Dobrý den. Přišel mi nějaký divný mail od KB s přílohou, snad jsem nic nestáhl ,a le raději.
Děkuji moc:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
Ran by MZelectronic (administrator) on MZELECTRONIC-PC (21-06-2017 15:08:13)
Running from C:\Users\MZelectronic\Desktop
Loaded Profiles: MZelectronic (Available Profiles: MZelectronic)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\ACSDAG\ACSDAGServer.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(PostgreSQL Global Development Group) C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PostgreSQL\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\ACSDAG\CrashServer_Test.exe
(PostgreSQL Global Development Group) C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PostgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(CANON INC.) C:\Windows\System32\CNAC4RPD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\hicloud\update_server\startUp.exe
() C:\Program Files (x86)\hicloud\update_server\SPUpDateServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\MZelectronic\Desktop\FRST-OlderVersion\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-09-13] (Realtek Semiconductor)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-05-12] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [113656 2013-10-08] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49976 2014-08-01] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-06-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [SPUpDateServerrun] => C:\Program Files (x86)\hicloud\update_server\startUp.exe [14832 2015-09-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-468234102-2052239981-3129749300-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-468234102-2052239981-3129749300-1000\...\Run: [VCOMTool] => C:\Program Files (x86)\VCOM Tool\VCOMTool.exe
HKU\S-1-5-21-468234102-2052239981-3129749300-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)
HKU\S-1-5-21-468234102-2052239981-3129749300-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680520 2017-01-09] (ZONER software)
HKU\S-1-5-21-468234102-2052239981-3129749300-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-23] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP5000 Status Window.lnk [2017-03-21]
ShortcutTarget: Canon LBP5000 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAC4LAD.EXE (CANON INC.)
Startup: C:\Users\MZelectronic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-11-23]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.240.163.170 62.204.224.2
Tcpip\..\Interfaces\{a9302096-82f5-459b-b02c-495cd0d5c323}: [DhcpNameServer] 62.240.163.170 62.204.224.2
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-09] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-06-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-09] (Oracle Corporation)
DPF: HKLM-x32 {53049A9A-1122-4673-B8D4-12F545AE3285} hxxp://192.168.1.10:84/AVC_AX_764.cab
DPF: HKLM-x32 {6D0E375A-7C00-4DB2-9D7E-D5B1ACDAF1F2} hxxp://192.168.1.201/FEWatch.cab
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-09] (Oracle Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: shipin7 -> C:\Program Files (x86)\hicloud\PCPlayer\npSP7WebVideoPlugin.dll [2016-05-09] ()
FF Plugin-x32: shipin7safebox -> C:\Program Files (x86)\hicloud\PCPlayer\npSafePlugin.dll [2016-05-09] ()
FF Plugin-x32: shipin7update -> C:\Program Files (x86)\hicloud\PCPlayer\npUpdataPlugin.dll [2016-05-09] ()
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-03-31] ()
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://live.4network.tv/"
CHR Profile: C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default [2017-06-20]
CHR Extension: (Prezentace Google) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-23]
CHR Extension: (Dokumenty Google) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-23]
CHR Extension: (Disk Google) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-23]
CHR Extension: (YouTube) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-23]
CHR Extension: (Vyhledávání Google) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-23]
CHR Extension: (Avast SafePrice) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-03]
CHR Extension: (Tabulky Google) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-04]
CHR Extension: (Avast Online Security) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-22]
CHR Extension: (Gmail) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-23]
CHR Extension: (Chrome Media Router) - C:\Users\MZelectronic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-22]
CHR HKU\S-1-5-21-468234102-2052239981-3129749300-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ACSDAGServer; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\ACSDAG\ACSDAGServer.exe [7168 2015-12-16] () [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-09] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-06-12] (Dropbox, Inc.)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093648 2017-05-23] (Garmin Ltd. or its subsidiaries)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-12] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
R2 PostgreSQL4200; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PostgreSQL\bin\pg_ctl.exe [94720 2015-12-16] (PostgreSQL Global Development Group) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-15] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
S3 evserial; C:\WINDOWS\System32\DRIVERS\evserial.sys [67072 2010-04-19] (ELTIMA Software)
S3 evserial7; C:\WINDOWS\System32\drivers\evserial7.sys [69704 2010-07-15] (ELTIMA Software)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\WINDOWS\SysWOW64\drivers\npf64.sys [36600 2015-04-28] (Riverbed Technology, Inc.)
