Zdravím odborníky,
nějakou dobu mi občas problikne na obrazovce okno příkazového řádku. Zmizí tak rychle že není vidět co se v okně děje. Prosím o kontrolu PC.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-06-2017
Ran by VE (administrator) on TOSHIBA (12-06-2017 10:02:34)
Running from C:\Users\VE\Desktop
Loaded Profiles: VE (Available Profiles: VE & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-11] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [101888 2011-06-08] (Leadtek Research Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2920448 2010-08-11] (Leadtek Research Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-06-14] (Samsung)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-06-14] (Samsung)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\VE\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\VE\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [Google Update] => C:\Users\VE\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-29] (Google Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A9E7B242-AB75-4C66-B556-7F7DB3EAC1A1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{afeb5dd5-a3e1-4703-b764-c52cf06df799}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e2d80cfb-d6ca-43d1-83eb-f8d159b1c896}: [DhcpNameServer] 192.168.2.254
Internet Explorer:
==================
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {F33A4B26-5A82-442B-9FA5-E3CDE9A05EE2} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
DPF: HKLM-x32 {A37D61CF-622A-4775-955E-492A0616D75F} hxxps://tc.mestonachod.cz/Gordic/Ginis/App/SSD01/gin/ax/ax2.cab
DPF: HKLM-x32 {BC9B791F-CE75-4DD2-81FD-58CD28FECCAF} hxxps://tc.mestonachod.cz/Gordic/Ginis/App/SSD01/gin/ax/GordicAxSecurity.cab
DPF: HKLM-x32 {C12B6761-AD05-4DA8-9F44-589635C31867} hxxps://tc.mestonachod.cz/Gordic/Ginis/App/SSD01/gin/ax/GordicAxSecurityUninstall.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default [2017-06-12]
FF NewTab: Mozilla\Firefox\Profiles\g4yra9oa.default -> www.google.com
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\g4yra9oa.default -> Google
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\g4yra9oa.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\g4yra9oa.default ->
FF Homepage: Mozilla\Firefox\Profiles\g4yra9oa.default -> hxxps://www.seznam.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\g4yra9oa.default -> hxxps://www.google.com/search
FF Extension: (Firebug) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-01]
FF Extension: (Avast SafePrice) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Firefox Synchronisation Extension) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\synchronize@nokia.suite [2013-05-14] [not signed]
FF Extension: (Avast Online Security) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (FireShot) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-09-04]
FF Extension: (ColorZilla) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2017-03-08]
FF Extension: (FireFTP) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2017-01-31]
FF Extension: (Video DownloadHelper) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Web Developer) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2017-04-10]
FF Extension: (Seznam lištička) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-09]
FF Extension: (Follow-on Search Telemetry) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\features\{e87e08c0-40c4-4cda-9a97-9964375c84f4}\followonsearch@mozilla.com.xpi [2017-06-06]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-22] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-22] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2089270285-844728859-2846910010-1000: @tools.google.com/Google Update;version=3 -> C:\Users\VE\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2089270285-844728859-2846910010-1000: @tools.google.com/Google Update;version=9 -> C:\Users\VE\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
Chrome:
=======
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default [2017-04-10]
CHR Extension: (Prezentace Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-25]
CHR Extension: (Dokumenty Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-25]
CHR Extension: (Disk Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-25]
CHR Extension: (Seznam Lištička - Email) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-21]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-21]
CHR Extension: (YouTube) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-25]
CHR Extension: (Adobe Acrobat) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-21]
CHR Extension: (Tabulky Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-21]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-21]
CHR Extension: (Gmail) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-10] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-06] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-03-20] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-08-05] (Toshiba Europe GmbH)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-11] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-11] (AVAST Software)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-10] (AVG Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-04-30] () [File not signed]
R3 LgBttPort; C:\WINDOWS\system32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\WINDOWS\System32\drivers\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\WINDOWS\system32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-12] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-08-10] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-12 10:02 - 2017-06-12 10:03 - 00026916 _____ C:\Users\VE\Desktop\FRST.txt
