Prosím o kontrolu logu, děkuji.
Logfile of random's system information tool 1.16 (written by random/random)
Run by PC at 2017-05-07 22:35:43
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 52 GB (32%) free of 160 GB
Total RAM: 3326 MB (50% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:36:36, on 7.5.2017
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16845)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PC\Downloads\RSIT.exe
C:\Program Files\trend micro\PC_RSIT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe" /S
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Action! service (ACTION_SVC) - Unknown owner - C:\Program Files\Mirillis\Action!\action_svc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Cegush Helper (cegushHelpersrv) - Unknown owner - C:\Program Files\Cegush\cegushHelpersrv.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
--
End of file - 5348 bytes
======Scheduled tasks folder======
C:\Windows\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\Windows\system32\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe -check pepperplugin
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-PC-PC-PC - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe
C:\Windows\system32\tasks\avastBCLRestartS-1-5-21-1484727336-25265518-3277325258-1000 - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\DivXUpdate - C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe
C:\Windows\system32\tasks\Game_Booster_AutoUpdate - D:\Program Files\IObit\Game Booster 3\AutoUpdate.exe /AUTORUN
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1484727336-25265518-3277325258-1000Core - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1484727336-25265518-3277325258-1000UA - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1379165523 - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SmartGameBooster SkipUAC (PC) - C:\Program Files\PCGameBoost\Smart Game Booster\SgbMain.exe /skipuac
C:\Windows\system32\tasks\SmartGameBooster Update - C:\Program Files\PCGameBoost\Smart Game Booster\SgbUpdater.exe /auto
C:\Windows\system32\tasks\{10EF8CAF-0183-4B3B-8674-B456C61F14A1} - C:\Windows\system32\pcalua.exe -a C:\Users\PC\Downloads\USBDRVEN.EXE -d C:\Users\PC\Downloads
C:\Windows\system32\tasks\{380A8CAC-D08B-4D80-A9B3-CDA270CB0526} - C:\Windows\system32\pcalua.exe -a "C:\Users\PC\Desktop\Torpark 2.0.0.3a\Data\KillTorpark.exe" -d "C:\Users\PC\Desktop\Torpark 2.0.0.3a\Data"
C:\Windows\system32\tasks\{39D37DCE-0784-47DB-B103-8C81C2AC3A30} - C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\uninstall.exe"
C:\Windows\system32\tasks\{467450D9-8660-4025-88D9-95726870C475} - C:\Windows\system32\pcalua.exe -a C:\Users\PC\Desktop\WLinstaller.exe -d C:\Users\PC\Desktop
C:\Windows\system32\tasks\{62075FDE-F6E7-43CC-8560-DAEE75BFC683} - C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\Res\Campaigns\Odinštaluj_AMBER.exe"
C:\Windows\system32\tasks\{8A7F7DC3-BD75-451E-AE54-8FA0208DAC04} - C:\Windows\system32\pcalua.exe -a "C:\Users\PC\Desktop\Torpark 2.0.0.3a\Torpark.exe" -d "C:\Users\PC\Desktop\Torpark 2.0.0.3a"
C:\Windows\system32\tasks\{B57D8CF1-9D70-4F0B-B923-41A275CB1483} - C:\Windows\system32\pcalua.exe -a "C:\Users\PC\Desktop\Game_Commander_2_klucz\Game Commander 2 + serial\Game Commander 2.exe" -d "C:\Users\PC\Desktop\Game_Commander_2_klucz\Game Commander 2 + serial"
C:\Windows\system32\tasks\{E31432E7-4B88-42FA-9C91-DDD623C4D5B8} - C:\Windows\system32\pcalua.exe -a C:\Users\PC\Desktop\vegaspro90_32bit.exe -d C:\Users\PC\Desktop
C:\Windows\system32\tasks\{EDFBB81C-F8A6-4E33-A647-14217CA8F33E} - C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\FlashpointResistance.exe" -d "D:\Program Files\Codemasters\OperationFlashpoint"
C:\Windows\system32\tasks\{F1B89C98-40FC-47E1-92A4-0F01F7EDA2AA} - C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\UnInstallResistance.exe" -d "D:\Program Files\Codemasters\OperationFlashpoint"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1484727336-25265518-3277325258-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Signature Update - c:\program files\windows defender\MpCmdRun.exe SignatureUpdate
C:\Windows\system32\tasks\Microsoft\Windows\Wireless\GatherWirelessInfo - %windir%\system32\gatherWirelessInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\Wired\GatherWiredInfo - %windir%\system32\gatherWiredInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\WSHReset - %systemroot%\system32\netsh.exe interface tcp set heuristic wsh=default
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\RAC\RACAgent - %windir%\system32\RacAgent.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0) -gc
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ManualDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -i
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification - %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
=========Mozilla firefox=========
ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF48
"sp@avast.com"=C:\Program Files\Alwil Software\Avast5\SafePrice\FF48
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@caminova.com/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2897]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2955]
"Description"=RealJukebox Netscape Plugin
"Path"=D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1675]
"Description"=6.0.12.1675
"Path"=D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\extensions\
trash
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
TinEye Reverse Image Search - extension - tineye@ideeinc.com
NoSquint Plus - extension - zoomlevelplus@zoomlevelplus.net
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\extensions.json
Microsoft .NET Framework Assistant - extension - {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\features\{e4d5dda6-999e-48a3-9c78-1967e611adce}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\features\{e4d5dda6-999e-48a3-9c78-1967e611adce}\hsts-priming@mozilla.org.xpi
SHA-1 deprecation staged rollout - extension - disableSHA1rollout@mozilla.org - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\features\{e4d5dda6-999e-48a3-9c78-1967e611adce}\disableSHA1rollout@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\features\{e4d5dda6-999e-48a3-9c78-1967e611adce}\aushelper@mozilla.org.xpi
TinEye Reverse Image Search - webextension - tineye@ideeinc.com - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\extensions\tineye@ideeinc.com.xpi
Avast Online Security - webextension - wrc@avast.com - C:\Program Files\Alwil Software\Avast5\WebRep\FF48
Avast SafePrice - webextension - sp@avast.com - C:\Program Files\Alwil Software\Avast5\SafePrice\FF48