R3 VSBC; C:\WINDOWS\System32\drivers\evsbc.sys [32768 2010-04-19] (ELTIMA Software)
S3 VSBC7; C:\WINDOWS\System32\drivers\evsbc7.sys [35912 2010-07-15] (ELTIMA Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-21 15:08 - 2017-06-21 15:08 - 00023562 _____ C:\Users\MZelectronic\Desktop\FRST.txt
2017-06-21 15:08 - 2017-06-21 15:08 - 00000000 ____D C:\Users\MZelectronic\Desktop\FRST-OlderVersion
2017-06-21 15:08 - 2017-06-21 15:08 - 00000000 ____D C:\FRST
2017-06-21 15:07 - 2017-06-21 15:08 - 02439680 _____ (Farbar) C:\Users\MZelectronic\Desktop\FRST64.exe
2017-06-21 15:07 - 2017-06-21 15:07 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-21 14:43 - 2017-06-21 14:44 - 04110280 _____ C:\Users\MZelectronic\Desktop\adwcleaner_6.047.exe
2017-06-21 09:16 - 2017-06-21 09:16 - 00489709 _____ C:\Users\MZelectronic\Documents\Faktura_170100280.pdf
2017-06-21 08:59 - 2017-06-21 08:59 - 00487640 _____ C:\Users\MZelectronic\Documents\Faktura_170100279.pdf
2017-06-21 08:42 - 2017-06-21 08:42 - 00489975 _____ C:\Users\MZelectronic\Documents\Faktura_internet_170100278(3).pdf
2017-06-21 08:38 - 2017-06-21 08:38 - 00489975 _____ C:\Users\MZelectronic\Desktop\Faktura_internet_170100278(2).pdf
2017-06-21 08:36 - 2017-06-21 08:36 - 00489975 _____ C:\Users\MZelectronic\Desktop\Faktura_internet_170100278.pdf
2017-06-20 00:53 - 2017-06-20 00:53 - 00000000 ____D C:\Users\MZelectronic\Documents\Garmin
2017-06-20 00:50 - 2017-06-20 00:52 - 00000000 ____D C:\ProgramData\Garmin
2017-06-20 00:50 - 2017-06-20 00:50 - 00003624 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-06-20 00:50 - 2017-06-20 00:50 - 00001963 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2017-06-20 00:50 - 2017-06-20 00:50 - 00000000 ____D C:\Users\MZelectronic\AppData\Roaming\Garmin
2017-06-20 00:50 - 2017-06-20 00:50 - 00000000 ____D C:\Users\MZelectronic\AppData\Local\Garmin_Ltd._or_its_subsid
2017-06-20 00:50 - 2017-06-20 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2017-06-20 00:50 - 2017-06-20 00:50 - 00000000 ____D C:\Program Files (x86)\Garmin
2017-06-20 00:49 - 2017-06-20 00:49 - 50775344 _____ (Garmin Ltd or its subsidiaries) C:\Users\MZelectronic\Downloads\GarminExpressInstaller.exe
2017-06-19 01:37 - 2017-06-19 01:37 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-18 17:01 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-18 17:01 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-18 17:01 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-18 17:01 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-18 17:01 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-18 17:01 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-18 17:01 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-18 17:01 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-18 17:01 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-18 17:01 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-18 17:01 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-18 17:01 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-18 17:01 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-18 17:01 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-18 17:01 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-18 17:01 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-18 17:01 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-18 17:01 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-18 17:01 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-18 17:01 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-18 17:01 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-18 17:01 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-18 17:01 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-18 17:01 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-18 17:01 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-18 17:01 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-18 17:01 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-18 17:01 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-18 17:01 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-18 17:01 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-18 17:01 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-18 17:01 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-18 17:01 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-18 17:01 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-18 17:01 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-18 17:01 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-18 17:01 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-18 17:01 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-18 17:01 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-18 17:01 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-18 17:01 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-18 17:01 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-18 17:01 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-18 17:01 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-18 17:01 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-18 17:01 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-18 17:01 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-18 17:01 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-18 16:56 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-18 16:56 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-18 16:56 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-18 16:56 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-18 16:56 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-18 16:56 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-18 16:56 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-18 16:56 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-18 