Dobrý den,
prosím o preventivní kontrolu, PC se mi zdá pomalé a navíc se po zapnutí, a to jen někdy, chce spustit program s divným názvem (pokaždé jiný), který je pak uložen do "temp".
Tady je RSIT log.
Logfile of random's system information tool 1.10 (written by random/random)
Run by poil at 2015-03-01 16:28:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 117 GB (51%) free of 231 GB
Total RAM: 3061 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:28:20, on 1.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\windows\system32\Dwm.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\windows\Explorer.EXE
C:\windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\HP\HP Deskjet 6520 series\Bin\HPNetworkCommunicator.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\RSIT(1).exe
C:\Program Files\trend micro\poil.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [APLangApp] "C:\Program Files\AnyPC Client\APLangApp.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [ShadowPlay] C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [HP Deskjet 6520 series (NET)] "C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH47H582NR05XR:NW" -scfn "HP Deskjet 6520 series (NET)" -AutoStart 1
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 11067 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\poil\AppData\Roaming\Mozilla\Firefox\Profiles\257urehv.default-1423090371408
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files\Common Files\Wolfram Research\Browser\9.0.0.3824406\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-15 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-15 8120864]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2009-06-03 103720]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2009-04-15 91432]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2009-04-15 50472]
"APLangApp"=C:\Program Files\AnyPC Client\APLangApp.exe [2009-11-20 13312]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"ShadowPlay"=C:\windows\system32\nvspcap.dll [2014-04-30 1081112]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-15 5227112]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 383424]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1425208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-01-31 6699800]
"HP Deskjet 6520 series (NET)"=C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-03-01 16:28:04 ----D---- C:\rsit
2015-03-01 16:28:04 ----D---- C:\Program Files\trend micro
2015-03-01 16:18:24 ----N---- C:\bootsqm.dat
2015-03-01 13:49:13 ----D---- C:\windows\Minidump
2015-02-15 23:27:52 ----HD---- C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY
2015-02-15 13:16:02 ----D---- C:\windows\system32\vbox
2015-02-15 13:08:41 ----A---- C:\windows\system32\aswBoot.exe
2015-02-15 13:08:23 ----A---- C:\windows\avastSS.scr
2015-02-13 11:46:49 ----D---- C:\Program Files\Guitar Pro 5
2015-02-13 11:46:39 ----D---- C:\Users\poil\AppData\Roaming\Imminent
2015-02-13 11:46:33 ----D---- C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn
2015-02-12 13:57:53 ----A---- C:\windows\system32\jscript9diag.dll
2015-02-12 13:57:53 ----A---- C:\windows\system32\jscript9.dll
2015-02-11 12:29:16 ----A---- C:\windows\system32\win32k.sys
2015-02-11 12:29:08 ----A---- C:\windows\system32\sspicli.dll
2015-02-11 12:29:08 ----A---- C:\windows\system32\lsass.exe
2015-02-11 12:29:08 ----A---- C:\windows\system32\lsasrv.dll
2015-02-11 12:29:08 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-02-11 12:29:08 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-02-11 12:29:08 ----A---- C:\windows\system32\drivers\cng.sys
2015-02-11 12:29:08 ----A---- C:\windows\system32\auditpol.exe
2015-02-11 12:29:08 ----A---- C:\windows\system32\adtschema.dll
2015-02-11 12:29:07 ----A---- C:\windows\system32\sspisrv.dll
2015-02-11 12:29:07 ----A---- C:\windows\system32\secur32.dll
2015-02-11 12:29:07 ----A---- C:\windows\system32\msobjs.dll
2015-02-11 12:29:07 ----A---- C:\windows\system32\msaudite.dll
2015-02-11 12:28:47 ----A---- C:\windows\system32\ntkrnlpa.exe
2015-02-11 12:28:46 ----A---- C:\windows\system32\ntoskrnl.exe
2015-02-11 12:28:38 ----A---- C:\windows\system32\mstscax.dll
2015-02-11 12:28:38 ----A---- C:\windows\system32\aaclient.dll
2015-02-11 12:28:36 ----A---- C:\windows\system32\oleaut32.dll
2015-02-11 12:28:35 ----A---- C:\windows\system32\invagent.dll
2015-02-11 12:28:35 ----A---- C:\windows\system32\generaltel.dll
2015-02-11 12:28:35 ----A---- C:\windows\system32\appraiser.dll
2015-02-11 12:28:35 ----A---- C:\windows\system32\aeinv.dll
2015-02-11 12:28:34 ----A---- C:\windows\system32\devinv.dll
2015-02-11 12:28:34 ----A---- C:\windows\system32\aitstatic.exe
2015-02-11 12:28:33 ----A---- C:\windows\system32\aepic.dll
2015-02-11 12:28:33 ----A---- C:\windows\system32\aepdu.dll
2015-02-11 12:28:31 ----A---- C:\windows\system32\schannel.dll
2015-02-11 12:28:31 ----A---- C:\windows\system32\msv1_0.dll
2015-02-11 12:28:31 ----A---- C:\windows\system32\kerberos.dll
2015-02-11 12:28:30 ----A---- C:\windows\system32\wdigest.dll
2015-02-11 12:28:30 ----A---- C:\windows\system32\TSpkg.dll
2015-02-11 12:28:30 ----A---- C:\windows\system32\ncrypt.dll
2015-02-11 12:28:30 ----A---- C:\windows\system32\credssp.dll
2015-02-11 12:28:24 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 12:28:24 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-02-11 12:28:24 ----A---- C:\windows\system32\ieetwcollector.exe
2015-02-11 12:28:23 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 12:28:23 ----A---- C:\windows\system32\iernonce.dll
2015-02-11 12:28:23 ----A---- C:\windows\system32\ie4uinit.exe
2015-02-11 12:28:22 ----A---- C:\windows\system32\urlmon.dll
2015-02-11 12:28:22 ----A---- C:\windows\system32\iedkcs32.dll
2015-02-11 12:28:21 ----A---- C:\windows\system32\jsproxy.dll
2015-02-11 12:28:21 ----A---- C:\windows\system32\ieUnatt.exe
2015-02-11 12:28:21 ----A---- C:\windows\system32\dxtmsft.dll
2015-02-11 12:28:19 ----A---- C:\windows\system32\msfeeds.dll
2015-02-11 12:28:19 ----A---- C:\windows\system32\ieapfltr.dll
2015-02-11 12:28:18 ----A---- C:\windows\system32\msrating.dll
2015-02-11 12:28:18 ----A---- C:\windows\system32\iesetup.dll
2015-02-11 12:28:17 ----A---- C:\windows\system32\wininet.dll
2015-02-11 12:28:17 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-02-11 12:28:16 ----A---- C:\windows\system32\ieui.dll
2015-02-11 12:28:16 ----A---- C:\windows\system32\dxtrans.dll
2015-02-11 12:28:15 ----A---- C:\windows\system32\ieframe.dll
2015-02-11 12:28:14 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-02-11 12:28:14 ----A---- C:\windows\system32\mshtmled.dll
2015-02-11 12:28:13 ----A---- C:\windows\system32\MshtmlDac.dll
2015-02-11 12:28:13 ----A---- C:\windows\system32\iertutil.dll
2015-02-11 12:28:11 ----A---- C:\windows\system32\mshtml.dll
2015-02-11 12:28:10 ----A---- C:\windows\system32\vbscript.dll
2015-02-11 12:28:01 ----A---- C:\windows\system32\crypt32.dll
2015-02-11 12:27:58 ----A---- C:\windows\system32\scesrv.dll
2015-02-11 12:27:57 ----A---- C:\windows\system32\WindowsCodecs.dll
2015-02-04 14:34:35 ----A---- C:\windows\system32\fmcodec.DLL
======List of files/folders modified in the last 1 month======
2015-03-01 16:28:04 ----D---- C:\Program Files
2015-03-01 16:25:59 ----SHD---- C:\windows\Installer
2015-03-01 16:25:59 ----D---- C:\windows\Temp
2015-03-01 16:21:50 ----SHD---- C:\Config.Msi
2015-03-01 16:20:11 ----D---- C:\Program Files\SUPERAntiSpyware
2015-03-01 16:19:48 ----D---- C:\windows\system32\config
2015-03-01 14:44:10 ----D---- C:\windows\System32
2015-03-01 14:42:15 ----D---- C:\windows\Prefetch
2015-03-01 14:40:26 ----D---- C:\Windows
2015-02-28 19:45:35 ----D---- C:\Users\poil\AppData\Roaming\Nero
2015-02-28 19:45:23 ----D---- C:\ProgramData\Nero
2015-02-27 11:57:23 ----D---- C:\Users\poil\AppData\Roaming\vlc
2015-02-26 08:31:25 ----D---- C:\windows\winsxs
2015-02-25 21:36:41 ----SHD---- C:\System Volume Information
2015-02-23 15:09:33 ----D---- C:\windows\rescache
2015-02-15 18:06:14 ----D---- C:\windows\Microsoft.NET
2015-02-15 15:51:53 ----D---- C:\Program Files\Steam
2015-02-15 13:51:15 ----D---- C:\windows\debug
2015-02-15 13:24:58 ----D---- C:\windows\Tasks
2015-02-15 13:24:58 ----D---- C:\windows\system32\Tasks
2015-02-15 13:24:56 ----A---- C:\windows\system32\FlashPlayerApp.exe
2015-02-15 13:09:16 ----D---- C:\windows\inf
2015-02-15 13:09:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-02-15 13:09:02 ----D---- C:\windows\system32\drivers
2015-02-15 12:54:11 ----D---- C:\Users\poil\AppData\Roaming\NVIDIA
2015-02-13 11:46:50 ----RSD---- C:\windows\Fonts
2015-02-13 02:20:21 ----RSD---- C:\windows\assembly