NoSquint Plus - extension - zoomlevelplus@zoomlevelplus.net - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\extensions\zoomlevelplus@zoomlevelplus.net.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\pluginreg.dat
Plugin - QuickTime Plug-in 7.7.4 - 7.7.4.0 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll
Plugin - QuickTime Plug-in 7.7.4 - 7.7.4.0 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll
Plugin - QuickTime Plug-in 7.7.4 - 7.7.4.0 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll
Plugin - QuickTime Plug-in 7.7.4 - 7.7.4.0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll
Plugin - QuickTime Plug-in 7.7.4 - 7.7.4.0 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll
Plugin - Adobe Acrobat - 9.5.5.316 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 9.5.5.316 - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.33.5 - C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
Plugin - RealPlayer Version Plugin - 6.0.12.1675 - D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
Plugin - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) - 6.0.11.2897 - D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
Plugin - RealJukebox NS Plugin - 1.0.2.2955 - D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
Plugin - NVIDIA 3D Vision - 7.17.13.1106 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - NVIDIA 3D VISION - 7.17.13.1106 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin - Windows Presentation Foundation - 3.5.30729.1 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Plugin - Silverlight Plug-In - 5.1.50901.0 - C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Java(TM) Platform SE 8 U131 - 11.131.2.11 - C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.1310.11 - 11.131.2.11 - C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npdeployJava1.dll
Plugin - DivX Plus Web Player - 3.8.1.397 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll
Plugin - DjVu Plugin Viewer - 1.0.31831.1 - C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll
Plugin - Shockwave Flash - 25.0.0.148 - C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll
Plugin - Google Update - 1.3.32.7 - C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll
=========Google Chrome=========
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb Store 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam Lištička - Email 1.4.2
Extension blmojkbhnkkphngknkmgccmlenfaelkd 1 Seznam Lištička - Slovník 1.4.6
Extension dhancbnhabhandieicagelcddkdfgoif 0 Allavsoft video downloader converter 3.11.7
Extension dhdgffkkebhmkfjojejmpbldmpobfkfo 0 Tampermonkey 4.2.7
Extension eemcgdkfndhakfknompkggombfjjjeno Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 2 avast! Online Security 9.0.2021.112
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.31
Extension mdpljndcmbeikfnlflcggaipgnhiedbl
Extension mfehgcgbbipciphmccgaenjidiccnmng Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.2.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension olfeabkoenfaoljndfecamgilllcpiak 1 Seznam Lištička - Rychlá volba 1.8.7
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Homepage:
default_search_provider.search_url:
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.8.800.115 Shockwave Flash C:\Users\PC\AppData\Local\Google\Chrome\Application\49.0.2623.112\PepperFlash\pepflashplayer.dll
Plugin Chrome Remote Desktop Viewer internal-remoting-viewer
Plugin Native Client C:\Users\PC\AppData\Local\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Users\PC\AppData\Local\Google\Chrome\Application\49.0.2623.112\pdf.dll
Plugin 9.0.0.2008061100 Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
Plugin 6.0.200.2 Java Deployment Toolkit 6.0.200.2 C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
Plugin 6.0.200.2 Java(TM) Platform SE 6 U20 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
Plugin 1.0.0.8 Microsoft® Windows Media Player Firefox Plugin D:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
Plugin 7.7.4 (1680.86) QuickTime Plug-in 7.7.4 D:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
Plugin 7.7.4 (1680.86) QuickTime Plug-in 7.7.4 D:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
Plugin 7.7.4 (1680.86) QuickTime Plug-in 7.7.4 D:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
Plugin 7.7.4 (1680.86) QuickTime Plug-in 7.7.4 D:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
Plugin 7.7.4 (1680.86) QuickTime Plug-in 7.7.4 D:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
Plugin 1.1.0.6 DivX VOD Helper Plug-in C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
Plugin 2, 3, 1, 51 DivX Plus Web Player C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
Plugin 7.1.1.1888 Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
Plugin 7.17.13.1106 NVIDIA 3D Vision C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin 7.17.13.1106 NVIDIA 3D VISION C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin 1.3.21.153 Google Update C:\Users\PC\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
Plugin 3.5.30729.1 built by: SP Windows Presentation Foundation C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Plugin 11,7,700,224 Shockwave Flash C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
Plugin 6.0.11.2897 RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
Plugin 1.0.2.2955 RealJukebox NS Plugin D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
Plugin 6.0.12.1675 RealPlayer Version Plugin D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
Plugin 1.0.0.1 Media Go Detector c:\Program Files\Sony\Media Go\npmediago.dll
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhancbnhabhandieicagelcddkdfgoif]
"Path"=D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-07 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2017-04-04 773920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-07 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [2017-04-04 213824]
"RivaTunerStartupDaemon"=D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe [2009-02-15 24576]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2017-03-17 1046488]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2017-03-17 1046488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-17 601752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2016-06-24 2724896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"StubPath"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.lhacm"=lhacm.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.FICV"=ficvdec_x86.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll
"msacm.avis"=ff_acm.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - "D:\Program Files\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2017-05-07 18:30:26 ----D---- C:\ProgramData\SWCUTemp
2017-05-07 12:22:00 ----D---- C:\Program Files\Common Files\Java
2017-05-05 22:56:42 ----D---- C:\Program Files\Mozilla Firefox
2017-04-17 15:13:18 ----D---- C:\ProgramData\Intel
2017-04-17 15:12:25 ----D---- C:\Program Files\Intel Driver Update Utility
2017-04-16 22:29:41 ----D---- C:\Program Files\SlimDrivers
======List of files/folders modified in the last 1 month======
2017-05-07 22:35:55 ----D---- C:\Windows\Prefetch
2017-05-07 22:35:45 ----D---- C:\Program Files\trend micro
2017-05-07 22:35:13 ----D---- C:\Windows\temp
2017-05-07 21:49:38 ----D---- C:\Windows\system32\drivers
2017-05-07 21:02:01 ----D---- C:\Windows
2017-05-07 19:55:35 ----SHD---- C:\System Volume Information
2017-05-07 18:30:26 ----D---- C:\ProgramData
2017-05-07 18:29:10 ----D---- C:\ProgramData\NVIDIA
2017-05-07 12:22:00 ----SHD---- C:\Windows\Installer
2017-05-07 12:22:00 ----D---- C:\Program Files\Common Files
2017-05-07 12:21:32 ----D---- C:\Windows\System32
2017-05-07 12:21:26 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2017-05-07 12:21:08 ----D---- C:\Program Files\Java
2017-05-07 12:15:31 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-05-06 20:25:38 ----D---- C:\Program Files
2017-04-26 21:36:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-04-26 21:36:19 ----D---- C:\Windows\inf
2017-04-23 19:17:58 ----D---- C:\ProgramData\DivX
2017-04-23 19:17:58 ----D---- C:\Program Files\DivX
2017-04-23 19:17:52 ----D---- C:\Windows\system32\Tasks
2017-04-23 19:17:28 ----D---- C:\Program Files\Common Files\DivX Shared
2017-04-23 19:17:09 ----D---- C:\Users\PC\AppData\Roaming\DivX
2017-04-23 19:08:23 ----D---- C:\Program Files\Common Files\Adobe AIR
2017-04-21 09:35:45 ----D---- C:\Windows\system32\CatRoot2
2017-04-17 15:12:30 ----D---- C:\Windows\winsxs
2017-04-17 15:12:20 ----D---- C:\ProgramData\Package Cache
2017-04-17 12:32:39 ----D---- C:\Windows\Tasks
2017-04-17 11:12:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-04-17 11:12:03 ----D---- C:\Windows\system32\Macromed
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2017-04-04 148208]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2017-04-04 267528]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2017-04-04 41176]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-04-04 62152]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-04-04 279800]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-10-29 721904]
R1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [2002-07-17 16877]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2017-04-04 255184]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-04-04 31064]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2017-04-04 60760]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-04-04 764064]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-04-28 472760]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-04-28 107928]
R3 aswStmXP;aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [2017-04-04 184208]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-03-17 23256]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-26 8939296]
R3 RivaTuner32;RivaTuner32; \??\D:\Program Files\RivaTuner v2.23\RivaTuner32.sys [2009-02-15 9088]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 aa3ubtrt;aa3ubtrt; C:\Windows\system32\drivers\aa3ubtrt.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-04-04 34136]
S3 cpuz138;cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-03-18 26168]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-03-18 40504]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\D:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-12-09 16608]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-27 2149912]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-03-22 119512]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-03-17 51928]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Pcouffin;Low level access layer for CD devices; C:\Windows\System32\Drivers\Pcouffin.sys []
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\D:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2017-04-04 261712]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\system32\FntCache.dll
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2016-06-24 506912]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 WsAppService;Wondershare Application Framework Service; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [2015-12-02 382464]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [2017-04-04 5758120]
S2 cegushHelpersrv;Cegush Helper; C:\Program Files\Cegush\cegushHelpersrv.exe {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-11-29 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MBAMService;MBAMService; D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-02-27 317400]
S3 ACTION_SVC;Action! service; C:\Program Files\Mirillis\Action!\action_svc.exe [2014-10-25 16064]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-17 271448]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-05 172488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2016-11-29 25808]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2016-11-29 45752]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Zdravim 
Jde ciste jen o prevenci, nebo je i nejaky problem?
Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Jde ciste jen o prevenci, nebo je i nejaky problem? Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu
Pouze preventivka
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium SP2 [6.0 Build 6002] (x86)
Date : 2017/05/12 12:37:08
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Kanál IDE (0)
- HL-DT-ST DVD-RAM GH22NP20 ATA Device
- Kanál IDE (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- Kanál IDE (0)
+ Kanál IDE (1)
- SAMSUNG HD642JJ ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- Kanál IDE (0)
- Kanál IDE (1)
- AW2UU4ZC IDE Controller [SCSI]
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD642JJ : 640,1 GB [0/3/1, pd1]
----------------------------------------------------------------------------
(1) SAMSUNG HD642JJ
----------------------------------------------------------------------------
Model : SAMSUNG HD642JJ
Firmware : 1AA01113
Serial Number : S1AFJ90S206264
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1250261615
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 27049 hod.