16:56 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-18 16:56 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-18 16:56 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-18 16:56 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-18 16:56 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-18 16:56 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-18 16:56 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-18 16:56 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-18 16:56 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-18 16:56 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-18 16:56 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-18 16:56 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-18 16:56 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-18 16:56 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-18 16:56 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-18 16:56 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-18 16:56 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-18 16:56 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-18 16:56 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-18 16:56 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-18 16:56 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-18 16:56 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-18 16:56 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-18 16:55 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-18 16:55 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-18 16:55 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-18 16:55 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-18 16:55 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-18 16:55 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-18 16:55 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-18 16:55 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-18 16:55 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-18 16:55 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-18 16:55 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-18 16:55 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-18 16:55 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-18 16:55 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-18 16:55 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-18 16:55 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-18 16:55 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-18 16:55 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-18 16:55 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-18 16:55 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-18 16:55 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-18 16:55 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-18 16:55 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-18 16:55 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-18 16:55 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-18 16:55 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-18 16:55 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-18 16:55 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-18 16:55 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-18 16:55 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-18 16:55 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-18 16:55 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-18 16:55 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-18 16:55 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-18 16:55 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-18 16:55 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-18 16:55 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-18 16:55 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-18 16:55 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-18 16:55 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-18 16:55 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-18 16:55 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-18 16:55 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-18 16:55 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-18 16:55 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-18 16:55 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-18 16:55 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-18 16:55 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-18 16:55 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-18 16:54 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-18 16:54 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-18 16:54 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-18 16:54 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-18 16:54 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-18 16:54 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-18 16:54 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-18 16:54 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-18 16:54 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-18 16:54 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-18 16:54 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-18 16:54 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-18 16:54 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-18 16:54 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-16 00:38 - 2017-06-16 00:38 - 07243472 _____ C:\Users\MZelectronic\Downloads\XW.v6.0.4.30805.170505.1510 (1).bin
2017-06-16 00:33 - 2017-06-16 00:33 - 00000000 ____D C:\Users\MZelectronic\Downloads\AP zámeček
2017-06-14 19:49 - 2017-06-14 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-13 16:33 - 2017-06-13 16:33 - 07243472 _____ C:\Users\MZelectronic\Downloads\XW.v6.0.4.30805.170505.1510.bin