2017-06-12 09:55 - 2017-06-12 10:02 - 02438656 _____ (Farbar) C:\Users\VE\Desktop\FRST64.exe
2017-06-12 09:55 - 2017-06-12 09:55 - 00000000 ____D C:\Users\VE\Desktop\FRST-OlderVersion
2017-06-10 22:19 - 2017-06-10 22:19 - 00000000 ____D C:\Users\VE\Desktop\foto-umag
2017-05-26 08:34 - 2017-05-26 08:34 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-05-26 08:34 - 2017-05-26 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-26 08:33 - 2017-05-26 08:33 - 00000000 ____D C:\Program Files\iPod
2017-05-26 08:32 - 2017-05-26 08:34 - 00000000 ____D C:\Program Files\iTunes
2017-05-26 08:22 - 2017-05-26 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-05-24 16:29 - 2017-05-24 16:30 - 00000000 ____D C:\Users\VE\Documents\Dovolená - Umag
2017-05-15 09:57 - 2017-05-15 09:57 - 65347882 _____ C:\Users\VE\Desktop\Krmení.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-12 10:02 - 2017-01-31 19:23 - 00000000 ____D C:\FRST
2017-06-12 09:20 - 2016-10-03 09:25 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-10 22:13 - 2013-08-31 10:00 - 00000000 ____D C:\Users\VE\AppData\Roaming\vlc
2017-06-10 15:34 - 2017-03-17 18:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-10 15:34 - 2011-05-03 10:57 - 00000000 ____D C:\ProgramData\Skype
2017-06-09 18:42 - 2017-02-10 08:21 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-09 13:31 - 2017-02-22 12:33 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-09 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-08 18:25 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-08 14:54 - 2016-11-17 11:27 - 00000000 ____D C:\Users\VE\Documents\PPC-service
2017-06-04 15:21 - 2017-02-13 08:42 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-06-02 10:27 - 2016-10-03 10:08 - 00004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1461604013
2017-06-02 10:27 - 2016-04-25 19:07 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-31 07:43 - 2016-11-26 10:40 - 00000000 ____D C:\Users\VE\AppData\LocalLow\Mozilla
2017-05-31 07:43 - 2016-11-22 20:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-31 07:43 - 2012-05-19 10:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-29 21:14 - 2015-08-10 17:03 - 00000000 ____D C:\Users\VE\AppData\Local\Packages
2017-05-29 13:49 - 2011-12-22 23:06 - 00001480 _____ C:\Users\VE\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2017-05-29 09:49 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-29 09:47 - 2011-07-04 06:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 08:22 - 2016-10-03 09:33 - 03060642 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-26 08:22 - 2016-07-17 00:25 - 01224988 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-26 08:22 - 2016-07-17 00:25 - 00329416 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-26 08:22 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-25 13:05 - 2017-03-08 09:51 - 00000000 ____D C:\Users\VE\Documents\Soubory aplikace Outlook
2017-05-25 11:36 - 2017-01-03 08:33 - 00000000 ____D C:\Users\VE\Documents\VE
2017-05-23 14:59 - 2017-03-02 10:41 - 00000000 ____D C:\Users\VE\Documents\Vlastní šablony Office
2017-05-23 07:42 - 2013-08-18 22:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 07:34 - 2011-12-19 17:34 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-17 09:52 - 2017-01-31 11:32 - 00000000 ____D C:\Users\VE\AppData\Roaming\Google
2017-05-16 20:38 - 2016-10-03 09:33 - 03031802 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-15 12:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-13 05:56 - 2014-01-21 18:05 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
==================== Files in the root of some directories =======
2013-06-26 17:56 - 2014-01-14 22:45 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2012-12-26 20:18 - 2016-06-13 16:55 - 0000132 _____ () C:\Users\VE\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2014-05-30 08:43 - 2017-03-06 10:54 - 0000132 _____ () C:\Users\VE\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2013-05-20 17:10 - 2015-06-04 17:08 - 0000096 _____ () C:\Users\VE\AppData\Roaming\Camdata.ini
2013-05-20 17:10 - 2015-06-04 17:08 - 0000408 _____ () C:\Users\VE\AppData\Roaming\CamLayout.ini
2013-05-20 17:10 - 2015-06-04 17:08 - 0000408 _____ () C:\Users\VE\AppData\Roaming\CamShapes.ini
2013-05-20 17:10 - 2015-06-04 17:08 - 0004521 _____ () C:\Users\VE\AppData\Roaming\CamStudio.cfg
2013-05-20 17:17 - 2013-05-20 17:17 - 0000098 _____ () C:\Users\VE\AppData\Roaming\CamStudio.Producer.command
2013-05-20 17:18 - 2013-05-20 17:18 - 0000000 _____ () C:\Users\VE\AppData\Roaming\CamStudio.Producer.Data.ini
2013-05-20 17:18 - 2013-05-20 17:18 - 0001207 _____ () C:\Users\VE\AppData\Roaming\CamStudio.Producer.ini
2011-12-22 23:06 - 2017-05-29 13:49 - 0001480 _____ () C:\Users\VE\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-30 20:15 - 2015-12-30 20:15 - 0013312 _____ () C:\Users\VE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-09 22:37 - 2014-10-09 22:37 - 0007605 _____ () C:\Users\VE\AppData\Local\Resmon.ResmonCfg
2012-08-07 22:46 - 2012-08-07 22:46 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
2017-04-24 21:43 - 2017-04-24 21:43 - 0739904 _____ (Oracle Corporation) C:\Users\VE\AppData\Local\Temp\jre-8u131-windows-au.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-02 11:11
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problikává okno příkazového řádku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problikává okno příkazového řádku
Zdravím!