2015-02-12 17:24:42 ----D---- C:\windows\system32\en-US
2015-02-11 20:41:53 ----D---- C:\windows\system32\cs-CZ
2015-02-11 20:41:52 ----SD---- C:\windows\system32\CompatTel
2015-02-11 20:41:51 ----D---- C:\windows\system32\appraiser
2015-02-11 20:41:46 ----D---- C:\Program Files\Internet Explorer
2015-02-11 18:40:10 ----D---- C:\windows\system32\MRT
2015-02-11 18:36:24 ----A---- C:\windows\system32\MRT.exe
2015-02-11 18:35:24 ----D---- C:\ProgramData\Microsoft Help
2015-02-11 12:27:18 ----D---- C:\windows\system32\catroot2
2015-02-07 13:34:16 ----D---- C:\Program Files\Common Files\Steam
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-02-15 49944]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-02-15 206248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-04-27 435736]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-02-15 81768]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-02-15 787800]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-02-15 423784]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 30616]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-02-15 24184]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-02-15 70384]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-02-15 91496]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-02-15 218192]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-10-02 86056]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2009-08-29 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-08-29 18472]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-12-15 2977248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2013-11-28 162592]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 19400]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad32v.sys [2014-03-31 34080]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-10-10 229424]
R3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2013-07-24 29696]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2011-12-13 2228224]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-08-13 142648]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-15 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-02 595232]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1618888]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 19701080]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-03-04 663896]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [2009-08-13 44312]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2014-08-31 75064]
R2 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2014-08-31 214520]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-07-07 247152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-02-15 3192344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-20 116648]
S2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2013-07-18 762192]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-15 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-03-31 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-20 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-01-12 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-29 114800]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-01-23 834752]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-06-16 1343400]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé PC - preventivní
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalé PC - preventivní
Zdravim 
Odinstalujte V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
Odinstalujte - Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomalé PC - preventivní
Nevím, jestli se mi podařilo odinstalovat ten skype click .., protože jsem ho mezi programy ani pomocí CCleaneru nenašel, tak jsem odinstaloval celý skype, neboť už ho stejně nepoužívám. Výsledný log zde:
# AdwCleaner v4.111 - Logfile created 02/03/2015 at 11:53:49
# Updated 18/02/2015 by Xplode
# Database : 2015-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : poil - POIL-PC
# Running from : C:\Users\poil\Desktop\adwcleaner_4.111.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Deleted : C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
File Deleted : C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v35.0.1 (x86 cs)
-\\ Google Chrome v40.0.2214.115
[C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-08-28&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
-\\ Comodo Dragon v
[C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-08-28&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko
*************************
AdwCleaner[R0].txt - [1683 bytes] - [02/03/2015 11:51:07]
AdwCleaner[S0].txt - [1838 bytes] - [02/03/2015 11:53:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1897 bytes] ##########
# AdwCleaner v4.111 - Logfile created 02/03/2015 at 11:53:49
# Updated 18/02/2015 by Xplode
# Database : 2015-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : poil - POIL-PC
# Running from : C:\Users\poil\Desktop\adwcleaner_4.111.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Deleted : C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
File Deleted : C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v35.0.1 (x86 cs)
-\\ Google Chrome v40.0.2214.115
[C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-08-28&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
-\\ Comodo Dragon v
[C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-08-28&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\poil\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko
*************************
AdwCleaner[R0].txt - [1683 bytes] - [02/03/2015 11:51:07]
AdwCleaner[S0].txt - [1838 bytes] - [02/03/2015 11:53:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1897 bytes] ##########
Re: Pomalé PC - preventivní
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomalé PC - preventivní
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-03-2015
Ran by poil (administrator) on POIL-PC on 02-03-2015 18:03:40
Running from C:\Users\poil\Desktop
Loaded Profiles: poil (Available profiles: poil)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(DoctorSoft) C:\Program Files\AnyPC Client\APLangApp.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 6520 series\Bin\HPNetworkCommunicator.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\poil\Desktop\FRST(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [RemoteControl8] => C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [APLangApp] => C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-15] (AVAST Software)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [383424 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-31] (SUPERAntiSpyware)
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\Run: [HP Deskjet 6520 series (NET)] => C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\MountPoints2: {b98fa987-811f-11e3-aa00-0026b6d91a38} - F:\STARTUP.EXE
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\Winlogon: [Shell] C:\windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2013-10-05] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=smsn
URLSearchHook: HKU\S-1-5-21-3670137199-2938631228-624182700-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF ProfilePath: C:\Users\poil\AppData\Roaming\Mozilla\Firefox\Profiles\257urehv.default-1423090371408
FF Homepage: hxxp://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\9.0.0.3824406\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3670137199-2938631228-624182700-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\poil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\poil\AppData\Roaming\Mozilla\Firefox\Profiles\257urehv.default-1423090371408\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-20]
CHR Extension: (Google Drive) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-20]
CHR Extension: (YouTube) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-20]
CHR Extension: (Google Search) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-20]
CHR Extension: (Bookmark Manager) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-02-04]
CHR Extension: (Google Wallet) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-20]
CHR Extension: (Tetris 3D) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdkeccfoknbfheljdlnicdlbflmfkdpm [2013-12-20]
CHR Extension: (Gmail) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-20]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-15]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-13] (SUPERAntiSpyware.com)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2015-02-15] (Avast Software)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2014-03-31] (Flexera Software, Inc.)
