Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zablokovaný prehliadač - avast

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ATO
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 10 zář 2014 09:55

zablokovaný prehliadač - avast

#1 Příspěvek od ATO »

Zdravím,

môj prehliadač google chrome mi vyhadzuje detekciu vírusu (vid nižšie). Kamarát mi odporučil toto fórum, vedeli by ste mi s tým pomôcť?

Samotným avastom som si preskenoval počítač, našlo mi zopár vírusov a dal som ich vymazať (mazal ich po reštarte v núdzovom režime, či ako sa to volá :D ). No aj naďalej mi vyhadzuje tieto okná. Neviem si s tým poradiť.

Za pomoc vopred ďakujem
Přílohy
avast.jpg
avast.jpg (33.2 KiB) Zobrazeno 1041 x
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zablokovaný prehliadač - avast

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: At nevestime z kristalove koule, tak dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ATO
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 10 zář 2014 09:55

Re: zablokovaný prehliadač - avast

#3 Příspěvek od ATO »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by ntb1 (administrator) on NTB on 11-09-2014 14:12:29
Running from C:\Users\ntb1\Desktop
Platform: Windows 8 (X64) OS Language: Angličtina (USA)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Windows\System32\DptfParticipantProcessorService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(forum.viry.cz) C:\Users\ntb1\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