2017-06-12 13:55 - 2017-06-12 13:55 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-08 09:34 - 2017-06-08 09:34 - 00488857 _____ C:\Users\MZelectronic\Desktop\Faktura_170100257.pdf
2017-06-08 09:33 - 2017-06-08 09:33 - 00000000 ____D C:\Users\MZelectronic\AppData\Roaming\STORMWARE
2017-06-06 23:17 - 2017-06-06 23:17 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-02 10:34 - 2017-06-02 10:34 - 00002054 _____ C:\Users\Public\Desktop\Ekonomický systém POHODA 2017 Jazz.lnk
2017-06-02 10:34 - 2017-06-02 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STORMWARE Office
2017-06-02 10:29 - 2017-06-02 10:29 - 00092032 _____ C:\Users\MZelectronic\Documents\Faktura_170100256.pdf
2017-05-29 22:42 - 2017-05-29 22:42 - 00089924 _____ C:\Users\MZelectronic\Documents\Faktura_170100247 (2).pdf
2017-05-29 14:36 - 2017-05-29 14:36 - 00033627 _____ C:\Users\MZelectronic\Desktop\karta-zbozi-1221-befo-1221.pdf
2017-05-29 14:32 - 2017-05-29 14:32 - 00062525 _____ C:\Users\MZelectronic\Desktop\ACS - Control.pdf
2017-05-29 14:29 - 2017-05-29 14:32 - 00022532 _____ C:\Users\MZelectronic\Desktop\Nový Textový dokument OpenDocument (4).odt
2017-05-29 14:19 - 2017-05-29 14:19 - 00106728 _____ C:\Users\MZelectronic\Desktop\Snímač Dallas.pdf
2017-05-29 14:16 - 2017-05-29 14:19 - 00100752 _____ C:\Users\MZelectronic\Desktop\Nový Textový dokument OpenDocument (3).odt
2017-05-29 14:08 - 2017-05-29 14:08 - 00007334 _____ C:\Users\MZelectronic\Desktop\Nový Textový dokument OpenDocument (2).odt
2017-05-29 14:07 - 2017-05-29 14:07 - 00021266 _____ C:\Users\MZelectronic\Desktop\blokove_schema_SU.pdf
2017-05-29 14:05 - 2017-05-29 14:05 - 00021004 _____ C:\Users\MZelectronic\Desktop\blokove_schema_sdsu.pdf
2017-05-29 14:04 - 2017-05-29 14:04 - 00057416 _____ C:\Users\MZelectronic\Desktop\US485.pdf
2017-05-29 13:59 - 2017-05-29 14:03 - 00050895 _____ C:\Users\MZelectronic\Desktop\Nový Textový dokument OpenDocument.odt
2017-05-26 14:42 - 2017-05-26 17:14 - 1411152696 _____ C:\Users\MZelectronic\Downloads\1978-Pumpaři-od-Zlaté-podkovy.avi
2017-05-25 09:59 - 2017-05-25 09:59 - 00090136 _____ C:\Users\MZelectronic\Documents\Faktura_170100254.pdf
2017-05-25 09:19 - 2017-05-25 09:19 - 00092280 _____ C:\Users\MZelectronic\Documents\Faktura_170100253.pdf
2017-05-25 09:12 - 2017-05-25 10:09 - 00089733 _____ C:\Users\MZelectronic\Documents\Faktura_170100252.pdf
2017-05-25 09:09 - 2017-05-25 09:09 - 00090324 _____ C:\Users\MZelectronic\Documents\Faktura_170100251.pdf
2017-05-25 08:05 - 2017-06-21 14:43 - 00000000 ____D C:\Users\MZelectronic\AppData\LocalLow\Mozilla
2017-05-22 17:21 - 2017-05-22 17:20 - 00092063 _____ C:\Users\MZelectronic\Documents\Faktura_170100087 (2).pdf
2017-05-22 00:16 - 2017-05-22 00:16 - 00093345 _____ C:\Users\MZelectronic\Documents\Faktura_170100250.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-21 14:50 - 2016-07-17 00:25 - 00818590 _____ C:\WINDOWS\system32\perfh005.dat
2017-06-21 14:50 - 2016-07-17 00:25 - 00198428 _____ C:\WINDOWS\system32\perfc005.dat
2017-06-21 14:50 - 2015-11-23 11:30 - 02180452 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-21 14:49 - 2016-01-03 19:20 - 00000000 ____D C:\Users\MZelectronic\AppData\Roaming\Skype
2017-06-21 14:47 - 2016-09-25 20:44 - 00000000 ____D C:\Users\MZelectronic
2017-06-21 14:46 - 2016-09-25 20:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-21 14:46 - 2016-01-11 00:34 - 00000000 ___RD C:\Users\MZelectronic\Disk Google
2017-06-21 14:46 - 2016-01-02 17:29 - 00000000 ____D C:\Users\MZelectronic\AppData\Local\HTC MediaHub
2017-06-21 14:45 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-06-21 14:45 - 2016-05-18 15:19 - 00000000 ____D C:\AdwCleaner
2017-06-21 14:16 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-21 14:16 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-21 14:15 - 2016-09-25 20:42 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-20 00:50 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-20 00:50 - 2016-05-26 23:35 - 00000000 ____D C:\Program Files\DIFX
2017-06-20 00:50 - 2016-01-03 16:35 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-19 22:22 - 2016-01-06 10:20 - 00000600 _____ C:\Users\MZelectronic\AppData\Local\PUTTY.RND
2017-06-19 08:09 - 2016-11-22 22:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-19 08:09 - 2016-09-25 20:42 - 00253688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-19 08:09 - 2016-02-13 15:14 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-19 08:09 - 2015-12-14 00:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-19 01:37 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-19 01:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-19 01:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-19 00:42 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-16 11:18 - 2017-03-20 21:26 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-06-16 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-15 23:09 - 2015-11-24 23:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-15 23:07 - 2015-11-24 23:41 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 19:49 - 2016-01-09 22:13 - 00000000 ____D C:\Users\MZelectronic\AppData\Local\Dropbox
2017-06-14 19:49 - 2016-01-09 22:13 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-10 00:56 - 2017-03-15 22:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-10 00:56 - 2016-01-03 19:20 - 00000000 ____D C:\ProgramData\Skype
2017-06-03 22:54 - 2016-01-12 00:01 - 00000000 ____D C:\Users\MZelectronic\AppData\Roaming\vlc
2017-06-03 08:36 - 2016-11-09 00:19 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-11-09 00:19 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 10:34 - 2016-01-05 11:18 - 00000000 ____D C:\Program Files (x86)\STORMWARE