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19701080 2014-04-30] (NVIDIA Corporation)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [75064 2014-08-31] ()
R2 PnkBstrB; C:\windows\system32\PnkBstrB.exe [214520 2014-08-31] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2015-02-15] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2015-02-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2015-02-15] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2015-02-15] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2015-02-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2015-02-15] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2015-02-15] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2015-02-15] ()
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19400 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2015-02-15] (Avast Software)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-02 18:03 - 2015-03-02 18:04 - 00016526 _____ () C:\Users\poil\Desktop\FRST.txt
2015-03-02 18:03 - 2015-03-02 18:03 - 00000000 ____D () C:\FRST
2015-03-02 18:02 - 2015-03-02 18:02 - 01132032 _____ (Farbar) C:\Users\poil\Desktop\FRST(1).exe
2015-03-02 14:13 - 2015-03-02 14:13 - 00000197 _____ () C:\windows\system32\2015-03-02-13-13-21.047-AvastVBoxSVC.exe-4312.log
2015-03-02 11:58 - 2015-03-02 11:58 - 00000197 _____ () C:\windows\system32\2015-03-02-10-58-02.055-AvastVBoxSVC.exe-692.log
2015-03-02 11:51 - 2015-03-02 11:53 - 00000000 ____D () C:\AdwCleaner
2015-03-02 11:50 - 2015-03-02 11:50 - 02126848 _____ () C:\Users\poil\Desktop\adwcleaner_4.111.exe
2015-03-02 11:25 - 2015-03-02 11:25 - 00000197 _____ () C:\windows\system32\2015-03-02-10-25-10.032-AvastVBoxSVC.exe-4904.log
2015-03-01 23:48 - 2015-03-01 23:48 - 00000247 _____ () C:\windows\system32\2015-03-01-22-48-41.020-aswFe.exe-6064.log
2015-03-01 23:41 - 2015-03-01 23:48 - 00000247 _____ () C:\windows\system32\2015-03-01-22-41-23.078-aswFe.exe-5884.log
2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\rsit
2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\Program Files\trend micro
2015-03-01 16:18 - 2015-03-01 16:18 - 00003544 ____N () C:\bootsqm.dat
2015-03-01 14:44 - 2015-03-01 14:44 - 00000197 _____ () C:\windows\system32\2015-03-01-13-44-10.059-AvastVBoxSVC.exe-3332.log
2015-03-01 14:40 - 2015-03-01 14:40 - 00160616 _____ () C:\windows\Minidump\030115-21559-01.dmp
2015-03-01 13:49 - 2015-03-01 14:40 - 448733221 _____ () C:\windows\MEMORY.DMP
2015-03-01 13:49 - 2015-03-01 14:40 - 00000000 ____D () C:\windows\Minidump
2015-03-01 13:49 - 2015-03-01 13:49 - 00160616 _____ () C:\windows\Minidump\030115-18189-01.dmp
2015-02-28 22:33 - 2015-02-28 22:33 - 00000197 _____ () C:\windows\system32\2015-02-28-21-33-22.044-AvastVBoxSVC.exe-5228.log
2015-02-28 19:45 - 2015-02-28 19:45 - 00000000 ____D () C:\Users\poil\Documents\NeroVideo
2015-02-28 19:45 - 2015-02-28 19:45 - 00000000 ____D () C:\Users\poil\AppData\Local\Nero
2015-02-27 09:49 - 2015-02-27 09:50 - 00000197 _____ () C:\windows\system32\2015-02-27-08-49-59.067-AvastVBoxSVC.exe-5116.log
2015-02-26 12:35 - 2015-02-26 12:35 - 00000197 _____ () C:\windows\system32\2015-02-26-11-35-10.013-AvastVBoxSVC.exe-2168.log
2015-02-26 08:33 - 2015-02-26 08:34 - 00000197 _____ () C:\windows\system32\2015-02-26-07-33-43.082-AvastVBoxSVC.exe-5456.log
2015-02-25 21:36 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 20:20 - 2015-02-25 20:20 - 00000197 _____ () C:\windows\system32\2015-02-25-19-20-16.079-AvastVBoxSVC.exe-3644.log
2015-02-25 17:27 - 2015-02-25 17:27 - 00000197 _____ () C:\windows\system32\2015-02-25-16-27-16.016-AvastVBoxSVC.exe-3724.log
2015-02-23 23:59 - 2015-02-23 23:59 - 00000197 _____ () C:\windows\system32\2015-02-23-22-59-56.015-AvastVBoxSVC.exe-4584.log
2015-02-23 11:45 - 2015-02-23 11:45 - 00000197 _____ () C:\windows\system32\2015-02-23-10-45-45.049-AvastVBoxSVC.exe-5456.log
2015-02-22 19:10 - 2015-02-22 19:11 - 00000197 _____ () C:\windows\system32\2015-02-22-18-10-49.090-AvastVBoxSVC.exe-4068.log
2015-02-22 14:14 - 2015-02-22 14:14 - 00000197 _____ () C:\windows\system32\2015-02-22-13-14-51.045-AvastVBoxSVC.exe-1804.log
2015-02-21 13:07 - 2015-02-21 13:07 - 00000197 _____ () C:\windows\system32\2015-02-21-12-07-39.036-AvastVBoxSVC.exe-4228.log
2015-02-20 17:36 - 2015-02-20 17:36 - 00000197 _____ () C:\windows\system32\2015-02-20-16-36-27.083-AvastVBoxSVC.exe-5308.log
2015-02-19 12:00 - 2015-02-19 12:00 - 00000197 _____ () C:\windows\system32\2015-02-19-11-00-28.029-AvastVBoxSVC.exe-4932.log
2015-02-19 01:12 - 2015-02-19 01:12 - 00000197 _____ () C:\windows\system32\2015-02-19-00-12-29.000-AvastVBoxSVC.exe-5096.log
2015-02-18 12:40 - 2015-02-18 12:40 - 00000197 _____ () C:\windows\system32\2015-02-18-11-40-29.044-AvastVBoxSVC.exe-5396.log
2015-02-18 09:05 - 2015-02-18 09:05 - 00000197 _____ () C:\windows\system32\2015-02-18-08-05-26.011-AvastVBoxSVC.exe-5084.log
2015-02-18 00:06 - 2015-02-18 00:07 - 00000197 _____ () C:\windows\system32\2015-02-17-23-06-30.034-AvastVBoxSVC.exe-4716.log
2015-02-17 13:05 - 2015-02-17 13:05 - 00000197 _____ () C:\windows\system32\2015-02-17-12-05-34.092-AvastVBoxSVC.exe-5104.log
2015-02-17 02:48 - 2015-02-17 02:48 - 00000197 _____ () C:\windows\system32\2015-02-17-01-48-50.073-AvastVBoxSVC.exe-5568.log
2015-02-16 16:26 - 2015-02-16 16:26 - 00000197 _____ () C:\windows\system32\2015-02-16-15-26-29.006-AvastVBoxSVC.exe-3868.log
2015-02-16 14:03 - 2015-02-16 14:03 - 00000197 _____ () C:\windows\system32\2015-02-16-13-03-14.051-AvastVBoxSVC.exe-5728.log
2015-02-16 14:01 - 2015-03-02 16:17 - 00006048 _____ () C:\windows\setupact.log
2015-02-16 14:01 - 2015-02-16 14:01 - 00000000 _____ () C:\windows\setuperr.log
2015-02-15 23:27 - 2015-02-22 19:06 - 00000000 ___HD () C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY
2015-02-15 13:29 - 2015-02-15 13:29 - 00000247 _____ () C:\windows\system32\2015-02-15-12-29-10.030-aswFe.exe-4828.log
2015-02-15 13:24 - 2015-03-02 18:03 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-15 13:22 - 2015-02-15 13:29 - 00000247 _____ () C:\windows\system32\2015-02-15-12-22-32.076-aswFe.exe-3712.log
2015-02-15 13:22 - 2015-02-15 13:22 - 00000197 _____ () C:\windows\system32\2015-02-15-12-22-24.044-AvastVBoxSVC.exe-4488.log
2015-02-15 13:16 - 2015-02-15 13:16 - 00000000 ____D () C:\windows\system32\vbox
2015-02-15 13:09 - 2015-02-15 13:09 - 00002005 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-15 13:08 - 2015-02-15 13:08 - 00291352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-02-15 13:08 - 2015-02-15 13:08 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2015-02-13 11:47 - 2015-02-13 11:47 - 00000862 _____ () C:\Users\poil\Desktop\Guitar Pro 5.lnk
2015-02-13 11:47 - 2015-02-13 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
2015-02-13 11:46 - 2015-02-13 14:11 - 00000000 ____D () C:\Users\poil\AppData\Roaming\Imminent
2015-02-13 11:46 - 2015-02-13 11:46 - 00000000 ____D () C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn
2015-02-13 11:46 - 2015-02-13 11:46 - 00000000 ____D () C:\Program Files\Guitar Pro 5