RtHDVCpl



C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

kernel32.dll

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [21888 2012-07-30] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ING eKalkulačka.lnk
ShortcutTarget: ING eKalkulačka.lnk -> C:\IngApps\ING_eKalkulacka_ING_SK\run.cmd ()
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: GGosavenow -> {30081bc8-f59a-4f64-abf6-10c99a11fd5c} -> C:\Program Files (x86)\GGosavenow\M7grzn9W9e09iB.x64.dll ()
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: GGosavenow -> {30081bc8-f59a-4f64-abf6-10c99a11fd5c} -> C:\Program Files (x86)\GGosavenow\M7grzn9W9e09iB.dll ()
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-23]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: Default -> 835035E4CF428A715AA172EAA3B1EFA9D8BC151503E22DA6888E653F048E23AE
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 23A0DC459CCA7B6DBC8D7FB5A0F2A26F058E1F530EF3ACE53A51A3AC464D79F8
CHR DefaultSearchURL: Default -> 30D00A085E5B33892E0CE1E159D31E6A2448FA36291EC992F42E92C48ABC34FC
CHR Profile: C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-23]
CHR Extension: (Disk Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-23]
CHR Extension: (YouTube) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-23]
CHR Extension: (Hľadať v Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-23]
CHR Extension: (avast! Online Security) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-14]
CHR Extension: (Gosaavenow) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjoncilfppjoibhmelodjjabokbecghi [2014-09-09]
CHR Extension: (Peňaženka Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-23]
CHR Extension: (Gmail) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-23]
CHR Extension: (Gosaavenow) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjoncilfppjoibhmelodjjabokbecghi\1.8 [2014-09-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-09] (AVAST Software)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [63488 2012-10-28] (IvoSoft) [File not signed]
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-09] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-09] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-17] (ASUS Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
U0 msahci; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 14:12 - 2014-09-11 14:13 - 00019254 _____ () C:\Users\ntb1\Desktop\FRST.txt
2014-09-11 14:12 - 2014-09-11 14:12 - 00000000 ____D () C:\FRST
2014-09-11 14:00 - 2014-09-11 14:00 - 00112640 _____ (forum.viry.cz) C:\Users\ntb1\Desktop\FRSTLauncher.exe
2014-09-11 13:57 - 2014-09-11 13:57 - 00112640 _____ (forum.viry.cz) C:\Users\ntb1\Downloads\Nepotvrdené 907136.crdownload
2014-09-11 13:54 - 2014-09-11 13:54 - 02105856 _____ (Farbar) C:\Users\ntb1\Desktop\FRST64.exe
2014-09-09 18:04 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-09 18:04 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\DropboxMaster
2014-09-09 18:03 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\Dropbox
2014-09-09 17:48 - 2014-09-09 17:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-09 17:48 - 2014-09-09 17:48 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-09 11:04 - 2014-09-10 09:57 - 00000000 ____D () C:\ProgramData\GGosavenow
2014-09-09 11:04 - 2014-09-09 11:04 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Torch
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Chromatic Browser
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\ProgramData\a2244f80195c7952
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Program Files (x86)\GGosavenow
2014-09-09 10:42 - 2014-09-09 10:42 - 00839024 _____ (Fishes Concerned) C:\Users\ntb1\Downloads\Adweek-25-August-2014.pdf.exe
2014-09-03 13:35 - 2014-09-03 13:35 - 00001519 _____ () C:\Users\ntb1\Downloads\ATT00592.htm
2014-08-31 20:31 - 2014-09-03 23:24 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\vlc
2014-08-31 20:30 - 2014-08-31 20:30 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-31 20:30 - 2014-08-31 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-31 20:30 - 2014-08-31 20:30 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-31 20:29 - 2014-08-31 20:29 - 24743106 _____ () C:\Users\ntb1\Downloads\vlc-2.1.5-win32.exe
2014-08-31 19:55 - 2014-08-31 20:24 - 1817577667 _____ () C:\Users\ntb1\Desktop\The normal heart-Stejná srdce - 2014 cz dab drama.mkv
2014-08-31 17:13 - 2014-08-31 18:31 - 746151936 _____ () C:\Users\ntb1\Downloads\ANNA-zo-Zeleneho-domu-1-2.avi
2014-08-30 22:31 - 2014-08-30 22:31 - 00000000 ____D () C:\Users\ntb1\Desktop\klauds
2014-08-30 22:28 - 2014-08-30 22:29 - 94616366 _____ () C:\Users\ntb1\Downloads\Splav - Morava.rar
2014-08-28 09:09 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 18:37 - 2014-08-19 18:37 - 00000000 ____D () C:\Users\ntb1\TOSHIBA
2014-08-19 18:36 - 2009-10-06 22:07 - 00562176 _____ () C:\Windows\system32\eST4snm6.dll
2014-08-19 18:35 - 2014-08-19 18:36 - 00000000 ____D () C:\Users\ntb1\Desktop\eS453c_X64_XP_VISTA_PS_4.5.98.0
2014-08-19 18:34 - 2014-08-19 18:35 - 03619182 _____ () C:\Users\ntb1\Downloads\eS453c_X64_XP_VISTA_PS_4.5.98.0.zip
2014-08-19 18:32 - 2014-08-19 18:32 - 00000000 ____D () C:\Users\ntb1\Desktop\ovladace
2014-08-19 18:30 - 2014-08-19 18:30 - 02254304 _____ () C:\Users\ntb1\Downloads\estudio281c-windows.exe
2014-08-19 17:37 - 2014-08-02 02:15 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-19 17:37 - 2014-08-02 02:15 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-14 10:38 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-08-14 10:34 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 10:34 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 09:58 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 09:58 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 09:57 - 2014-08-07 08:33 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 09:57 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 09:57 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 09:57 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 09:57 - 2014-07-24 14:10 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-14 09:57 - 2014-07-24 14:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 09:57 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 09:57 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 09:57 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 09:57 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 09:57 - 2014-07-24 12:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 09:57 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 09:57 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 09:57 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 09:57 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 09:57 - 2014-07-24 10:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-08-14 09:57 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 09:57 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 09:57 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 09:57 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 09:57 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 09:57 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-14 09:57 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 09:57 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 09:57 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 09:57 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-14 09:57 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-14 09:57 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 09:57 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 09:57 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 09:57 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-14 09:57 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-08-14 09:57 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-14 09:56 - 2014-08-07 05:09 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 14:13 - 2014-09-11 14:12 - 00019254 _____ () C:\Users\ntb1\Desktop\FRST.txt