Vyskakující okno přík řádku může souviset s nějakou instalací, kterou jste nedávno dělal. Spusťte tuto utilitu:
Vyskakující okno přík řádku může souviset s nějakou instalací, kterou jste nedávno dělal. Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problikává okno příkazového řádku
Dobrý den,
posílám log AdwCleaner:
# AdwCleaner v6.047 - Log vytvořen 14/06/2017 v 14:13:02
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-14.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : VE - TOSHIBA
# Spuštěno z : C:\Users\VE\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\ProgramData\BSD\DriverHive
[-] Složka smazána: C:\ProgramData\BSD\DriverHiveEngine
[-] Složka smazána: C:\ProgramData\Auslogics
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[-] Složka smazána: C:\Program Files (x86)\Auslogics
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\VE\Desktop\Auslogics Disk Defrag.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKU\S-1-5-21-2089270285-844728859-2846910010-1000\Software\BSD
[#] Klíč smazán po restartu: HKCU\Software\BSD
[-] Klíč smazán: HKLM\SOFTWARE\Auslogics
[-] Klíč smazán: HKLM\SOFTWARE\BSD
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\BSD
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock2 - Smazáno C:\Program Files (x86)\Bonjour\mdnsNSP.dll
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4933 Bajty] - [31/01/2017 07:08:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [1687 Bajty] - [14/06/2017 14:13:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [4801 Bajty] - [31/01/2017 07:07:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [2048 Bajty] - [14/06/2017 14:09:38]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1906 Bajty] ##########
posílám log AdwCleaner:
# AdwCleaner v6.047 - Log vytvořen 14/06/2017 v 14:13:02
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-14.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : VE - TOSHIBA
# Spuštěno z : C:\Users\VE\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\ProgramData\BSD\DriverHive
[-] Složka smazána: C:\ProgramData\BSD\DriverHiveEngine
[-] Složka smazána: C:\ProgramData\Auslogics
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[-] Složka smazána: C:\Program Files (x86)\Auslogics
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\VE\Desktop\Auslogics Disk Defrag.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKU\S-1-5-21-2089270285-844728859-2846910010-1000\Software\BSD
[#] Klíč smazán po restartu: HKCU\Software\BSD
[-] Klíč smazán: HKLM\SOFTWARE\Auslogics
[-] Klíč smazán: HKLM\SOFTWARE\BSD
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\BSD
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock2 - Smazáno C:\Program Files (x86)\Bonjour\mdnsNSP.dll
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4933 Bajty] - [31/01/2017 07:08:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [1687 Bajty] - [14/06/2017 14:13:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [4801 Bajty] - [31/01/2017 07:07:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [2048 Bajty] - [14/06/2017 14:09:38]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1906 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problikává okno příkazového řádku
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problikává okno příkazového řádku
Posilam novy log FRST. Probliknuti okna prikazoveho radku jsem nyni nezaznamenal.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-06-2017
Ran by VE (administrator) on TOSHIBA (14-06-2017 15:35:54)
Running from C:\Users\VE\Desktop
Loaded Profiles: VE (Available Profiles: VE & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-11] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [101888 2011-06-08] (Leadtek Research Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2920448 2010-08-11] (Leadtek Research Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-06-14] (Samsung)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-06-14] (Samsung)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\VE\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\VE\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [Google Update] => C:\Users\VE\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-29] (Google Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A9E7B242-AB75-4C66-B556-7F7DB3EAC1A1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{afeb5dd5-a3e1-4703-b764-c52cf06df799}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e2d80cfb-d6ca-43d1-83eb-f8d159b1c896}: [DhcpNameServer] 192.168.2.254
Internet Explorer:
==================
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {F33A4B26-5A82-442B-9FA5-E3CDE9A05EE2} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
DPF: HKLM-x32 {A37D61CF-622A-4775-955E-492A0616D75F} hxxps://tc.mestonachod.cz/Gordic/Ginis/App/SSD01/gin/ax/ax2.cab
DPF: HKLM-x32 {BC9B791F-CE75-4DD2-81FD-58CD28FECCAF} hxxps://tc.mestonachod.cz/Gordic/Ginis/App/SSD01/gin/ax/GordicAxSecurity.cab
DPF: HKLM-x32 {C12B6761-AD05-4DA8-9F44-589635C31867} hxxps://tc.mestonachod.cz/Gordic/Ginis/App/SSD01/gin/ax/GordicAxSecurityUninstall.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default [2017-06-14]
FF NewTab: Mozilla\Firefox\Profiles\g4yra9oa.default -> www.google.com
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\g4yra9oa.default -> Google