2015-02-12 13:57 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 13:57 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-11 12:29 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 12:29 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 12:29 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 12:29 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 12:29 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 12:29 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 12:29 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 12:29 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 12:29 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 12:29 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 12:29 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 12:29 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 12:29 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-11 12:28 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 12:28 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 12:28 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 12:28 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-02-11 12:28 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 12:28 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 12:28 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 12:28 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 12:28 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 12:28 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 12:28 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 12:28 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 12:28 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 12:28 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 12:28 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 12:28 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 12:28 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 12:28 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 12:28 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 12:28 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 12:28 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 12:28 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 12:28 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 12:28 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 12:28 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 12:28 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 12:28 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 12:28 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 12:28 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 12:28 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 12:28 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 12:28 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 12:28 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 12:28 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 12:28 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 12:28 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-02-11 12:28 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2015-02-11 12:27 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 12:27 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-04 23:52 - 2015-02-04 23:52 - 00000000 ____D () C:\Users\poil\Desktop\Původní data aplikace Firefox
2015-02-04 14:34 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\windows\system32\fmcodec.DLL
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-02 18:00 - 2014-11-16 18:49 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-02 17:45 - 2010-01-06 04:36 - 01541735 _____ () C:\windows\WindowsUpdate.log
2015-03-02 17:00 - 2014-11-16 18:49 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-02 14:18 - 2009-07-14 05:34 - 00023552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-02 14:18 - 2009-07-14 05:34 - 00023552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-02 14:09 - 2010-06-15 14:51 - 00000000 ____D () C:\Users\poil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-03-02 14:09 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-02 11:55 - 2013-10-05 17:44 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-02 11:48 - 2010-06-19 23:47 - 00000000 ____D () C:\ProgramData\Skype
2015-02-28 19:45 - 2013-11-10 14:01 - 00000000 ____D () C:\Users\poil\AppData\Roaming\Nero
2015-02-28 19:45 - 2013-11-10 13:56 - 00000000 ____D () C:\ProgramData\Nero
2015-02-27 11:57 - 2013-10-05 22:42 - 00000000 ____D () C:\Users\poil\AppData\Roaming\vlc
2015-02-23 15:09 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2015-02-21 02:43 - 2013-12-20 16:30 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-15 18:06 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-02-15 15:51 - 2014-12-27 12:44 - 00000000 ____D () C:\Program Files\Steam
2015-02-15 13:25 - 2014-08-26 21:53 - 00000000 ____D () C:\Users\poil\AppData\Local\Adobe
2015-02-15 13:24 - 2013-10-05 16:20 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-02-15 13:24 - 2013-10-05 16:20 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-15 13:09 - 2013-10-05 16:08 - 00787800 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-02-15 13:09 - 2009-07-26 21:06 - 01584554 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-15 13:08 - 2014-05-16 13:41 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-02-15 13:08 - 2014-02-16 17:04 - 00091496 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00423784 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00206248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00070384 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-02-15 12:54 - 2014-05-28 13:50 - 00000000 ____D () C:\Users\poil\AppData\Roaming\NVIDIA
2015-02-13 16:37 - 2009-07-14 05:33 - 03852352 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-13 11:47 - 2010-06-15 15:03 - 00146144 _____ () C:\Users\poil\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-11 20:41 - 2014-12-12 01:37 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 20:41 - 2014-05-06 11:02 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 18:40 - 2013-10-05 17:10 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 18:36 - 2010-06-16 14:46 - 113756392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-11 18:35 - 2010-06-15 14:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-07 13:34 - 2014-12-27 12:44 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-02-04 14:37 - 2014-08-28 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-02-04 14:34 - 2014-08-28 16:23 - 00000049 _____ () C:\windows\system32\ScrRecX.log
2015-02-04 14:34 - 2013-10-25 11:45 - 00001104 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2015-02-04 14:34 - 2013-10-25 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
==================== Files in the root of some directories =======
2014-04-07 15:11 - 2014-04-02 20:04 - 1436688384 _____ () C:\Program Files\South.Park.The.Stick.of.Truth-FTS.iso
2014-11-25 20:50 - 2014-11-25 20:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-06-19 23:50 - 2010-06-19 23:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-06-15 14:55 - 2009-08-17 04:16 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2014-03-31 22:45 - 2014-03-31 22:45 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2010-01-05 11:51 - 2010-01-05 11:51 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-01-05 11:49 - 2010-01-05 11:50 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-01-05 11:46 - 2010-01-05 11:47 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-01-05 11:50 - 2010-01-05 11:50 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-01-05 11:46 - 2010-01-05 11:46 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-01-05 11:47 - 2010-01-05 11:49 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Some content of TEMP:
====================
C:\Users\poil\AppData\Local\Temp\47450.exe
C:\Users\poil\AppData\Local\Temp\Quarantine.exe
C:\Users\poil\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 15:01
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-03-2015
Ran by poil (administrator) on POIL-PC on 02-03-2015 18:03:40
Running from C:\Users\poil\Desktop
Loaded Profiles: poil (Available profiles: poil)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(DoctorSoft) C:\Program Files\AnyPC Client\APLangApp.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 6520 series\Bin\HPNetworkCommunicator.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\poil\Desktop\FRST(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [RemoteControl8] => C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [APLangApp] => C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-15] (AVAST Software)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [383424 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-31] (SUPERAntiSpyware)
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\Run: [HP Deskjet 6520 series (NET)] => C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\MountPoints2: {b98fa987-811f-11e3-aa00-0026b6d91a38} - F:\STARTUP.EXE
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\Winlogon: [Shell] C:\windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2013-10-05] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=smsn
URLSearchHook: HKU\S-1-5-21-3670137199-2938631228-624182700-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF ProfilePath: C:\Users\poil\AppData\Roaming\Mozilla\Firefox\Profiles\257urehv.default-1423090371408
FF Homepage: hxxp://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\9.0.0.3824406\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3670137199-2938631228-624182700-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\poil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\poil\AppData\Roaming\Mozilla\Firefox\Profiles\257urehv.default-1423090371408\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-20]
CHR Extension: (Google Drive) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-20]
CHR Extension: (YouTube) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-20]
CHR Extension: (Google Search) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-20]
CHR Extension: (Bookmark Manager) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-02-04]
CHR Extension: (Google Wallet) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-20]
CHR Extension: (Tetris 3D) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdkeccfoknbfheljdlnicdlbflmfkdpm [2013-12-20]
CHR Extension: (Gmail) - C:\Users\poil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-20]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-15]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-13] (SUPERAntiSpyware.com)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2015-02-15] (Avast Software)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2014-03-31] (Flexera Software, Inc.)
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19701080 2014-04-30] (NVIDIA Corporation)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [75064 2014-08-31] ()
R2 PnkBstrB; C:\windows\system32\PnkBstrB.exe [214520 2014-08-31] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2015-02-15] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2015-02-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2015-02-15] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2015-02-15] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2015-02-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2015-02-15] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2015-02-15] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2015-02-15] ()
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19400 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2015-02-15] (Avast Software)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-02 18:03 - 2015-03-02 18:04 - 00016526 _____ () C:\Users\poil\Desktop\FRST.txt
2015-03-02 18:03 - 2015-03-02 18:03 - 00000000 ____D () C:\FRST
2015-03-02 18:02 - 2015-03-02 18:02 - 01132032 _____ (Farbar) C:\Users\poil\Desktop\FRST(1).exe
2015-03-02 14:13 - 2015-03-02 14:13 - 00000197 _____ () C:\windows\system32\2015-03-02-13-13-21.047-AvastVBoxSVC.exe-4312.log
2015-03-02 11:58 - 2015-03-02 11:58 - 00000197 _____ () C:\windows\system32\2015-03-02-10-58-02.055-AvastVBoxSVC.exe-692.log
2015-03-02 11:51 - 2015-03-02 11:53 - 00000000 ____D () C:\AdwCleaner
2015-03-02 11:50 - 2015-03-02 11:50 - 02126848 _____ () C:\Users\poil\Desktop\adwcleaner_4.111.exe
2015-03-02 11:25 - 2015-03-02 11:25 - 00000197 _____ () C:\windows\system32\2015-03-02-10-25-10.032-AvastVBoxSVC.exe-4904.log
2015-03-01 23:48 - 2015-03-01 23:48 - 00000247 _____ () C:\windows\system32\2015-03-01-22-48-41.020-aswFe.exe-6064.log
2015-03-01 23:41 - 2015-03-01 23:48 - 00000247 _____ () C:\windows\system32\2015-03-01-22-41-23.078-aswFe.exe-5884.log
2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\rsit
2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\Program Files\trend micro
2015-03-01 16:18 - 2015-03-01 16:18 - 00003544 ____N () C:\bootsqm.dat
2015-03-01 14:44 - 2015-03-01 14:44 - 00000197 _____ () C:\windows\system32\2015-03-01-13-44-10.059-AvastVBoxSVC.exe-3332.log
2015-03-01 14:40 - 2015-03-01 14:40 - 00160616 _____ () C:\windows\Minidump\030115-21559-01.dmp
2015-03-01 13:49 - 2015-03-01 14:40 - 448733221 _____ () C:\windows\MEMORY.DMP
2015-03-01 13:49 - 2015-03-01 14:40 - 00000000 ____D () C:\windows\Minidump
2015-03-01 13:49 - 2015-03-01 13:49 - 00160616 _____ () C:\windows\Minidump\030115-18189-01.dmp
2015-02-28 22:33 - 2015-02-28 22:33 - 00000197 _____ () C:\windows\system32\2015-02-28-21-33-22.044-AvastVBoxSVC.exe-5228.log
2015-02-28 19:45 - 2015-02-28 19:45 - 00000000 ____D () C:\Users\poil\Documents\NeroVideo
2015-02-28 19:45 - 2015-02-28 19:45 - 00000000 ____D () C:\Users\poil\AppData\Local\Nero
2015-02-27 09:49 - 2015-02-27 09:50 - 00000197 _____ () C:\windows\system32\2015-02-27-08-49-59.067-AvastVBoxSVC.exe-5116.log
2015-02-26 12:35 - 2015-02-26 12:35 - 00000197 _____ () C:\windows\system32\2015-02-26-11-35-10.013-AvastVBoxSVC.exe-2168.log
2015-02-26 08:33 - 2015-02-26 08:34 - 00000197 _____ () C:\windows\system32\2015-02-26-07-33-43.082-AvastVBoxSVC.exe-5456.log
2015-02-25 21:36 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 20:20 - 2015-02-25 20:20 - 00000197 _____ () C:\windows\system32\2015-02-25-19-20-16.079-AvastVBoxSVC.exe-3644.log
2015-02-25 17:27 - 2015-02-25 17:27 - 00000197 _____ () C:\windows\system32\2015-02-25-16-27-16.016-AvastVBoxSVC.exe-3724.log
2015-02-23 23:59 - 2015-02-23 23:59 - 00000197 _____ () C:\windows\system32\2015-02-23-22-59-56.015-AvastVBoxSVC.exe-4584.log
2015-02-23 11:45 - 2015-02-23 11:45 - 00000197 _____ () C:\windows\system32\2015-02-23-10-45-45.049-AvastVBoxSVC.exe-5456.log