2014-09-11 14:12 - 2014-09-11 14:12 - 00000000 ____D () C:\FRST
2014-09-11 14:00 - 2014-09-11 14:00 - 00112640 _____ (forum.viry.cz) C:\Users\ntb1\Desktop\FRSTLauncher.exe
2014-09-11 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-09-11 13:57 - 2014-09-11 13:57 - 00112640 _____ (forum.viry.cz) C:\Users\ntb1\Downloads\Nepotvrdené 907136.crdownload
2014-09-11 13:56 - 2014-04-23 21:59 - 00311296 ___SH () C:\Users\ntb1\Downloads\Thumbs.db
2014-09-11 13:54 - 2014-09-11 13:54 - 02105856 _____ (Farbar) C:\Users\ntb1\Desktop\FRST64.exe
2014-09-11 13:37 - 2014-04-23 20:35 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-11 13:37 - 2014-04-23 20:35 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-11 13:26 - 2014-07-18 13:40 - 00000000 ____D () C:\Users\ntb1\Desktop\Fincentrum
2014-09-11 09:59 - 2013-05-19 18:53 - 00003474 _____ () C:\Windows\System32\Tasks\ASUS Live Update1
2014-09-11 09:59 - 2013-05-19 18:53 - 00003464 _____ () C:\Windows\System32\Tasks\ASUS Live Update2
2014-09-10 10:49 - 2014-04-30 20:46 - 00152064 ___SH () C:\Users\ntb1\Desktop\Thumbs.db
2014-09-10 10:40 - 2014-02-24 20:24 - 00000074 _____ () C:\Users\ntb1\AppData\Roaming\sp_data.sys
2014-09-10 10:39 - 2014-04-23 20:37 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-10 10:38 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 09:57 - 2014-09-09 11:04 - 00000000 ____D () C:\ProgramData\GGosavenow
2014-09-10 09:42 - 2014-02-24 20:21 - 01114479 _____ () C:\Windows\WindowsUpdate.log
2014-09-09 20:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-09-09 18:34 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-09 18:04 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-09 18:04 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\DropboxMaster
2014-09-09 18:04 - 2014-09-09 18:03 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\Dropbox
2014-09-09 17:50 - 2012-08-02 03:20 - 00011196 _____ () C:\Windows\PFRO.log
2014-09-09 17:48 - 2014-09-09 17:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-09 17:48 - 2014-09-09 17:48 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-09 17:48 - 2014-04-23 20:35 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-09 17:48 - 2014-04-23 20:35 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-09 12:59 - 2014-07-18 16:22 - 00000808 _____ () C:\Users\ntb1\Desktop\GENERALI Kalkulačka.lnk
2014-09-09 11:04 - 2014-09-09 11:04 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Torch
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Chromatic Browser
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\ProgramData\a2244f80195c7952
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Program Files (x86)\GGosavenow
2014-09-09 11:04 - 2014-04-23 20:35 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Google
2014-09-09 11:04 - 2014-04-23 20:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-09 11:04 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-09 11:04 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-09 11:02 - 2014-07-18 13:57 - 00000000 ____D () C:\ProgramData\firebird
2014-09-09 10:42 - 2014-09-09 10:42 - 00839024 _____ (Fishes Concerned) C:\Users\ntb1\Downloads\Adweek-25-August-2014.pdf.exe
2014-09-08 09:41 - 2014-07-21 14:57 - 00050688 _____ () C:\Users\ntb1\Desktop\projekt 100(1) (1).xls
2014-09-08 09:21 - 2014-07-18 13:51 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Deployment
2014-09-05 11:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-03 23:24 - 2014-08-31 20:31 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\vlc
2014-09-03 13:35 - 2014-09-03 13:35 - 00001519 _____ () C:\Users\ntb1\Downloads\ATT00592.htm
2014-09-03 09:40 - 2014-04-23 20:37 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-02 21:27 - 2012-07-26 09:28 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:30 - 2014-08-31 20:30 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-31 20:30 - 2014-08-31 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-31 20:30 - 2014-08-31 20:30 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-31 20:29 - 2014-08-31 20:29 - 24743106 _____ () C:\Users\ntb1\Downloads\vlc-2.1.5-win32.exe
2014-08-31 20:24 - 2014-08-31 19:55 - 1817577667 _____ () C:\Users\ntb1\Desktop\The normal heart-Stejná srdce - 2014 cz dab drama.mkv
2014-08-31 18:31 - 2014-08-31 17:13 - 746151936 _____ () C:\Users\ntb1\Downloads\ANNA-zo-Zeleneho-domu-1-2.avi
2014-08-31 13:12 - 2014-07-30 15:57 - 00309032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-30 22:31 - 2014-08-30 22:31 - 00000000 ____D () C:\Users\ntb1\Desktop\klauds
2014-08-30 22:29 - 2014-08-30 22:28 - 94616366 _____ () C:\Users\ntb1\Downloads\Splav - Morava.rar
2014-08-28 10:55 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-23 08:47 - 2014-08-28 09:09 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 18:37 - 2014-08-19 18:37 - 00000000 ____D () C:\Users\ntb1\TOSHIBA
2014-08-19 18:37 - 2014-02-24 20:23 - 00000000 ____D () C:\Users\ntb1
2014-08-19 18:36 - 2014-08-19 18:35 - 00000000 ____D () C:\Users\ntb1\Desktop\eS453c_X64_XP_VISTA_PS_4.5.98.0
2014-08-19 18:35 - 2014-08-19 18:34 - 03619182 _____ () C:\Users\ntb1\Downloads\eS453c_X64_XP_VISTA_PS_4.5.98.0.zip
2014-08-19 18:32 - 2014-08-19 18:32 - 00000000 ____D () C:\Users\ntb1\Desktop\ovladace
2014-08-19 18:30 - 2014-08-19 18:30 - 02254304 _____ () C:\Users\ntb1\Downloads\estudio281c-windows.exe
2014-08-19 17:33 - 2014-07-20 21:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-19 17:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-19 17:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-08-19 17:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-08-19 17:26 - 2014-08-06 11:16 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 17:26 - 2014-08-06 11:15 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 17:26 - 2014-08-06 11:15 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-19 17:26 - 2014-08-06 11:15 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 17:26 - 2014-08-06 11:15 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-14 10:52 - 2014-04-21 09:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 10:48 - 2014-04-21 09:14 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-12 16:06 - 2012-11-23 18:32 - 00000000 ____D () C:\ProgramData\Adobe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\ntb1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4fsfhl.dll
C:\Users\ntb1\AppData\Local\Temp\s5bg.exe
C:\Users\ntb1\AppData\Local\Temp\s5t0.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\ntb1\Desktop" je 4234 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zablokovaný prehliadač - avast

