com/?type=hp&ts=149 ... XXW3828BJH" => Error: No automatic fix found for this entry.
C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
ZAM => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\ZAM" => removed successfully
ZAM => service removed successfully
ZAM_Guard => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\ZAM_Guard" => removed successfully
ZAM_Guard => service removed successfully
"C:\Users\Vojtěch\AppData\Local\Temp" folder move:
Could not move "C:\Users\Vojtěch\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11833428 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 139018918 B
Edge => 0 B
Chrome => 245760 B
Firefox => 0 B
Opera => 361065305 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 3328 B
NetworkService => -654 B
Vojtěch => 9988286621 B
RecycleBin => 0 B
EmptyTemp: => 9.8 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-02-2018 22:34:16)
C:\Users\Vojtěch\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:34:19 ====
Vše se zdá být funkční...Mockrát děkuji za pomoc
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu LOGu, infiltrované prohlížeče
Tak to jsem rád. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?