2015-02-22 19:10 - 2015-02-22 19:11 - 00000197 _____ () C:\windows\system32\2015-02-22-18-10-49.090-AvastVBoxSVC.exe-4068.log
2015-02-22 14:14 - 2015-02-22 14:14 - 00000197 _____ () C:\windows\system32\2015-02-22-13-14-51.045-AvastVBoxSVC.exe-1804.log
2015-02-21 13:07 - 2015-02-21 13:07 - 00000197 _____ () C:\windows\system32\2015-02-21-12-07-39.036-AvastVBoxSVC.exe-4228.log
2015-02-20 17:36 - 2015-02-20 17:36 - 00000197 _____ () C:\windows\system32\2015-02-20-16-36-27.083-AvastVBoxSVC.exe-5308.log
2015-02-19 12:00 - 2015-02-19 12:00 - 00000197 _____ () C:\windows\system32\2015-02-19-11-00-28.029-AvastVBoxSVC.exe-4932.log
2015-02-19 01:12 - 2015-02-19 01:12 - 00000197 _____ () C:\windows\system32\2015-02-19-00-12-29.000-AvastVBoxSVC.exe-5096.log
2015-02-18 12:40 - 2015-02-18 12:40 - 00000197 _____ () C:\windows\system32\2015-02-18-11-40-29.044-AvastVBoxSVC.exe-5396.log
2015-02-18 09:05 - 2015-02-18 09:05 - 00000197 _____ () C:\windows\system32\2015-02-18-08-05-26.011-AvastVBoxSVC.exe-5084.log
2015-02-18 00:06 - 2015-02-18 00:07 - 00000197 _____ () C:\windows\system32\2015-02-17-23-06-30.034-AvastVBoxSVC.exe-4716.log
2015-02-17 13:05 - 2015-02-17 13:05 - 00000197 _____ () C:\windows\system32\2015-02-17-12-05-34.092-AvastVBoxSVC.exe-5104.log
2015-02-17 02:48 - 2015-02-17 02:48 - 00000197 _____ () C:\windows\system32\2015-02-17-01-48-50.073-AvastVBoxSVC.exe-5568.log
2015-02-16 16:26 - 2015-02-16 16:26 - 00000197 _____ () C:\windows\system32\2015-02-16-15-26-29.006-AvastVBoxSVC.exe-3868.log
2015-02-16 14:03 - 2015-02-16 14:03 - 00000197 _____ () C:\windows\system32\2015-02-16-13-03-14.051-AvastVBoxSVC.exe-5728.log
2015-02-16 14:01 - 2015-03-02 16:17 - 00006048 _____ () C:\windows\setupact.log
2015-02-16 14:01 - 2015-02-16 14:01 - 00000000 _____ () C:\windows\setuperr.log
2015-02-15 23:27 - 2015-02-22 19:06 - 00000000 ___HD () C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY
2015-02-15 13:29 - 2015-02-15 13:29 - 00000247 _____ () C:\windows\system32\2015-02-15-12-29-10.030-aswFe.exe-4828.log
2015-02-15 13:24 - 2015-03-02 18:03 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-15 13:22 - 2015-02-15 13:29 - 00000247 _____ () C:\windows\system32\2015-02-15-12-22-32.076-aswFe.exe-3712.log
2015-02-15 13:22 - 2015-02-15 13:22 - 00000197 _____ () C:\windows\system32\2015-02-15-12-22-24.044-AvastVBoxSVC.exe-4488.log
2015-02-15 13:16 - 2015-02-15 13:16 - 00000000 ____D () C:\windows\system32\vbox
2015-02-15 13:09 - 2015-02-15 13:09 - 00002005 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-15 13:08 - 2015-02-15 13:08 - 00291352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-02-15 13:08 - 2015-02-15 13:08 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2015-02-13 11:47 - 2015-02-13 11:47 - 00000862 _____ () C:\Users\poil\Desktop\Guitar Pro 5.lnk
2015-02-13 11:47 - 2015-02-13 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
2015-02-13 11:46 - 2015-02-13 14:11 - 00000000 ____D () C:\Users\poil\AppData\Roaming\Imminent
2015-02-13 11:46 - 2015-02-13 11:46 - 00000000 ____D () C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn
2015-02-13 11:46 - 2015-02-13 11:46 - 00000000 ____D () C:\Program Files\Guitar Pro 5
2015-02-12 13:57 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 13:57 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-11 12:29 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 12:29 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 12:29 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 12:29 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 12:29 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 12:29 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 12:29 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 12:29 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 12:29 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 12:29 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 12:29 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 12:29 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 12:29 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-11 12:28 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 12:28 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 12:28 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 12:28 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 12:28 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-02-11 12:28 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 12:28 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 12:28 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 12:28 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 12:28 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 12:28 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 12:28 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 12:28 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 12:28 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 12:28 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 12:28 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 12:28 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 12:28 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 12:28 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 12:28 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 12:28 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 12:28 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 12:28 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 12:28 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 12:28 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 12:28 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 12:28 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 12:28 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 12:28 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 12:28 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 12:28 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 12:28 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 12:28 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 12:28 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 12:28 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 12:28 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 12:28 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 12:28 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-02-11 12:28 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2015-02-11 12:27 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 12:27 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-04 23:52 - 2015-02-04 23:52 - 00000000 ____D () C:\Users\poil\Desktop\Původní data aplikace Firefox
2015-02-04 14:34 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\windows\system32\fmcodec.DLL
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-02 18:00 - 2014-11-16 18:49 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-02 17:45 - 2010-01-06 04:36 - 01541735 _____ () C:\windows\WindowsUpdate.log
2015-03-02 17:00 - 2014-11-16 18:49 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-02 14:18 - 2009-07-14 05:34 - 00023552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-02 14:18 - 2009-07-14 05:34 - 00023552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-02 14:09 - 2010-06-15 14:51 - 00000000 ____D () C:\Users\poil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-03-02 14:09 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-02 11:55 - 2013-10-05 17:44 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-02 11:48 - 2010-06-19 23:47 - 00000000 ____D () C:\ProgramData\Skype