Power On Count : 6791 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _85 _85 _11 0000000014B4 Čas na roztočení ploten
04 _93 _93 __0 000000001A95 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _95 _95 __0 0000000069A9 Hodin v činnosti
0A 100 100 _51 000000000002 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _93 _93 __0 000000001A87 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _74 _62 __0 00001A0C001A Teplota toku vzduchu
C2 _69 _60 __0 00001F0C001F Teplota
C3 100 100 __0 00000026ABAD Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000002 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 100 100 __0 000000000000 Počet chyb při čtení programů z disku
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5331 4146 4A39 3053 3230 3632 3634 2020 2020 2020
020: 0003 8000 0004 3141 4130 3131 3133 5341 4D53 554E
030: 4720 4844 3634 324A 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 7469 BC41 4123 20FF 0039
090: 0039 0000 FFFE 0000 FE00 0008 0005 005D 86A0 0001
100: 7A6F 4A85 0000 0000 0064 0000 0000 0000 5002 4E92
110: 0058 D6FC 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4CA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 55 55 B4 14 00 00 00 00 00 04 32 00 5D 5D 95
020: 1A 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 64 00 00 00 00 00 00 00 08 25
040: 00 64 64 00 00 00 00 00 00 00 09 32 00 5F 5F A9
050: 69 00 00 00 00 00 0A 33 00 64 64 02 00 00 00 00
060: 00 00 0B 12 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 5D 5D 87 1A 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 4A 3E 1A 00 0C 1A 00
0C0: 00 00 C2 22 00 45 3C 1F 00 0C 1F 00 00 00 C3 1A
0D0: 00 64 64 AD AB 26 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 02 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 75 1E 00 7B
170: 03 00 01 00 02 83 0E 83 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 27
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10
# AdwCleaner v6.046 - Logfile created 12/05/2017 at 12:28:25
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-04-24.1 [Local]
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (X86)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Desktop\adwcleaner_6.046.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
***** [ Files ] *****
[-] File deleted: C:\Users\Public\Desktop\SlimDrivers.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\VbGUI.cToolbar
[-] Key deleted: HKLM\SOFTWARE\Classes\VbGUI.cToolbarHost
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{528B5866-2BA6-42CE-8F74-39FB23B49767}
[-] Key deleted: HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\SlimWare Utilities Inc
[-] Key deleted: HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1
[#] Key deleted on reboot: HKCU\Software\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key deleted: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\SmartPCFixer
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
[#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Features\952BA647474611149866C1269F6A0E36
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Products\952BA647474611149866C1269F6A0E36
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [8240 Bytes] - [18/09/2015 20:40:36]
C:\AdwCleaner\AdwCleaner[C2].txt - [2547 Bytes] - [12/05/2017 12:28:25]
C:\AdwCleaner\AdwCleaner[S1].txt - [9456 Bytes] - [18/09/2015 20:38:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [3271 Bytes] - [12/05/2017 11:14:01]
C:\AdwCleaner\AdwCleaner[S3].txt - [2871 Bytes] - [12/05/2017 12:19:32]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2839 Bytes] ##########
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium SP2 [6.0 Build 6002] (x86)
Date : 2017/05/12 12:37:08
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Kanál IDE (0)
- HL-DT-ST DVD-RAM GH22NP20 ATA Device
- Kanál IDE (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- Kanál IDE (0)
+ Kanál IDE (1)
- SAMSUNG HD642JJ ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- Kanál IDE (0)
- Kanál IDE (1)
- AW2UU4ZC IDE Controller [SCSI]
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD642JJ : 640,1 GB [0/3/1, pd1]
----------------------------------------------------------------------------
(1) SAMSUNG HD642JJ
----------------------------------------------------------------------------
Model : SAMSUNG HD642JJ
Firmware : 1AA01113
Serial Number : S1AFJ90S206264
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1250261615
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 27049 hod.
Power On Count : 6791 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _85 _85 _11 0000000014B4 Čas na roztočení ploten
04 _93 _93 __0 000000001A95 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _95 _95 __0 0000000069A9 Hodin v činnosti
0A 100 100 _51 000000000002 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _93 _93 __0 000000001A87 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _74 _62 __0 00001A0C001A Teplota toku vzduchu
C2 _69 _60 __0 00001F0C001F Teplota
C3 100 100 __0 00000026ABAD Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000002 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 100 100 __0 000000000000 Počet chyb při čtení programů z disku
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5331 4146 4A39 3053 3230 3632 3634 2020 2020 2020
020: 0003 8000 0004 3141 4130 3131 3133 5341 4D53 554E
030: 4720 4844 3634 324A 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 7469 BC41 4123 20FF 0039
090: 0039 0000 FFFE 0000 FE00 0008 0005 005D 86A0 0001
100: 7A6F 4A85 0000 0000 0064 0000 0000 0000 5002 4E92
110: 0058 D6FC 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4CA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 55 55 B4 14 00 00 00 00 00 04 32 00 5D 5D 95
020: 1A 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 64 00 00 00 00 00 00 00 08 25
040: 00 64 64 00 00 00 00 00 00 00 09 32 00 5F 5F A9
050: 69 00 00 00 00 00 0A 33 00 64 64 02 00 00 00 00
060: 00 00 0B 12 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 5D 5D 87 1A 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 4A 3E 1A 00 0C 1A 00
0C0: 00 00 C2 22 00 45 3C 1F 00 0C 1F 00 00 00 C3 1A
0D0: 00 64 64 AD AB 26 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 02 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 75 1E 00 7B
170: 03 00 01 00 02 83 0E 83 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 27
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10
# AdwCleaner v6.046 - Logfile created 12/05/2017 at 12:28:25
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-04-24.1 [Local]
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (X86)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Desktop\adwcleaner_6.046.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
***** [ Files ] *****
[-] File deleted: C:\Users\Public\Desktop\SlimDrivers.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\VbGUI.cToolbar
[-] Key deleted: HKLM\SOFTWARE\Classes\VbGUI.cToolbarHost
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{528B5866-2BA6-42CE-8F74-39FB23B49767}
[-] Key deleted: HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\SlimWare Utilities Inc
[-] Key deleted: HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1
[#] Key deleted on reboot: HKCU\Software\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key deleted: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\SmartPCFixer
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
[#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Features\952BA647474611149866C1269F6A0E36
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Products\952BA647474611149866C1269F6A0E36
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [8240 Bytes] - [18/09/2015 20:40:36]
C:\AdwCleaner\AdwCleaner[C2].txt - [2547 Bytes] - [12/05/2017 12:28:25]
C:\AdwCleaner\AdwCleaner[S1].txt - [9456 Bytes] - [18/09/2015 20:38:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [3271 Bytes] - [12/05/2017 11:14:01]
C:\AdwCleaner\AdwCleaner[S3].txt - [2871 Bytes] - [12/05/2017 12:19:32]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2839 Bytes] ##########