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\g4yra9oa.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\g4yra9oa.default ->
FF Homepage: Mozilla\Firefox\Profiles\g4yra9oa.default -> hxxps://www.seznam.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\g4yra9oa.default -> hxxps://www.google.com/search
FF Extension: (Firebug) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-01]
FF Extension: (Avast SafePrice) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Firefox Synchronisation Extension) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\synchronize@nokia.suite [2013-05-14] [not signed]
FF Extension: (Avast Online Security) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (FireShot) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-09-04]
FF Extension: (ColorZilla) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2017-03-08]
FF Extension: (FireFTP) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2017-01-31]
FF Extension: (Video DownloadHelper) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Web Developer) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2017-04-10]
FF Extension: (Seznam lištička) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-09]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-22] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-22] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2089270285-844728859-2846910010-1000: @tools.google.com/Google Update;version=3 -> C:\Users\VE\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2089270285-844728859-2846910010-1000: @tools.google.com/Google Update;version=9 -> C:\Users\VE\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
Chrome:
=======
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default [2017-04-10]
CHR Extension: (Prezentace Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-25]
CHR Extension: (Dokumenty Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-25]
CHR Extension: (Disk Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-25]
CHR Extension: (Seznam Lištička - Email) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-21]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-21]
CHR Extension: (YouTube) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-25]
CHR Extension: (Adobe Acrobat) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-21]
CHR Extension: (Tabulky Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-21]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-21]
CHR Extension: (Gmail) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-10] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-06] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-03-20] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-08-05] (Toshiba Europe GmbH)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-11] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-11] (AVAST Software)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-10] (AVG Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-04-30] () [File not signed]
R3 LgBttPort; C:\WINDOWS\system32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\WINDOWS\System32\drivers\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\WINDOWS\system32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-12] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-08-10] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-14 15:00 - 2017-06-14 15:00 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-14 14:05 - 2017-06-14 14:06 - 04110280 _____ C:\Users\VE\Desktop\adwcleaner_6.047.exe
2017-06-13 11:27 - 2017-06-13 11:27 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-12 10:03 - 2017-06-12 10:04 - 00038048 _____ C:\Users\VE\Desktop\Addition.txt
2017-06-12 10:02 - 2017-06-14 15:36 - 00026120 _____ C:\Users\VE\Desktop\FRST.txt
2017-06-12 09:55 - 2017-06-14 15:35 - 02438656 _____ (Farbar) C:\Users\VE\Desktop\FRST64.exe
2017-06-12 09:55 - 2017-06-14 15:35 - 00000000 ____D C:\Users\VE\Desktop\FRST-OlderVersion
2017-06-10 22:19 - 2017-06-10 22:19 - 00000000 ____D C:\Users\VE\Desktop\foto-umag
2017-05-26 08:34 - 2017-05-26 08:34 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-05-26 08:34 - 2017-05-26 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-26 08:33 - 2017-05-26 08:33 - 00000000 ____D C:\Program Files\iPod
2017-05-26 08:32 - 2017-05-26 08:34 - 00000000 ____D C:\Program Files\iTunes
2017-05-26 08:22 - 2017-05-26 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-05-24 16:29 - 2017-05-24 16:30 - 00000000 ____D C:\Users\VE\Documents\Dovolená - Umag
2017-05-15 09:57 - 2017-05-15 09:57 - 65347882 _____ C:\Users\VE\Desktop\Krmení.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-14 15:35 - 2017-01-31 19:23 - 00000000 ____D C:\FRST
2017-06-14 15:35 - 2016-11-26 10:40 - 00000000 ____D C:\Users\VE\AppData\LocalLow\Mozilla
2017-06-14 15:06 - 2016-10-03 09:25 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-14 14:50 - 2017-02-22 12:33 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 14:24 - 2016-10-03 09:33 - 03068968 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-14 14:24 - 2016-07-17 00:25 - 01239786 _____ C:\WINDOWS\system32\perfh005.dat
2017-06-14 14:24 - 2016-07-17 00:25 - 00333816 _____ C:\WINDOWS\system32\perfc005.dat