#4 Příspěvek od vyosek »

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ATO
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 10 zář 2014 09:55

Re: zablokovaný prehliadač - avast

#5 Příspěvek od ATO »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by ntb1 on pi 12.09.2014 at 21:36:40,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30081bc8-f59a-4f64-abf6-10c99a11fd5c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{30081bc8-f59a-4f64-abf6-10c99a11fd5c}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{30081bc8-f59a-4f64-abf6-10c99a11fd5c}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 12.09.2014 at 21:56:50,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zablokovaný prehliadač - avast

#6 Příspěvek od vyosek »

Pokracujte AdwCleanerem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ATO
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 10 zář 2014 09:55

Re: zablokovaný prehliadač - avast

#7 Příspěvek od ATO »

nestihol som, kym ste odpovedali :)

# AdwCleaner v3.310 - Report created 12/09/2014 at 22:04:25
# Updated 12/09/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : ntb1 - NTB
# Running from : C:\Users\ntb1\Desktop\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : DptfParticipantProcessorService
Service Deleted : DptfPolicyConfigTDPService

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\ntb1\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\ntb1\AppData\Local\torch
File Deleted : C:\Windows\System32\DptfParticipantProcessorService.exe
File Deleted : C:\Windows\System32\DptfPolicyConfigTDPService.exe

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKCU\Software\RegisteredApplicationsEx

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17054


-\\ Google Chrome v37.0.2062.103

[ File : C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1945 octets] - [12/09/2014 22:00:21]
AdwCleaner[S0].txt - [1834 octets] - [12/09/2014 22:04:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1894 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zablokovaný prehliadač - avast

#8 Příspěvek od vyosek »

:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ATO
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 10 zář 2014 09:55

Re: zablokovaný prehliadač - avast

#9 Příspěvek od ATO »

Zoek.exe v5.0.0.0 Updated 14-September-2014
Tool run by ntb1 on ut 16.09.2014 at 9:20:26,36.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ntb1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16.9.2014 9:23:26 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zablokovaný prehliadač - avast

#10 Příspěvek od vyosek »

Poprosim o novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ATO
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 10 zář 2014 09:55

Re: zablokovaný prehliadač - avast

#11 Příspěvek od ATO »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014 (ATTENTION: ====> FRST version is 8 days old and could be outdated)
Ran by ntb1 (administrator) on NTB on 18-09-2014 11:30:44
Running from C:\Users\ntb1\Desktop
Platform: Windows 8 (X64) OS Language: Angličtina (USA)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Microsoft Corporation) C:\Windows\splwow64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\ntb1\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