Re: Prosím o kontrolu
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 15.5.2017
Čas skenování: 14:42:20
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2017.05.15.04
Databáze rootkitů: v2017.04.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: PC
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 596850
Uplynulý čas: 5 hod, 14 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 3
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [49276cac6c3da1959bd2912f758dea16],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}, , [2f4160b8149545f1e6f04af6946c37c9],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1484727336-25265518-3277325258-1006_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}, , [135d50c854552c0a7165033d14ecb947],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.SmartPCFixer, C:\Users\Public\Desktop\SmartPCFixer.lnk, , [422e8e8a1495270fffae022168985da3],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 15.5.2017
Čas skenování: 14:42:20
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2017.05.15.04
Databáze rootkitů: v2017.04.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: PC
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 596850
Uplynulý čas: 5 hod, 14 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 3
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [49276cac6c3da1959bd2912f758dea16],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}, , [2f4160b8149545f1e6f04af6946c37c9],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1484727336-25265518-3277325258-1006_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}, , [135d50c854552c0a7165033d14ecb947],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.SmartPCFixer, C:\Users\Public\Desktop\SmartPCFixer.lnk, , [422e8e8a1495270fffae022168985da3],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu
Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (staci jen Sken hrozeb), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 22.5.2017
Čas skenování: 21:40:20
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2017.05.22.08
Databáze rootkitů: v2017.04.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: PC
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 293064
Uplynulý čas: 8 min, 38 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 22.5.2017
Čas skenování: 21:40:20
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2017.05.22.08
Databáze rootkitů: v2017.04.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: PC
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 293064
Uplynulý čas: 8 min, 38 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach (Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-05-2017
Ran by PC (administrator) on PC-PC (27-05-2017 18:57:52)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM\...\Run: [RivaTunerStartupDaemon] => D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe [24576 2009-02-15] ()
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1046488 2017-03-17] (DivX, LLC)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
GroupPolicy: Restriction ? <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C51ECA95-90CD-4287-8E92-25866C0571FB}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-07] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2017-04-04] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-07] (Oracle Corporation)
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: WSWSVCUchrome - No CLSID Value -
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592 [2017-05-27]
FF Homepage: Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592 -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\sp@avast.com.xpi [2017-05-09]
FF Extension: (TinEye Reverse Image Search) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\tineye@ideeinc.com.xpi [2017-03-23]
FF Extension: (Avast Online Security) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\wrc@avast.com.xpi [2017-05-09]
FF Extension: (NoSquint Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\zoomlevelplus@zoomlevelplus.net.xpi [2017-04-24]
FF Extension: (Adblock Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-29] [not signed]
FF HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Firefox\Extensions: [{A2E18BA9-E68C-4c96-AC77-E5F24DF98306}] - D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDFirefoxExt => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-17] ()
FF Plugin: @caminova.com/DjVuPlugin -> C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll [2013-06-03] (Caminova, Inc.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-03-16] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2897 -> D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2955 -> D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1675 -> D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\PC\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [No File]
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @tools.google.com/Google Update;version=3 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @tools.google.com/Google Update;version=9 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2009-09-13] (RealNetworks, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2017-05-01]
CHR Extension: (Seznam Lištička - Email) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-03-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-03-28]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddkdfgoif [2016-07-14]
CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-28]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-03-28]
CHR HKLM\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx [2016-06-24]
StartMenuInternet: Google Chrome.434FZJ5JWZ52LJLD7DSFOJOJHM - C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR StartupUrls: "hxxp://seznam.cz/"
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACTION_SVC; C:\Program Files\Mirillis\Action!\action_svc.exe [16064 2014-10-25] ()
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2017-04-17] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [5732136 2017-05-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506912 2016-06-24] (Sony Corporation)
S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [File not signed]
S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
S2 cegushHelpersrv; "C:\Program Files\Cegush\cegushHelpersrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 ASPI32; C:\Windows\system32\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [258288 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [148696 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [268016 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [41664 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34136 2017-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [31064 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107928 2017-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [60760 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [62152 2017-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [764576 2017-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [482608 2017-05-09] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [181080 2017-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [279800 2017-05-09] (AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2017-03-18] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2017-03-18] (Disc Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [16608 2009-12-09] (Windows (R) 2000 DDK provider)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 RivaTuner32; D:\Program Files\RivaTuner v2.23\RivaTuner32.sys [9088 2009-02-15] () [File not signed]
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [106208 2009-03-25] (MCCI Corporation) [File not signed]
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-10-29] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X]
S3 EverestDriver; \??\D:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Pcouffin; System32\Drivers\Pcouffin.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