2017-06-14 14:16 - 2016-10-03 10:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-14 14:16 - 2016-10-03 09:25 - 05161512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 14:15 - 2016-11-22 20:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-14 14:15 - 2013-03-17 22:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 14:15 - 2013-03-17 22:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 14:15 - 2012-05-19 10:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-14 14:14 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-14 14:13 - 2017-01-31 07:05 - 00000000 ____D C:\AdwCleaner
2017-06-14 14:12 - 2017-02-08 16:10 - 00000000 ____D C:\ProgramData\BSD
2017-06-14 14:06 - 2016-11-17 11:27 - 00000000 ____D C:\Users\VE\Documents\PPC-service
2017-06-14 09:18 - 2013-08-18 22:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 09:12 - 2013-03-17 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 09:12 - 2011-12-19 17:34 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 08:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-14 08:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-14 08:30 - 2016-07-15 14:51 - 06875136 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-06-14 07:21 - 2017-02-10 08:21 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-13 07:13 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-10 22:13 - 2013-08-31 10:00 - 00000000 ____D C:\Users\VE\AppData\Roaming\vlc
2017-06-10 15:34 - 2017-03-17 18:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-10 15:34 - 2011-05-03 10:57 - 00000000 ____D C:\ProgramData\Skype
2017-06-09 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-04 15:21 - 2017-02-13 08:42 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 10:27 - 2016-10-03 10:08 - 00004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1461604013
2017-06-02 10:27 - 2016-04-25 19:07 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-29 21:14 - 2015-08-10 17:03 - 00000000 ____D C:\Users\VE\AppData\Local\Packages
2017-05-29 13:49 - 2011-12-22 23:06 - 00001480 _____ C:\Users\VE\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2017-05-29 09:49 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-29 09:47 - 2011-07-04 06:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 08:22 - 2016-10-03 09:33 - 03060642 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-26 08:22 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-25 13:05 - 2017-03-08 09:51 - 00000000 ____D C:\Users\VE\Documents\Soubory aplikace Outlook
2017-05-25 11:36 - 2017-01-03 08:33 - 00000000 ____D C:\Users\VE\Documents\VE
2017-05-23 14:59 - 2017-03-02 10:41 - 00000000 ____D C:\Users\VE\Documents\Vlastní šablony Office
2017-05-17 09:52 - 2017-01-31 11:32 - 00000000 ____D C:\Users\VE\AppData\Roaming\Google
2017-05-15 12:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
==================== Files in the root of some directories =======
2013-06-26 17:56 - 2014-01-14 22:45 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2012-12-26 20:18 - 2016-06-13 16:55 - 0000132 _____ () C:\Users\VE\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2014-05-30 08:43 - 2017-03-06 10:54 - 0000132 _____ () C:\Users\VE\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2013-05-20 17:10 - 2015-06-04 17:08 - 0000096 _____ () C:\Users\VE\AppData\Roaming\Camdata.ini
2013-05-20 17:10 - 2015-06-04 17:08 - 0000408 _____ () C:\Users\VE\AppData\Roaming\CamLayout.ini
2013-05-20 17:10 - 2015-06-04 17:08 - 0000408 _____ () C:\Users\VE\AppData\Roaming\CamShapes.ini
2013-05-20 17:10 - 2015-06-04 17:08 - 0004521 _____ () C:\Users\VE\AppData\Roaming\CamStudio.cfg
2013-05-20 17:17 - 2013-05-20 17:17 - 0000098 _____ () C:\Users\VE\AppData\Roaming\CamStudio.Producer.command
2013-05-20 17:18 - 2013-05-20 17:18 - 0000000 _____ () C:\Users\VE\AppData\Roaming\CamStudio.Producer.Data.ini
2013-05-20 17:18 - 2013-05-20 17:18 - 0001207 _____ () C:\Users\VE\AppData\Roaming\CamStudio.Producer.ini
2011-12-22 23:06 - 2017-05-29 13:49 - 0001480 _____ () C:\Users\VE\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-30 20:15 - 2015-12-30 20:15 - 0013312 _____ () C:\Users\VE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-09 22:37 - 2014-10-09 22:37 - 0007605 _____ () C:\Users\VE\AppData\Local\Resmon.ResmonCfg
2012-08-07 22:46 - 2012-08-07 22:46 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
2017-04-24 21:43 - 2017-04-24 21:43 - 0739904 _____ (Oracle Corporation) C:\Users\VE\AppData\Local\Temp\jre-8u131-windows-au.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-12 10:51
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-06-2017
Ran by VE (administrator) on TOSHIBA (14-06-2017 15:35:54)
Running from C:\Users\VE\Desktop
Loaded Profiles: VE (Available Profiles: VE & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-11] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [101888 2011-06-08] (Leadtek Research Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2920448 2010-08-11] (Leadtek Research Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-06-14] (Samsung)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-06-14] (Samsung)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\VE\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\VE\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Run: [Google Update] => C:\Users\VE\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-29] (Google Inc.)