2015-02-28 19:45 - 2013-11-10 14:01 - 00000000 ____D () C:\Users\poil\AppData\Roaming\Nero
2015-02-28 19:45 - 2013-11-10 13:56 - 00000000 ____D () C:\ProgramData\Nero
2015-02-27 11:57 - 2013-10-05 22:42 - 00000000 ____D () C:\Users\poil\AppData\Roaming\vlc
2015-02-23 15:09 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2015-02-21 02:43 - 2013-12-20 16:30 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-15 18:06 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-02-15 15:51 - 2014-12-27 12:44 - 00000000 ____D () C:\Program Files\Steam
2015-02-15 13:25 - 2014-08-26 21:53 - 00000000 ____D () C:\Users\poil\AppData\Local\Adobe
2015-02-15 13:24 - 2013-10-05 16:20 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-02-15 13:24 - 2013-10-05 16:20 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-15 13:09 - 2013-10-05 16:08 - 00787800 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-02-15 13:09 - 2009-07-26 21:06 - 01584554 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-15 13:08 - 2014-05-16 13:41 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-02-15 13:08 - 2014-02-16 17:04 - 00091496 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00423784 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00206248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00070384 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-02-15 13:08 - 2013-10-05 16:08 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-02-15 12:54 - 2014-05-28 13:50 - 00000000 ____D () C:\Users\poil\AppData\Roaming\NVIDIA
2015-02-13 16:37 - 2009-07-14 05:33 - 03852352 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-13 11:47 - 2010-06-15 15:03 - 00146144 _____ () C:\Users\poil\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-11 20:41 - 2014-12-12 01:37 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 20:41 - 2014-05-06 11:02 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 18:40 - 2013-10-05 17:10 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 18:36 - 2010-06-16 14:46 - 113756392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-11 18:35 - 2010-06-15 14:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-07 13:34 - 2014-12-27 12:44 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-02-04 14:37 - 2014-08-28 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-02-04 14:34 - 2014-08-28 16:23 - 00000049 _____ () C:\windows\system32\ScrRecX.log
2015-02-04 14:34 - 2013-10-25 11:45 - 00001104 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2015-02-04 14:34 - 2013-10-25 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
==================== Files in the root of some directories =======
2014-04-07 15:11 - 2014-04-02 20:04 - 1436688384 _____ () C:\Program Files\South.Park.The.Stick.of.Truth-FTS.iso
2014-11-25 20:50 - 2014-11-25 20:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-06-19 23:50 - 2010-06-19 23:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-06-15 14:55 - 2009-08-17 04:16 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2014-03-31 22:45 - 2014-03-31 22:45 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2010-01-05 11:51 - 2010-01-05 11:51 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-01-05 11:49 - 2010-01-05 11:50 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-01-05 11:46 - 2010-01-05 11:47 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-01-05 11:50 - 2010-01-05 11:50 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-01-05 11:46 - 2010-01-05 11:46 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-01-05 11:47 - 2010-01-05 11:49 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Some content of TEMP:
====================
C:\Users\poil\AppData\Local\Temp\47450.exe
C:\Users\poil\AppData\Local\Temp\Quarantine.exe
C:\Users\poil\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 15:01
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- Tady je addition.
- (7.06 KiB) Staženo 61 x
Re: Pomalé PC - preventivní
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: Folder: C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY Folder: C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn Folder: C:\Users\poil\AppData\Roaming\Imminent HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\MountPoints2: {b98fa987-811f-11e3-aa00-0026b6d91a38} - F:\STARTUP.EXE HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\Winlogon: [Shell] C:\windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION URLSearchHook: HKU\S-1-5-21-3670137199-2938631228-624182700-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668" 2015-03-02 11:51 - 2015-03-02 11:53 - 00000000 ____D () C:\AdwCleaner 2015-03-02 11:50 - 2015-03-02 11:50 - 02126848 _____ () C:\Users\poil\Desktop\adwcleaner_4.111.exe 2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\rsit 2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\Program Files\trend micro 2015-02-13 11:46 - 2015-02-13 14:11 - 00000000 ____D () C:\Users\poil\AppData\Roaming\Imminent 2015-02-13 11:46 - 2015-02-13 11:46 - 00000000 ____D () C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn 2015-02-15 23:27 - 2015-02-22 19:06 - 00000000 ___HD () C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY 2010-06-15 14:55 - 2009-08-17 04:16 - 0131368 _____ () C:\ProgramData\FullRemove.exe 2010-06-19 23:50 - 2010-06-19 23:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomalé PC - preventivní
FIXLOG ZDE
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-03-2015
Ran by poil at 2015-03-02 18:48:57 Run:1
Running from C:\Users\poil\Desktop
Loaded Profiles: poil (Available profiles: poil)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
Folder: C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY
Folder: C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn
Folder: C:\Users\poil\AppData\Roaming\Imminent
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\MountPoints2: {b98fa987-811f-11e3-aa00-0026b6d91a38} - F:\STARTUP.EXE
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\Winlogon: [Shell] C:\windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
URLSearchHook: HKU\S-1-5-21-3670137199-2938631228-624182700-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
2015-03-02 11:51 - 2015-03-02 11:53 - 00000000 ____D () C:\AdwCleaner
2015-03-02 11:50 - 2015-03-02 11:50 - 02126848 _____ () C:\Users\poil\Desktop\adwcleaner_4.111.exe
2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\rsit
2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\Program Files\trend micro
2015-02-13 11:46 - 2015-02-13 14:11 - 00000000 ____D () C:\Users\poil\AppData\Roaming\Imminent
2015-02-13 11:46 - 2015-02-13 11:46 - 00000000 ____D () C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn
2015-02-15 23:27 - 2015-02-22 19:06 - 00000000 ___HD () C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY
2010-06-15 14:55 - 2009-08-17 04:16 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-06-19 23:50 - 2010-06-19 23:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************
Processes closed successfully.