S3 WinRing0_1_2_0; \??\D:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]
U3 a9tawwst; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-27 18:57 - 2017-05-27 18:58 - 00018613 _____ C:\Users\PC\Desktop\FRST.txt
2017-05-27 18:56 - 2017-05-27 18:56 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
2017-05-27 18:56 - 2017-05-27 18:56 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-27 18:55 - 2017-05-27 18:55 - 01770496 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2017-05-19 22:29 - 2017-05-21 10:03 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-12 11:11 - 2017-05-12 11:12 - 04102600 _____ C:\Users\PC\Desktop\adwcleaner_6.046.exe
2017-05-12 11:07 - 2017-05-12 11:07 - 00000799 _____ C:\Users\PC\Desktop\CrystalDiskInfo.lnk
2017-05-12 11:07 - 2017-05-12 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-12 11:06 - 2017-05-12 11:06 - 03961080 _____ (Crystal Dew World ) C:\Users\PC\Downloads\CrystalDiskInfo7_0_5.exe
2017-05-11 20:48 - 2017-05-11 20:48 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-05-09 20:21 - 2017-05-09 20:20 - 00330768 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-07 22:35 - 2017-05-07 22:35 - 01206272 _____ C:\Users\PC\Downloads\RSIT.exe
2017-05-07 12:22 - 2017-05-07 12:22 - 00000000 ____D C:\Program Files\Common Files\Java
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-27 18:57 - 2015-09-22 16:27 - 00000000 ____D C:\FRST
2017-05-27 18:51 - 2016-11-17 23:11 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2017-05-27 18:42 - 2009-05-20 19:27 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-27 18:42 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-27 18:42 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-27 18:42 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-26 22:38 - 2006-11-02 15:01 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-05-26 10:08 - 2009-06-19 10:26 - 00000000 ____D C:\Users\PC\AppData\Local\ArmA 2
2017-05-23 21:17 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2017-05-22 21:40 - 2016-05-18 10:38 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-21 15:43 - 2010-06-04 12:39 - 00000000 ____D C:\Windows\Sun
2017-05-21 10:03 - 2014-02-23 22:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-17 21:46 - 2009-12-09 19:25 - 00000000 ____D C:\ProgramData\Skype
2017-05-14 22:03 - 2016-05-18 10:38 - 00000699 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-05-14 22:03 - 2016-05-18 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-05-13 14:29 - 2016-05-03 20:58 - 00181080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstmxp.sys
2017-05-12 12:28 - 2015-09-18 20:38 - 00000000 ____D C:\AdwCleaner
2017-05-12 11:21 - 2010-01-17 23:07 - 00000000 ____D C:\ProgramData\ICQ
2017-05-11 20:48 - 2017-03-15 19:38 - 00000000 ___RD C:\Program Files\Skype
2017-05-10 21:35 - 2016-10-20 16:20 - 00000000 ____D C:\Users\PC\Desktop\scan
2017-05-09 20:20 - 2017-03-07 18:45 - 00268016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-05-09 20:20 - 2017-03-07 18:45 - 00258288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-05-09 20:20 - 2017-03-07 18:45 - 00148696 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-05-09 20:20 - 2017-03-07 18:45 - 00041664 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-05-09 20:20 - 2016-05-03 20:58 - 00031064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-05-09 20:20 - 2014-05-06 16:16 - 00034136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-09 20:20 - 2013-03-15 15:35 - 00279800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-09 20:20 - 2013-03-15 15:35 - 00062152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-09 20:20 - 2011-03-03 17:01 - 00764576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-09 20:20 - 2009-05-20 21:55 - 00482608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-09 20:20 - 2009-05-20 21:55 - 00107928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-09 20:20 - 2009-05-20 21:55 - 00060760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2017-05-07 22:35 - 2012-01-30 17:05 - 00000000 ____D C:\Program Files\trend micro
2017-05-07 12:21 - 2015-07-12 14:13 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-05-07 12:21 - 2013-09-19 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-07 12:21 - 2009-07-16 17:07 - 00000000 ____D C:\Program Files\Java
==================== Files in the root of some directories =======
2011-05-23 19:10 - 2012-09-06 10:52 - 0000132 _____ () C:\Users\PC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2011-04-13 13:47 - 2012-09-06 12:41 - 0114688 _____ () C:\Users\PC\AppData\Roaming\fontdb.mdb
2013-12-06 16:57 - 2016-02-04 21:35 - 0087608 _____ () C:\Users\PC\AppData\Roaming\inst.exe
2012-02-14 16:51 - 2016-02-04 21:35 - 0007887 _____ () C:\Users\PC\AppData\Roaming\pcouffin.cat
2012-02-14 16:51 - 2016-02-04 21:35 - 0001144 _____ () C:\Users\PC\AppData\Roaming\pcouffin.inf
2012-02-14 16:51 - 2016-02-04 21:35 - 0000055 _____ () C:\Users\PC\AppData\Roaming\pcouffin.log
2012-02-14 16:51 - 2016-02-04 21:35 - 0047360 _____ (VSO Software) C:\Users\PC\AppData\Roaming\pcouffin.sys
2009-05-20 18:43 - 2015-03-31 09:12 - 0007916 _____ () C:\Users\PC\AppData\Local\d3d9caps.dat
2009-06-27 20:44 - 2017-04-07 14:28 - 0215552 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-30 13:37 - 2011-09-30 13:38 - 0000000 _____ () C:\Users\PC\AppData\Local\{573435C1-A685-4840-9E50-A8728DBEEF48}
2015-05-17 11:53 - 2015-05-17 11:53 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-12-09 19:41 - 2009-12-09 19:41 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-06-21 12:51 - 2012-11-18 11:40 - 0063906 _____ () C:\ProgramData\nvModes.001
2009-06-21 12:50 - 2012-11-18 11:40 - 0063906 _____ () C:\ProgramData\nvModes.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1042]
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\PC\Desktop" je 63 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by PC (administrator) on PC-PC (27-05-2017 18:57:52)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM\...\Run: [RivaTunerStartupDaemon] => D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe [24576 2009-02-15] ()
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1046488 2017-03-17] (DivX, LLC)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
GroupPolicy: Restriction ? <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C51ECA95-90CD-4287-8E92-25866C0571FB}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-07] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2017-04-04] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-07] (Oracle Corporation)
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: WSWSVCUchrome - No CLSID Value -
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592 [2017-05-27]
FF Homepage: Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592 -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\sp@avast.com.xpi [2017-05-09]
FF Extension: (TinEye Reverse Image Search) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\tineye@ideeinc.com.xpi [2017-03-23]
FF Extension: (Avast Online Security) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\wrc@avast.com.xpi [2017-05-09]
FF Extension: (NoSquint Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\zoomlevelplus@zoomlevelplus.net.xpi [2017-04-24]
FF Extension: (Adblock Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-29] [not signed]
FF HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Firefox\Extensions: [{A2E18BA9-E68C-4c96-AC77-E5F24DF98306}] - D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDFirefoxExt => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-17] ()
FF Plugin: @caminova.com/DjVuPlugin -> C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll [2013-06-03] (Caminova, Inc.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-03-16] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2897 -> D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2955 -> D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1675 -> D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\PC\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [No File]