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A9E7B242-AB75-4C66-B556-7F7DB3EAC1A1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{afeb5dd5-a3e1-4703-b764-c52cf06df799}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e2d80cfb-d6ca-43d1-83eb-f8d159b1c896}: [DhcpNameServer] 192.168.2.254
Internet Explorer:
==================
HKU\S-1-5-21-2089270285-844728859-2846910010-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {F33A4B26-5A82-442B-9FA5-E3CDE9A05EE2} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
DPF: HKLM-x32 {A37D61CF-622A-4775-955E-492A0616D75F} hxxps://tc.mestonachod.cz/Gordic/Ginis/App/SSD01/gin/ax/ax2.cab
DPF: HKLM-x32 {BC9B791F-CE75-4DD2-81FD-58CD28FECCAF} hxxps://tc.mestonachod.cz/Gordic/Ginis/App/SSD01/gin/ax/GordicAxSecurity.cab
DPF: HKLM-x32 {C12B6761-AD05-4DA8-9F44-589635C31867} hxxps://tc.mestonachod.cz/Gordic/Ginis/App/SSD01/gin/ax/GordicAxSecurityUninstall.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default [2017-06-14]
FF NewTab: Mozilla\Firefox\Profiles\g4yra9oa.default -> www.google.com
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\g4yra9oa.default -> Google
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\g4yra9oa.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\g4yra9oa.default ->
FF Homepage: Mozilla\Firefox\Profiles\g4yra9oa.default -> hxxps://www.seznam.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\g4yra9oa.default -> hxxps://www.google.com/search
FF Extension: (Firebug) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-01]
FF Extension: (Avast SafePrice) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Firefox Synchronisation Extension) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\synchronize@nokia.suite [2013-05-14] [not signed]
FF Extension: (Avast Online Security) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (FireShot) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-09-04]
FF Extension: (ColorZilla) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2017-03-08]
FF Extension: (FireFTP) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2017-01-31]
FF Extension: (Video DownloadHelper) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Web Developer) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2017-04-10]
FF Extension: (Seznam lištička) - C:\Users\VE\AppData\Roaming\Mozilla\Firefox\Profiles\g4yra9oa.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-09]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-22] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-22] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2089270285-844728859-2846910010-1000: @tools.google.com/Google Update;version=3 -> C:\Users\VE\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2089270285-844728859-2846910010-1000: @tools.google.com/Google Update;version=9 -> C:\Users\VE\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
Chrome:
=======
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default [2017-04-10]
CHR Extension: (Prezentace Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-25]
CHR Extension: (Dokumenty Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-25]
CHR Extension: (Disk Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-25]
CHR Extension: (Seznam Lištička - Email) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-21]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-21]
CHR Extension: (YouTube) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-25]
CHR Extension: (Adobe Acrobat) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-21]
CHR Extension: (Tabulky Google) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-21]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-21]
CHR Extension: (Gmail) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\VE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-10] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-06] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-03-20] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-08-05] (Toshiba Europe GmbH)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-11] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-11] (AVAST Software)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-10] (AVG Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-04-30] () [File not signed]
R3 LgBttPort; C:\WINDOWS\system32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\WINDOWS\System32\drivers\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\WINDOWS\system32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-12] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-08-10] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-14 15:00 - 2017-06-14 15:00 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-14 14:05 - 2017-06-14 14:06 - 04110280 _____ C:\Users\VE\Desktop\adwcleaner_6.047.exe