RtHDVCpl



C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

kernel32.dll

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [21888 2012-07-30] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ING eKalkulačka.lnk
ShortcutTarget: ING eKalkulačka.lnk -> C:\IngApps\ING_eKalkulacka_ING_SK\run.cmd ()
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-23]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: Default -> 835035E4CF428A715AA172EAA3B1EFA9D8BC151503E22DA6888E653F048E23AE
CHR DefaultSearchKeyword: Default -> 23A0DC459CCA7B6DBC8D7FB5A0F2A26F058E1F530EF3ACE53A51A3AC464D79F8
CHR DefaultSearchProvider: Default -> 6777546440CC54FB56F6B26EEC4F428717EA60527072318A270102AE7202BD23
CHR DefaultSearchURL: Default -> 30D00A085E5B33892E0CE1E159D31E6A2448FA36291EC992F42E92C48ABC34FC
CHR Profile: C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-16]
CHR Extension: (Dokumenty Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-23]
CHR Extension: (Disk Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-23]
CHR Extension: (YouTube) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-23]
CHR Extension: (Hľadať v Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-23]
CHR Extension: (Tabuľky Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-16]
CHR Extension: (avast! Online Security) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-14]
CHR Extension: (Peňaženka Google) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-23]
CHR Extension: (Gmail) - C:\Users\ntb1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-09] (AVAST Software)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [63488 2012-10-28] (IvoSoft) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-09] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-09] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-17] (ASUS Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
U0 msahci; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 11:30 - 2014-09-18 11:31 - 00017469 _____ () C:\Users\ntb1\Desktop\FRST.txt
2014-09-17 14:12 - 2014-09-17 14:12 - 00000082 ____H () C:\Users\ntb1\Desktop\.~lock.Porovnanie RZP.xlsx#
2014-09-17 14:11 - 2014-09-17 14:11 - 00018823 _____ () C:\Users\ntb1\Desktop\Porovnanie RZP.xlsx
2014-09-16 17:43 - 2014-09-16 17:43 - 00000000 ____D () C:\Users\ntb1\Desktop\sestra
2014-09-16 17:43 - 2014-09-16 17:43 - 00000000 ____D () C:\Users\ntb1\Desktop\ja
2014-09-16 09:52 - 2014-09-16 09:20 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-16 09:22 - 2014-09-16 09:54 - 00009492 _____ () C:\zoek-results.log
2014-09-16 09:20 - 2014-09-16 09:47 - 00000000 ____D () C:\zoek_backup
2014-09-16 09:18 - 2014-09-16 09:18 - 01290240 _____ () C:\Users\ntb1\Desktop\zoek.exe
2014-09-12 22:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-12 21:59 - 2014-09-12 22:04 - 00000000 ____D () C:\AdwCleaner
2014-09-12 21:58 - 2014-09-12 21:58 - 01373475 _____ () C:\Users\ntb1\Desktop\adwcleaner_3.310.exe
2014-09-12 21:56 - 2014-09-12 21:56 - 00001147 _____ () C:\Users\ntb1\Desktop\JRT.txt
2014-09-12 21:36 - 2014-09-12 21:36 - 00000000 ____D () C:\Windows\ERUNT
2014-09-12 21:33 - 2014-09-12 21:33 - 01016261 _____ (Thisisu) C:\Users\ntb1\Desktop\JRT.exe
2014-09-12 21:13 - 2014-09-12 21:26 - 2300636652 _____ () C:\Users\ntb1\Downloads\Hry-o-život-2012-CZ-dabing.mkv
2014-09-11 17:15 - 2014-09-11 17:15 - 00016649 _____ () C:\Users\ntb1\Desktop\vyzva.odt
2014-09-11 14:12 - 2014-09-18 11:30 - 00000000 ____D () C:\FRST
2014-09-11 14:00 - 2014-09-11 14:00 - 00112640 _____ (forum.viry.cz) C:\Users\ntb1\Desktop\FRSTLauncher.exe
2014-09-11 13:57 - 2014-09-11 13:57 - 00112640 _____ (forum.viry.cz) C:\Users\ntb1\Downloads\Nepotvrdené 907136.crdownload
2014-09-11 13:54 - 2014-09-11 13:54 - 02105856 _____ (Farbar) C:\Users\ntb1\Desktop\FRST64.exe
2014-09-09 18:04 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-09 18:04 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\DropboxMaster
2014-09-09 18:03 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\Dropbox
2014-09-09 17:48 - 2014-09-09 17:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-09 17:48 - 2014-09-09 17:48 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-09 11:04 - 2014-09-10 09:57 - 00000000 ____D () C:\ProgramData\GGosavenow
2014-09-09 11:04 - 2014-09-09 11:04 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Program Files (x86)\GGosavenow
2014-09-09 10:42 - 2014-09-09 10:42 - 00839024 _____ (Fishes Concerned) C:\Users\ntb1\Downloads\Adweek-25-August-2014.pdf.exe
2014-09-03 13:35 - 2014-09-03 13:35 - 00001519 _____ () C:\Users\ntb1\Downloads\ATT00592.htm
2014-08-31 20:31 - 2014-09-03 23:24 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\vlc