2017-06-01 22:47 - 2016-04-08 22:24 - 00000000 ____D C:\Users\MZelectronic\AppData\Local\UmmyVideoDownloader
2017-05-31 23:17 - 2016-09-25 20:49 - 00004022 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458854798
2017-05-31 23:17 - 2016-03-24 23:26 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-31 16:53 - 2015-12-01 00:01 - 00000000 ____D C:\AVtech
==================== Files in the root of some directories =======
2016-04-29 01:46 - 2016-05-17 19:27 - 0000600 _____ () C:\Users\MZelectronic\AppData\Roaming\winscp.rnd
2016-01-06 10:20 - 2017-06-19 22:22 - 0000600 _____ () C:\Users\MZelectronic\AppData\Local\PUTTY.RND
2016-02-04 17:37 - 2016-02-04 17:37 - 0001501 _____ () C:\Users\MZelectronic\AppData\Local\recently-used.xbel
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\MZelectronic\AppData\Local\setup.txt
2016-01-06 10:39 - 2016-01-06 10:45 - 0000789 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
2017-03-09 20:36 - 2017-03-09 20:36 - 0739904 _____ (Oracle Corporation) C:\Users\MZelectronic\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-01-06 01:20 - 2017-01-06 01:20 - 0532992 _____ () C:\Users\MZelectronic\AppData\Local\Temp\snappy-1.0.5-snappyjava.dll
2017-03-15 22:58 - 2017-03-15 22:58 - 14456872 _____ (Microsoft Corporation) C:\Users\MZelectronic\AppData\Local\Temp\vc_redist.x86.exe
2016-10-31 00:03 - 2016-10-31 00:04 - 70575032 _____ (Dropbox, Inc.) C:\Users\MZelectronic\AppData\Local\Temp\{1B356C11-7C96-4F07-828A-AB92636118F1}-DropboxClient_13.4.21.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-17 22:06
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:111.25 GB) (Free:13.85 GB) NTFS
Drive d: (SYMPHONICUM_TOUR_2016_LIVE) (CDROM) (Total:6.76 GB) (Free:0 GB) UDF
Drive e: (HD2) (Fixed) (Total:232.88 GB) (Free:228.41 GB) NTFS
Drive f: (USB DISK) (Removable) (Total:7.48 GB) (Free:2.21 GB) FAT32
Available physical RAM: 1993.63 MB
Total physical RAM: 3984.01 MB
Percentage of memory in use: 49%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 4212FE19)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Disk: 1 (Size: 232.9 GB) (Disk ID: 0004C869)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:DDE29E40 [211]
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\MZelectronic\Desktop" je 211 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola Logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola Logu
Zdravím, stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Pak použij Mbam z mého podpisu a také mi sem z něj dej log.
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Pak použij Mbam z mého podpisu a také mi sem z něj dej log.
Re: Kontrola Logu
# AdwCleaner v6.047 - Logfile created 22/06/2017 at 22:32:13
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-22.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : MZelectronic - MZELECTRONIC-PC
# Running from : C:\Users\MZelectronic\Desktop\adwcleaner_6.047.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
No malicious task found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Web browsers ] *****
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1233 Bytes] - [18/05/2016 15:25:06]
C:\AdwCleaner\AdwCleaner[C2].txt - [2611 Bytes] - [21/06/2017 14:45:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1043 Bytes] - [18/05/2016 15:20:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [2600 Bytes] - [21/06/2017 14:45:11]
C:\AdwCleaner\AdwCleaner[S3].txt - [1302 Bytes] - [22/06/2017 22:32:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1375 Bytes] ##########
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 22.06.17
Čas skenování: 22:42
Logovací soubor: mbam.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.141
Aktualizovat verzi balíku komponent: 1.0.2209
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: MZelectronic-PC\MZelectronic
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 406299
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 1
Uplynulý čas: 3 min, 15 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 1
PUP.Optional.ASK, C:\USERS\MZELECTRONIC\APPDATA\LOCAL\DOWNLOADED INSTALLATIONS\{C10E92A1-0281-4E9B-B623-41F886FA1752}\DEFAULT.MSI, V karanténě, [529], [383618],1.0.2209
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-22.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : MZelectronic - MZELECTRONIC-PC
# Running from : C:\Users\MZelectronic\Desktop\adwcleaner_6.047.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
No malicious task found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Web browsers ] *****
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1233 Bytes] - [18/05/2016 15:25:06]
C:\AdwCleaner\AdwCleaner[C2].txt - [2611 Bytes] - [21/06/2017 14:45:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1043 Bytes] - [18/05/2016 15:20:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [2600 Bytes] - [21/06/2017 14:45:11]
C:\AdwCleaner\AdwCleaner[S3].txt - [1302 Bytes] - [22/06/2017 22:32:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1375 Bytes] ##########
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 22.06.17
Čas skenování: 22:42
Logovací soubor: mbam.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.141
Aktualizovat verzi balíku komponent: 1.0.2209
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: MZelectronic-PC\MZelectronic
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 406299
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 1
Uplynulý čas: 3 min, 15 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 1
PUP.Optional.ASK, C:\USERS\MZELECTRONIC\APPDATA\LOCAL\DOWNLOADED INSTALLATIONS\{C10E92A1-0281-4E9B-B623-41F886FA1752}\DEFAULT.MSI, V karanténě, [529], [383618],1.0.2209
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Kontrola Logu
PC je pohodě , to bylo jen pro jistotu, jestli jsem něco nechytil....