2017-06-13 11:27 - 2017-06-13 11:27 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-12 10:03 - 2017-06-12 10:04 - 00038048 _____ C:\Users\VE\Desktop\Addition.txt
2017-06-12 10:02 - 2017-06-14 15:36 - 00026120 _____ C:\Users\VE\Desktop\FRST.txt
2017-06-12 09:55 - 2017-06-14 15:35 - 02438656 _____ (Farbar) C:\Users\VE\Desktop\FRST64.exe
2017-06-12 09:55 - 2017-06-14 15:35 - 00000000 ____D C:\Users\VE\Desktop\FRST-OlderVersion
2017-06-10 22:19 - 2017-06-10 22:19 - 00000000 ____D C:\Users\VE\Desktop\foto-umag
2017-05-26 08:34 - 2017-05-26 08:34 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-05-26 08:34 - 2017-05-26 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-26 08:33 - 2017-05-26 08:33 - 00000000 ____D C:\Program Files\iPod
2017-05-26 08:32 - 2017-05-26 08:34 - 00000000 ____D C:\Program Files\iTunes
2017-05-26 08:22 - 2017-05-26 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-05-24 16:29 - 2017-05-24 16:30 - 00000000 ____D C:\Users\VE\Documents\Dovolená - Umag
2017-05-15 09:57 - 2017-05-15 09:57 - 65347882 _____ C:\Users\VE\Desktop\Krmení.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-14 15:35 - 2017-01-31 19:23 - 00000000 ____D C:\FRST
2017-06-14 15:35 - 2016-11-26 10:40 - 00000000 ____D C:\Users\VE\AppData\LocalLow\Mozilla
2017-06-14 15:06 - 2016-10-03 09:25 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-14 14:50 - 2017-02-22 12:33 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 14:24 - 2016-10-03 09:33 - 03068968 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-14 14:24 - 2016-07-17 00:25 - 01239786 _____ C:\WINDOWS\system32\perfh005.dat
2017-06-14 14:24 - 2016-07-17 00:25 - 00333816 _____ C:\WINDOWS\system32\perfc005.dat
2017-06-14 14:16 - 2016-10-03 10:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-14 14:16 - 2016-10-03 09:25 - 05161512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 14:15 - 2016-11-22 20:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-14 14:15 - 2013-03-17 22:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 14:15 - 2013-03-17 22:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 14:15 - 2012-05-19 10:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-14 14:14 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-14 14:13 - 2017-01-31 07:05 - 00000000 ____D C:\AdwCleaner
2017-06-14 14:12 - 2017-02-08 16:10 - 00000000 ____D C:\ProgramData\BSD
2017-06-14 14:06 - 2016-11-17 11:27 - 00000000 ____D C:\Users\VE\Documents\PPC-service
2017-06-14 09:18 - 2013-08-18 22:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 09:12 - 2013-03-17 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 09:12 - 2011-12-19 17:34 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 08:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-14 08:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-14 08:30 - 2016-07-15 14:51 - 06875136 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-06-14 07:21 - 2017-02-10 08:21 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-13 07:13 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-10 22:13 - 2013-08-31 10:00 - 00000000 ____D C:\Users\VE\AppData\Roaming\vlc
2017-06-10 15:34 - 2017-03-17 18:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-10 15:34 - 2011-05-03 10:57 - 00000000 ____D C:\ProgramData\Skype
2017-06-09 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-04 15:21 - 2017-02-13 08:42 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 10:27 - 2016-10-03 10:08 - 00004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1461604013
2017-06-02 10:27 - 2016-04-25 19:07 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-29 21:14 - 2015-08-10 17:03 - 00000000 ____D C:\Users\VE\AppData\Local\Packages
2017-05-29 13:49 - 2011-12-22 23:06 - 00001480 _____ C:\Users\VE\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2017-05-29 09:49 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-29 09:47 - 2011-07-04 06:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 08:22 - 2016-10-03 09:33 - 03060642 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-26 08:22 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-25 13:05 - 2017-03-08 09:51 - 00000000 ____D C:\Users\VE\Documents\Soubory aplikace Outlook
2017-05-25 11:36 - 2017-01-03 08:33 - 00000000 ____D C:\Users\VE\Documents\VE
2017-05-23 14:59 - 2017-03-02 10:41 - 00000000 ____D C:\Users\VE\Documents\Vlastní šablony Office
2017-05-17 09:52 - 2017-01-31 11:32 - 00000000 ____D C:\Users\VE\AppData\Roaming\Google
2017-05-15 12:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
==================== Files in the root of some directories =======