========================= Folder: C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY ========================
====== End of Folder: ======
========================= Folder: C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn ========================
2015-02-13 11:46 - 2015-02-06 01:45 - 12263936 ___SH (Arobas Music ) C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn\Ra5SfalYXcwg.exe
====== End of Folder: ======
========================= Folder: C:\Users\poil\AppData\Roaming\Imminent ========================
2015-02-13 14:11 - 2015-02-13 14:11 - 0000064 _____ () C:\Users\poil\AppData\Roaming\Imminent\Geo.dat
2015-02-13 11:46 - 2015-02-22 14:17 - 0000000 ____D () C:\Users\poil\AppData\Roaming\Imminent\Logs
2015-02-13 11:46 - 2015-02-13 18:51 - 0083960 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\13-02-2015
2015-02-14 12:53 - 2015-02-14 18:11 - 0013057 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\14-02-2015
2015-02-15 02:51 - 2015-02-16 00:00 - 0105294 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\15-02-2015
2015-02-16 00:00 - 2015-02-16 16:53 - 0055783 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\16-02-2015
2015-02-17 02:47 - 2015-02-17 18:25 - 0094558 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\17-02-2015
2015-02-18 00:05 - 2015-02-18 16:51 - 0115838 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\18-02-2015
2015-02-19 01:12 - 2015-02-19 19:05 - 0295717 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\19-02-2015
2015-02-20 17:35 - 2015-02-21 02:40 - 0010364 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\20-02-2015
2015-02-21 02:40 - 2015-02-21 20:22 - 0105803 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\21-02-2015
2015-02-22 14:17 - 2015-02-22 19:05 - 0009817 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\22-02-2015
====== End of Folder: ======
"HKU\S-1-5-21-3670137199-2938631228-624182700-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b98fa987-811f-11e3-aa00-0026b6d91a38}" => Key deleted successfully.
HKCR\CLSID\{b98fa987-811f-11e3-aa00-0026b6d91a38} => Key not found.
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Chrome StartupUrls deleted successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\poil\Desktop\adwcleaner_4.111.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\poil\AppData\Roaming\Imminent => Moved successfully.
C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn => Moved successfully.
C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY => Moved successfully.
C:\ProgramData\FullRemove.exe => Moved successfully.
C:\ProgramData\ezsidmv.dat => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
EmptyTemp: => Removed 389.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 18:49:13 ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-03-2015
Ran by poil at 2015-03-02 18:48:57 Run:1
Running from C:\Users\poil\Desktop
Loaded Profiles: poil (Available profiles: poil)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
Folder: C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY
Folder: C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn
Folder: C:\Users\poil\AppData\Roaming\Imminent
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\MountPoints2: {b98fa987-811f-11e3-aa00-0026b6d91a38} - F:\STARTUP.EXE
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\...\Winlogon: [Shell] C:\windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
URLSearchHook: HKU\S-1-5-21-3670137199-2938631228-624182700-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
2015-03-02 11:51 - 2015-03-02 11:53 - 00000000 ____D () C:\AdwCleaner
2015-03-02 11:50 - 2015-03-02 11:50 - 02126848 _____ () C:\Users\poil\Desktop\adwcleaner_4.111.exe
2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\rsit
2015-03-01 16:28 - 2015-03-01 16:28 - 00000000 ____D () C:\Program Files\trend micro
2015-02-13 11:46 - 2015-02-13 14:11 - 00000000 ____D () C:\Users\poil\AppData\Roaming\Imminent
2015-02-13 11:46 - 2015-02-13 11:46 - 00000000 ____D () C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn
2015-02-15 23:27 - 2015-02-22 19:06 - 00000000 ___HD () C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY
2010-06-15 14:55 - 2009-08-17 04:16 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-06-19 23:50 - 2010-06-19 23:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************
Processes closed successfully.
========================= Folder: C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY ========================
====== End of Folder: ======
========================= Folder: C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn ========================
2015-02-13 11:46 - 2015-02-06 01:45 - 12263936 ___SH (Arobas Music ) C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn\Ra5SfalYXcwg.exe
====== End of Folder: ======
========================= Folder: C:\Users\poil\AppData\Roaming\Imminent ========================
2015-02-13 14:11 - 2015-02-13 14:11 - 0000064 _____ () C:\Users\poil\AppData\Roaming\Imminent\Geo.dat
2015-02-13 11:46 - 2015-02-22 14:17 - 0000000 ____D () C:\Users\poil\AppData\Roaming\Imminent\Logs
2015-02-13 11:46 - 2015-02-13 18:51 - 0083960 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\13-02-2015
2015-02-14 12:53 - 2015-02-14 18:11 - 0013057 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\14-02-2015
2015-02-15 02:51 - 2015-02-16 00:00 - 0105294 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\15-02-2015
2015-02-16 00:00 - 2015-02-16 16:53 - 0055783 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\16-02-2015
2015-02-17 02:47 - 2015-02-17 18:25 - 0094558 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\17-02-2015
2015-02-18 00:05 - 2015-02-18 16:51 - 0115838 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\18-02-2015
2015-02-19 01:12 - 2015-02-19 19:05 - 0295717 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\19-02-2015
2015-02-20 17:35 - 2015-02-21 02:40 - 0010364 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\20-02-2015
2015-02-21 02:40 - 2015-02-21 20:22 - 0105803 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\21-02-2015
2015-02-22 14:17 - 2015-02-22 19:05 - 0009817 _____ () C:\Users\poil\AppData\Roaming\Imminent\Logs\22-02-2015
====== End of Folder: ======
"HKU\S-1-5-21-3670137199-2938631228-624182700-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b98fa987-811f-11e3-aa00-0026b6d91a38}" => Key deleted successfully.
HKCR\CLSID\{b98fa987-811f-11e3-aa00-0026b6d91a38} => Key not found.
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-21-3670137199-2938631228-624182700-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Chrome StartupUrls deleted successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\poil\Desktop\adwcleaner_4.111.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\poil\AppData\Roaming\Imminent => Moved successfully.
C:\Users\poil\AppData\Roaming\nH0vG1anrWZ5D4Fn => Moved successfully.
C:\Users\poil\AppData\Roaming\B00Zj5c18j4xVGFY => Moved successfully.
C:\ProgramData\FullRemove.exe => Moved successfully.
C:\ProgramData\ezsidmv.dat => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
EmptyTemp: => Removed 389.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 18:49:13 ====
Re: Pomalé PC - preventivní
Ted byla havet viditelna z logu smazana, takze sledujte jak se PC chova. Az bude cas, pustil bych tam jeste MBAM viz nize. Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928
- Upozorneni: tento sken zabere od 30 minut po nekolik hodin
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Pomalé PC - preventivní
Vše ok, děkuji, můžeme uzavřít.
Re: Pomalé PC - preventivní
Nemate zac, rad jsem pomohl 
Mejte se krasne a treba zase nekdy
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?