2014-08-31 20:30 - 2014-08-31 20:30 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-31 20:30 - 2014-08-31 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-31 20:30 - 2014-08-31 20:30 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-31 20:29 - 2014-08-31 20:29 - 24743106 _____ () C:\Users\ntb1\Downloads\vlc-2.1.5-win32.exe
2014-08-31 19:55 - 2014-08-31 20:24 - 1817577667 _____ () C:\Users\ntb1\Desktop\The normal heart-Stejná srdce - 2014 cz dab drama.mkv
2014-08-31 17:13 - 2014-08-31 18:31 - 746151936 _____ () C:\Users\ntb1\Downloads\ANNA-zo-Zeleneho-domu-1-2.avi
2014-08-30 22:28 - 2014-08-30 22:29 - 94616366 _____ () C:\Users\ntb1\Downloads\Splav - Morava.rar
2014-08-28 09:09 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 18:37 - 2014-08-19 18:37 - 00000000 ____D () C:\Users\ntb1\TOSHIBA
2014-08-19 18:36 - 2009-10-06 22:07 - 00562176 _____ () C:\Windows\system32\eST4snm6.dll
2014-08-19 18:35 - 2014-08-19 18:36 - 00000000 ____D () C:\Users\ntb1\Desktop\eS453c_X64_XP_VISTA_PS_4.5.98.0
2014-08-19 18:34 - 2014-08-19 18:35 - 03619182 _____ () C:\Users\ntb1\Downloads\eS453c_X64_XP_VISTA_PS_4.5.98.0.zip
2014-08-19 18:32 - 2014-08-19 18:32 - 00000000 ____D () C:\Users\ntb1\Desktop\ovladace
2014-08-19 18:30 - 2014-08-19 18:30 - 02254304 _____ () C:\Users\ntb1\Downloads\estudio281c-windows.exe
2014-08-19 17:37 - 2014-08-02 02:15 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-19 17:37 - 2014-08-02 02:15 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 11:31 - 2014-09-18 11:30 - 00017469 _____ () C:\Users\ntb1\Desktop\FRST.txt
2014-09-18 11:30 - 2014-09-11 14:12 - 00000000 ____D () C:\FRST
2014-09-18 11:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-09-18 10:46 - 2014-02-24 20:21 - 01568565 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 10:37 - 2014-04-23 20:35 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-17 14:19 - 2014-07-18 13:57 - 00000000 ____D () C:\ProgramData\firebird
2014-09-17 14:15 - 2014-07-18 13:51 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Deployment
2014-09-17 14:13 - 2013-05-19 18:53 - 00003474 _____ () C:\Windows\System32\Tasks\ASUS Live Update1
2014-09-17 14:13 - 2013-05-19 18:53 - 00003464 _____ () C:\Windows\System32\Tasks\ASUS Live Update2
2014-09-17 14:12 - 2014-09-17 14:12 - 00000082 ____H () C:\Users\ntb1\Desktop\.~lock.Porovnanie RZP.xlsx#
2014-09-17 14:11 - 2014-09-17 14:11 - 00018823 _____ () C:\Users\ntb1\Desktop\Porovnanie RZP.xlsx
2014-09-17 14:11 - 2014-04-23 21:59 - 00311296 ___SH () C:\Users\ntb1\Downloads\Thumbs.db
2014-09-16 18:33 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-16 18:27 - 2014-04-21 09:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-16 18:23 - 2014-04-21 09:14 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-16 17:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-16 17:44 - 2014-02-24 20:24 - 00000074 _____ () C:\Users\ntb1\AppData\Roaming\sp_data.sys
2014-09-16 17:43 - 2014-09-16 17:43 - 00000000 ____D () C:\Users\ntb1\Desktop\sestra
2014-09-16 17:43 - 2014-09-16 17:43 - 00000000 ____D () C:\Users\ntb1\Desktop\ja
2014-09-16 17:42 - 2014-04-23 20:35 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 17:42 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-16 17:35 - 2014-07-21 14:57 - 00051200 _____ () C:\Users\ntb1\Desktop\projekt 100(1) (1).xls
2014-09-16 12:21 - 2014-04-30 20:46 - 00272384 ___SH () C:\Users\ntb1\Desktop\Thumbs.db
2014-09-16 09:54 - 2014-09-16 09:22 - 00009492 _____ () C:\zoek-results.log
2014-09-16 09:53 - 2012-08-02 03:20 - 00011832 _____ () C:\Windows\PFRO.log
2014-09-16 09:47 - 2014-09-16 09:20 - 00000000 ____D () C:\zoek_backup
2014-09-16 09:20 - 2014-09-16 09:52 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-16 09:18 - 2014-09-16 09:18 - 01290240 _____ () C:\Users\ntb1\Desktop\zoek.exe
2014-09-15 13:41 - 2014-07-18 14:08 - 00000730 _____ () C:\Users\ntb1\Desktop\ASP kalkulačka.lnk
2014-09-12 22:04 - 2014-09-12 21:59 - 00000000 ____D () C:\AdwCleaner
2014-09-12 21:58 - 2014-09-12 21:58 - 01373475 _____ () C:\Users\ntb1\Desktop\adwcleaner_3.310.exe
2014-09-12 21:56 - 2014-09-12 21:56 - 00001147 _____ () C:\Users\ntb1\Desktop\JRT.txt
2014-09-12 21:36 - 2014-09-12 21:36 - 00000000 ____D () C:\Windows\ERUNT
2014-09-12 21:33 - 2014-09-12 21:33 - 01016261 _____ (Thisisu) C:\Users\ntb1\Desktop\JRT.exe
2014-09-12 21:26 - 2014-09-12 21:13 - 2300636652 _____ () C:\Users\ntb1\Downloads\Hry-o-život-2012-CZ-dabing.mkv
2014-09-12 16:53 - 2014-07-18 13:40 - 00000000 ____D () C:\Users\ntb1\Desktop\Fincentrum
2014-09-11 17:15 - 2014-09-11 17:15 - 00016649 _____ () C:\Users\ntb1\Desktop\vyzva.odt