2013-06-26 17:56 - 2014-01-14 22:45 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2012-12-26 20:18 - 2016-06-13 16:55 - 0000132 _____ () C:\Users\VE\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2014-05-30 08:43 - 2017-03-06 10:54 - 0000132 _____ () C:\Users\VE\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2013-05-20 17:10 - 2015-06-04 17:08 - 0000096 _____ () C:\Users\VE\AppData\Roaming\Camdata.ini
2013-05-20 17:10 - 2015-06-04 17:08 - 0000408 _____ () C:\Users\VE\AppData\Roaming\CamLayout.ini
2013-05-20 17:10 - 2015-06-04 17:08 - 0000408 _____ () C:\Users\VE\AppData\Roaming\CamShapes.ini
2013-05-20 17:10 - 2015-06-04 17:08 - 0004521 _____ () C:\Users\VE\AppData\Roaming\CamStudio.cfg
2013-05-20 17:17 - 2013-05-20 17:17 - 0000098 _____ () C:\Users\VE\AppData\Roaming\CamStudio.Producer.command
2013-05-20 17:18 - 2013-05-20 17:18 - 0000000 _____ () C:\Users\VE\AppData\Roaming\CamStudio.Producer.Data.ini
2013-05-20 17:18 - 2013-05-20 17:18 - 0001207 _____ () C:\Users\VE\AppData\Roaming\CamStudio.Producer.ini
2011-12-22 23:06 - 2017-05-29 13:49 - 0001480 _____ () C:\Users\VE\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-30 20:15 - 2015-12-30 20:15 - 0013312 _____ () C:\Users\VE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-09 22:37 - 2014-10-09 22:37 - 0007605 _____ () C:\Users\VE\AppData\Local\Resmon.ResmonCfg
2012-08-07 22:46 - 2012-08-07 22:46 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
2017-04-24 21:43 - 2017-04-24 21:43 - 0739904 _____ (Oracle Corporation) C:\Users\VE\AppData\Local\Temp\jre-8u131-windows-au.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-12 10:51
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problikává okno příkazového řádku
OK, ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
SearchScopes: HKLM -> DefaultScope {F33A4B26-5A82-442B-9FA5-E3CDE9A05EE2} URL =
C:\Users\VE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\VE\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problikává okno příkazového řádku
Posilam log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-06-2017
Ran by VE (14-06-2017 20:32:20) Run:2
Running from C:\Users\VE\Desktop
Loaded Profiles: VE (Available Profiles: VE & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
SearchScopes: HKLM -> DefaultScope {F33A4B26-5A82-442B-9FA5-E3CDE9A05EE2} URL =
C:\Users\VE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\VE\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION => restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Users\VE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"C:\Users\VE\AppData\Local\Temp" folder move:
Could not move "C:\Users\VE\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 185007287 B
Java, Flash, Steam htmlcache => 2243 B
Windows/system/drivers => 410980161 B
Edge => 0 B
Chrome => 6077816 B
Firefox => 381034822 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11664 B
NetworkService => 8474 B
VE => 559646597 B
DefaultAppPool => 0 B
RecycleBin => 975813 B
EmptyTemp: => 1.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-06-2017 20:37:14)
C:\Users\VE\AppData\Local\Temp => moved successfully
==== End of Fixlog 20:37:26 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-06-2017
Ran by VE (14-06-2017 20:32:20) Run:2
Running from C:\Users\VE\Desktop
Loaded Profiles: VE (Available Profiles: VE & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
SearchScopes: HKLM -> DefaultScope {F33A4B26-5A82-442B-9FA5-E3CDE9A05EE2} URL =
C:\Users\VE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\VE\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION => restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Users\VE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"C:\Users\VE\AppData\Local\Temp" folder move:
Could not move "C:\Users\VE\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 185007287 B
Java, Flash, Steam htmlcache => 2243 B
Windows/system/drivers => 410980161 B
Edge => 0 B
Chrome => 6077816 B
Firefox => 381034822 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11664 B
NetworkService => 8474 B
VE => 559646597 B
DefaultAppPool => 0 B
RecycleBin => 975813 B
EmptyTemp: => 1.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-06-2017 20:37:14)
C:\Users\VE\AppData\Local\Temp => moved successfully
==== End of Fixlog 20:37:26 ====
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problikává okno příkazového řádku
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problikává okno příkazového řádku
OK, moc děkuji za pomoc. Téma ukončím.
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problikává okno příkazového řádku
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?