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @tools.google.com/Google Update;version=3 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @tools.google.com/Google Update;version=9 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-07-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2009-09-13] (RealNetworks, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2017-05-01]
CHR Extension: (Seznam Lištička - Email) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-03-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-03-28]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddkdfgoif [2016-07-14]
CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-28]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-03-28]
CHR HKLM\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx [2016-06-24]
StartMenuInternet: Google Chrome.434FZJ5JWZ52LJLD7DSFOJOJHM - C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR StartupUrls: "hxxp://seznam.cz/"
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACTION_SVC; C:\Program Files\Mirillis\Action!\action_svc.exe [16064 2014-10-25] ()
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2017-04-17] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [5732136 2017-05-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506912 2016-06-24] (Sony Corporation)
S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [File not signed]
S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
S2 cegushHelpersrv; "C:\Program Files\Cegush\cegushHelpersrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 ASPI32; C:\Windows\system32\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [258288 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [148696 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [268016 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [41664 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34136 2017-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [31064 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107928 2017-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [60760 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [62152 2017-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [764576 2017-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [482608 2017-05-09] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [181080 2017-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [279800 2017-05-09] (AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2017-03-18] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2017-03-18] (Disc Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [16608 2009-12-09] (Windows (R) 2000 DDK provider)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 RivaTuner32; D:\Program Files\RivaTuner v2.23\RivaTuner32.sys [9088 2009-02-15] () [File not signed]
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [106208 2009-03-25] (MCCI Corporation) [File not signed]
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-10-29] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X]
S3 EverestDriver; \??\D:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Pcouffin; System32\Drivers\Pcouffin.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
S3 WinRing0_1_2_0; \??\D:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]
U3 a9tawwst; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-27 18:57 - 2017-05-27 18:58 - 00018613 _____ C:\Users\PC\Desktop\FRST.txt
2017-05-27 18:56 - 2017-05-27 18:56 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
2017-05-27 18:56 - 2017-05-27 18:56 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-27 18:55 - 2017-05-27 18:55 - 01770496 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2017-05-19 22:29 - 2017-05-21 10:03 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-12 11:11 - 2017-05-12 11:12 - 04102600 _____ C:\Users\PC\Desktop\adwcleaner_6.046.exe
2017-05-12 11:07 - 2017-05-12 11:07 - 00000799 _____ C:\Users\PC\Desktop\CrystalDiskInfo.lnk
2017-05-12 11:07 - 2017-05-12 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-12 11:06 - 2017-05-12 11:06 - 03961080 _____ (Crystal Dew World ) C:\Users\PC\Downloads\CrystalDiskInfo7_0_5.exe
2017-05-11 20:48 - 2017-05-11 20:48 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-05-09 20:21 - 2017-05-09 20:20 - 00330768 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-07 22:35 - 2017-05-07 22:35 - 01206272 _____ C:\Users\PC\Downloads\RSIT.exe
2017-05-07 12:22 - 2017-05-07 12:22 - 00000000 ____D C:\Program Files\Common Files\Java
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-27 18:57 - 2015-09-22 16:27 - 00000000 ____D C:\FRST
2017-05-27 18:51 - 2016-11-17 23:11 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2017-05-27 18:42 - 2009-05-20 19:27 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-27 18:42 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-27 18:42 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-27 18:42 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-26 22:38 - 2006-11-02 15:01 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-05-26 10:08 - 2009-06-19 10:26 - 00000000 ____D C:\Users\PC\AppData\Local\ArmA 2
2017-05-23 21:17 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2017-05-22 21:40 - 2016-05-18 10:38 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-21 15:43 - 2010-06-04 12:39 - 00000000 ____D C:\Windows\Sun
2017-05-21 10:03 - 2014-02-23 22:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-17 21:46 - 2009-12-09 19:25 - 00000000 ____D C:\ProgramData\Skype
2017-05-14 22:03 - 2016-05-18 10:38 - 00000699 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-05-14 22:03 - 2016-05-18 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-05-13 14:29 - 2016-05-03 20:58 - 00181080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstmxp.sys
2017-05-12 12:28 - 2015-09-18 20:38 - 00000000 ____D C:\AdwCleaner
2017-05-12 11:21 - 2010-01-17 23:07 - 00000000 ____D C:\ProgramData\ICQ
2017-05-11 20:48 - 2017-03-15 19:38 - 00000000 ___RD C:\Program Files\Skype
2017-05-10 21:35 - 2016-10-20 16:20 - 00000000 ____D C:\Users\PC\Desktop\scan
2017-05-09 20:20 - 2017-03-07 18:45 - 00268016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-05-09 20:20 - 2017-03-07 18:45 - 00258288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-05-09 20:20 - 2017-03-07 18:45 - 00148696 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-05-09 20:20 - 2017-03-07 18:45 - 00041664 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-05-09 20:20 - 2016-05-03 20:58 - 00031064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-05-09 20:20 - 2014-05-06 16:16 - 00034136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-09 20:20 - 2013-03-15 15:35 - 00279800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-09 20:20 - 2013-03-15 15:35 - 00062152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-09 20:20 - 2011-03-03 17:01 - 00764576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-09 20:20 - 2009-05-20 21:55 - 00482608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-09 20:20 - 2009-05-20 21:55 - 00107928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-09 20:20 - 2009-05-20 21:55 - 00060760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2017-05-07 22:35 - 2012-01-30 17:05 - 00000000 ____D C:\Program Files\trend micro
2017-05-07 12:21 - 2015-07-12 14:13 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-05-07 12:21 - 2013-09-19 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-07 12:21 - 2009-07-16 17:07 - 00000000 ____D C:\Program Files\Java
==================== Files in the root of some directories =======
2011-05-23 19:10 - 2012-09-06 10:52 - 0000132 _____ () C:\Users\PC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2011-04-13 13:47 - 2012-09-06 12:41 - 0114688 _____ () C:\Users\PC\AppData\Roaming\fontdb.mdb
2013-12-06 16:57 - 2016-02-04 21:35 - 0087608 _____ () C:\Users\PC\AppData\Roaming\inst.exe