2014-09-11 14:00 - 2014-09-11 14:00 - 00112640 _____ (forum.viry.cz) C:\Users\ntb1\Desktop\FRSTLauncher.exe
2014-09-11 13:57 - 2014-09-11 13:57 - 00112640 _____ (forum.viry.cz) C:\Users\ntb1\Downloads\Nepotvrdené 907136.crdownload
2014-09-11 13:54 - 2014-09-11 13:54 - 02105856 _____ (Farbar) C:\Users\ntb1\Desktop\FRST64.exe
2014-09-10 10:39 - 2014-04-23 20:37 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-10 09:57 - 2014-09-09 11:04 - 00000000 ____D () C:\ProgramData\GGosavenow
2014-09-09 20:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-09-09 18:34 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-09 18:04 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-09 18:04 - 2014-09-09 18:04 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\DropboxMaster
2014-09-09 18:04 - 2014-09-09 18:03 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\Dropbox
2014-09-09 17:48 - 2014-09-09 17:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-09 17:48 - 2014-09-09 17:48 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-09 17:48 - 2014-04-23 20:35 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-09 17:48 - 2014-04-23 20:35 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-09 17:48 - 2014-04-23 20:35 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-09 12:59 - 2014-07-18 16:22 - 00000808 _____ () C:\Users\ntb1\Desktop\GENERALI Kalkulačka.lnk
2014-09-09 11:04 - 2014-09-09 11:04 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Guest
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Users\Administrator
2014-09-09 11:04 - 2014-09-09 11:04 - 00000000 ____D () C:\Program Files (x86)\GGosavenow
2014-09-09 11:04 - 2014-04-23 20:35 - 00000000 ____D () C:\Users\ntb1\AppData\Local\Google
2014-09-09 11:04 - 2014-04-23 20:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-09 11:04 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-09 11:04 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-09 10:42 - 2014-09-09 10:42 - 00839024 _____ (Fishes Concerned) C:\Users\ntb1\Downloads\Adweek-25-August-2014.pdf.exe
2014-09-03 23:24 - 2014-08-31 20:31 - 00000000 ____D () C:\Users\ntb1\AppData\Roaming\vlc
2014-09-03 13:35 - 2014-09-03 13:35 - 00001519 _____ () C:\Users\ntb1\Downloads\ATT00592.htm
2014-09-03 09:40 - 2014-04-23 20:37 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-02 21:27 - 2012-07-26 09:28 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:30 - 2014-08-31 20:30 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-31 20:30 - 2014-08-31 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-31 20:30 - 2014-08-31 20:30 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-31 20:29 - 2014-08-31 20:29 - 24743106 _____ () C:\Users\ntb1\Downloads\vlc-2.1.5-win32.exe
2014-08-31 20:24 - 2014-08-31 19:55 - 1817577667 _____ () C:\Users\ntb1\Desktop\The normal heart-Stejná srdce - 2014 cz dab drama.mkv
2014-08-31 18:31 - 2014-08-31 17:13 - 746151936 _____ () C:\Users\ntb1\Downloads\ANNA-zo-Zeleneho-domu-1-2.avi
2014-08-31 13:12 - 2014-07-30 15:57 - 00309032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-30 22:29 - 2014-08-30 22:28 - 94616366 _____ () C:\Users\ntb1\Downloads\Splav - Morava.rar
2014-08-23 08:47 - 2014-08-28 09:09 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 18:37 - 2014-08-19 18:37 - 00000000 ____D () C:\Users\ntb1\TOSHIBA
2014-08-19 18:37 - 2014-02-24 20:23 - 00000000 ____D () C:\Users\ntb1
2014-08-19 18:36 - 2014-08-19 18:35 - 00000000 ____D () C:\Users\ntb1\Desktop\eS453c_X64_XP_VISTA_PS_4.5.98.0
2014-08-19 18:35 - 2014-08-19 18:34 - 03619182 _____ () C:\Users\ntb1\Downloads\eS453c_X64_XP_VISTA_PS_4.5.98.0.zip
2014-08-19 18:32 - 2014-08-19 18:32 - 00000000 ____D () C:\Users\ntb1\Desktop\ovladace
2014-08-19 18:30 - 2014-08-19 18:30 - 02254304 _____ () C:\Users\ntb1\Downloads\estudio281c-windows.exe
2014-08-19 17:33 - 2014-07-20 21:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-19 17:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-19 17:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-08-19 17:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-08-19 17:26 - 2014-08-06 11:16 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-19 17:26 - 2014-08-06 11:16 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 17:26 - 2014-08-06 11:15 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 17:26 - 2014-08-06 11:15 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-19 17:26 - 2014-08-06 11:15 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 17:26 - 2014-08-06 11:15 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\ntb1\Desktop" je 4148 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zablokovaný prehliadač - avast