Takže je to čisté.
Děkuji moc.
Takže je to čisté.
Děkuji moc.
Re: Kontrola Logu
Me totiž přišlo toto na mail, tak jestli jsem to nekoupil:
Vážení klienti,
aktuálně jsme zaznamenali podvodné emaily, jejichž cílem je zavirovat váš počítač.
Podvodný email se tváří, že je odeslán z emailové adresy KB: mojebanka@kb.cz, v předmětu zprávy je uveden text: Informace o platbě(SWIFT).
Namísto slibovaných podrobností, soubor v příloze obsahuje počítačový virus (malware), který se po spuštění nainstaluje do vašeho počítače.
Důrazně vás varujeme před otevíráním tohoto emailu a přílohy.
V příloze je 550kB soubor SWIFT.JAR obsahující škodlivý kód, který některé antiviry detekují jako trojského koně Java/Kryptik.FF.
Text podvodného emailu:
Předmět: Informace o platbě(SWIFT)
Od: Komerční banka [mailto:mojebanka@kb.cz]
Pozdravy,
Platba probíhá prostřednictvím naší banky.
Podrobnosti jsou připojeny
Headquarters
Na Příkopě 33, 114 07 Praha 1
P.O. BOX 839,
Česká Republika
Company ID: 45317054
VAT reg. no.: CZ699001182
Data box ID: 4ktes4w
Vážení klienti,
aktuálně jsme zaznamenali podvodné emaily, jejichž cílem je zavirovat váš počítač.
Podvodný email se tváří, že je odeslán z emailové adresy KB: mojebanka@kb.cz, v předmětu zprávy je uveden text: Informace o platbě(SWIFT).
Namísto slibovaných podrobností, soubor v příloze obsahuje počítačový virus (malware), který se po spuštění nainstaluje do vašeho počítače.
Důrazně vás varujeme před otevíráním tohoto emailu a přílohy.
V příloze je 550kB soubor SWIFT.JAR obsahující škodlivý kód, který některé antiviry detekují jako trojského koně Java/Kryptik.FF.
Text podvodného emailu:
Předmět: Informace o platbě(SWIFT)
Od: Komerční banka [mailto:mojebanka@kb.cz]
Pozdravy,
Platba probíhá prostřednictvím naší banky.
Podrobnosti jsou připojeny
Headquarters
Na Příkopě 33, 114 07 Praha 1
P.O. BOX 839,
Česká Republika
Company ID: 45317054
VAT reg. no.: CZ699001182
Data box ID: 4ktes4w
Re: Kontrola Logu
To je jen varující email od banky, také mi jej poslali. Normální člověk snad nebude otevírat přílohu s touto kocovkou když běžně chodí PDF, ale kdo si to na druhou stranu uvědomí ?mildahk píše:Me totiž přišlo toto na mail, tak jestli jsem to nekoupil:
Re: Kontrola Logu
No právě, koukal jsem na tu přílohu, co to je za bejkárnu a nechybělo mnoho a stáhnul jsem to do compu.
Takže comp je čistej, mužu ho v klidu používat?
Díky moc.
Takže comp je čistej, mužu ho v klidu používat?
Díky moc.
Přispějete na provoz fóra?