2012-02-14 16:51 - 2016-02-04 21:35 - 0007887 _____ () C:\Users\PC\AppData\Roaming\pcouffin.cat
2012-02-14 16:51 - 2016-02-04 21:35 - 0001144 _____ () C:\Users\PC\AppData\Roaming\pcouffin.inf
2012-02-14 16:51 - 2016-02-04 21:35 - 0000055 _____ () C:\Users\PC\AppData\Roaming\pcouffin.log
2012-02-14 16:51 - 2016-02-04 21:35 - 0047360 _____ (VSO Software) C:\Users\PC\AppData\Roaming\pcouffin.sys
2009-05-20 18:43 - 2015-03-31 09:12 - 0007916 _____ () C:\Users\PC\AppData\Local\d3d9caps.dat
2009-06-27 20:44 - 2017-04-07 14:28 - 0215552 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-30 13:37 - 2011-09-30 13:38 - 0000000 _____ () C:\Users\PC\AppData\Local\{573435C1-A685-4840-9E50-A8728DBEEF48}
2015-05-17 11:53 - 2015-05-17 11:53 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-12-09 19:41 - 2009-12-09 19:41 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-06-21 12:51 - 2012-11-18 11:40 - 0063906 _____ () C:\ProgramData\nvModes.001
2009-06-21 12:50 - 2012-11-18 11:40 - 0063906 _____ () C:\ProgramData\nvModes.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1042]
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\PC\Desktop" je 63 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (15.09 KiB) Staženo 86 x
Re: Prosím o kontrolu
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
GroupPolicy: Restriction ? <======= ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
Handler: WSWSVCUchrome - No CLSID Value -
S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed]
S2 cegushHelpersrv; "C:\Program Files\Cegush\cegushHelpersrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
S3 WinRing0_1_2_0; \??\D:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]
C:\Program Files\Cegush\cegushHelpersrv.exe
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1042]
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.exe: => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.scr: => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\batfile: <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.bat: => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.cmd: cmdfile => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.reg: => <===== ATTENTION
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x86) Version: 24-05-2017
Ran by PC (30-05-2017 18:17:02) Run:2
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
GroupPolicy: Restriction ? <======= ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
Handler: WSWSVCUchrome - No CLSID Value -
S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed]
S2 cegushHelpersrv; "C:\Program Files\Cegush\cegushHelpersrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
S3 WinRing0_1_2_0; \??\D:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]
C:\Program Files\Cegush\cegushHelpersrv.exe
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1042]
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.exe: => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.scr: => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\batfile: <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.bat: => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.cmd: cmdfile => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.reg: => <===== ATTENTION
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => value removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully.
HKCR\PROTOCOLS\Handler\WSWSVCUchrome => key not found.
HKLM\System\CurrentControlSet\Services\SkypeUpdate => key removed successfully.
SkypeUpdate => service removed successfully.
HKLM\System\CurrentControlSet\Services\cegushHelpersrv => key removed successfully.
cegushHelpersrv => service removed successfully.
HKLM\System\CurrentControlSet\Services\WinRing0_1_2_0 => key removed successfully.
WinRing0_1_2_0 => service removed successfully.
"C:\Program Files\Cegush\cegushHelpersrv.exe" => not found.
C:\ProgramData\TEMP => ":05EE1EEF" ADS removed successfully..
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => key removed successfully.
HKLM\Software\Classes\cmdfile\DefaultIcon\\Default => value restored successfully
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.exe => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.scr => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\batfile => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.bat => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.cmd => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.reg => key removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6713257 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 333060 B
Edge => 0 B
Chrome => 373760 B
Firefox => 12439288 B
Opera => 27864671 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 808 B
LocalService => 0 B
NetworkService => 0 B
PC => 166414 B
apache2triad => 0 B
apache2triad.PC-PC => 0 B
apache2triad.PC-PC.000 => 0 B
apache2triad.PC-PC.001 => 0 B
UpdatusUser => 0 B
RecycleBin => 0 B
EmptyTemp: => 53.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:18:20 ====
Ran by PC (30-05-2017 18:17:02) Run:2
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
GroupPolicy: Restriction ? <======= ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
Handler: WSWSVCUchrome - No CLSID Value -
S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed]
S2 cegushHelpersrv; "C:\Program Files\Cegush\cegushHelpersrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
S3 WinRing0_1_2_0; \??\D:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]
C:\Program Files\Cegush\cegushHelpersrv.exe
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1042]
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.exe: => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.scr: => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\batfile: <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.bat: => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.cmd: cmdfile => <===== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.reg: => <===== ATTENTION
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => value removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully.
HKCR\PROTOCOLS\Handler\WSWSVCUchrome => key not found.
HKLM\System\CurrentControlSet\Services\SkypeUpdate => key removed successfully.
SkypeUpdate => service removed successfully.
HKLM\System\CurrentControlSet\Services\cegushHelpersrv => key removed successfully.
cegushHelpersrv => service removed successfully.
HKLM\System\CurrentControlSet\Services\WinRing0_1_2_0 => key removed successfully.
WinRing0_1_2_0 => service removed successfully.
"C:\Program Files\Cegush\cegushHelpersrv.exe" => not found.
C:\ProgramData\TEMP => ":05EE1EEF" ADS removed successfully..
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => key removed successfully.
HKLM\Software\Classes\cmdfile\DefaultIcon\\Default => value restored successfully
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.exe => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.scr => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\batfile => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.bat => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.cmd => key removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Classes\.reg => key removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6713257 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 333060 B
Edge => 0 B
Chrome => 373760 B
Firefox => 12439288 B
Opera => 27864671 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 808 B
LocalService => 0 B
NetworkService => 0 B
PC => 166414 B
apache2triad => 0 B
apache2triad.PC-PC => 0 B
apache2triad.PC-PC.000 => 0 B
apache2triad.PC-PC.001 => 0 B
UpdatusUser => 0 B
RecycleBin => 0 B
EmptyTemp: => 53.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:18:20 ====
Re: Prosím o kontrolu
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu
Provedeno. Systém pracuje bez problémů. Děkuji za pomoc.
Re: Prosím o kontrolu
Nemate zac!
Mejte se a treba zase nekdy
Mejte se a treba zase nekdy
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?