#12 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

2014-09-18 11:30 - 2014-09-18 11:31 - 00017469 _____ () C:\Users\ntb1\Desktop\FRST.txt
2014-09-16 09:52 - 2014-09-16 09:20 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-16 09:22 - 2014-09-16 09:54 - 00009492 _____ () C:\zoek-results.log
2014-09-16 09:20 - 2014-09-16 09:47 - 00000000 ____D () C:\zoek_backup
2014-09-16 09:18 - 2014-09-16 09:18 - 01290240 _____ () C:\Users\ntb1\Desktop\zoek.exe
2014-09-12 22:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-12 21:59 - 2014-09-12 22:04 - 00000000 ____D () C:\AdwCleaner
2014-09-12 21:58 - 2014-09-12 21:58 - 01373475 _____ () C:\Users\ntb1\Desktop\adwcleaner_3.310.exe
2014-09-12 21:56 - 2014-09-12 21:56 - 00001147 _____ () C:\Users\ntb1\Desktop\JRT.txt
2014-09-12 21:36 - 2014-09-12 21:36 - 00000000 ____D () C:\Windows\ERUNT
2014-09-12 21:33 - 2014-09-12 21:33 - 01016261 _____ (Thisisu) C:\Users\ntb1\Desktop\JRT.exe
C:\ProgramData\SetStretch.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“