Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola notebooku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Xenty
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 12 úno 2011 23:51

Preventivní kontrola notebooku

#1 Příspěvek od Xenty »

Vlastně žádný problém, ale ještě nikdy se to snad pořádně nečistilo :D ...

Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2015-03-06 19:31:10
Microsoft Windows 8.1
System drive C: has 143 GB (31%) free of 459 GB
Total RAM: 3976 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:24, on 6. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE
C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppService.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FA6F99A34873A093FA88EBF49A43251D] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\uzivatel\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{93AB9F7E-A7F4-4120-84A4-FC12B2647437}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5A97FFC-105C-4542-9073-6B3574DAAC69}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMS Server Service (KMSServerService) - My Digital Life Forums - C:\Windows\KMSServerService\KMS Server Service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15931 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
dashost.exe {8e4c8189-a9c6-4ca4-b9c59d11107fb745}
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Windows\KMSServerService\KMS Server Service.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
ClassicStartMenu.exe -startup
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
ngservice.exe pipeserver
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
"C:\Windows\system32\igfxext.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppService.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5664.0.1036405495\735422648" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a06 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3304 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5664.4.884991563\2055573897" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5664.5.807750183\373456040" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5664.6.48345729\775624329" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5664.8.50418367\1574380252" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5664.9.134206938\452735953" /prefetch:673131151
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\COMODO\GeekBuddy\unit" "\"C:/Program Files/COMODO/GeekBuddy/lps-cspm\""
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\vssvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k swprv
"C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE" -Embedding
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppService.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/OneClickSignIn/Standard/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderMulti/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="1320.1.1312046075\1985645150" /prefetch:3
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Users\uzivatel\AppData\Local\Pokki\Engine\StartMenuIndexer.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\uzivatel\AppData\Local\Steam\htmlcache" -steampid 7296 -buildid 1424305157 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --enable-pinch --disable-accelerated-compositing --disable-gpu-compositing --channel="32.0.601726836\1076334595" /prefetch:673131151
taskhost.exe
"C:\Program Files (x86)\Origin\Origin.exe" /Installed:9.5.6.731
"C:\Program Files (x86)\Origin\OriginClientService.exe"
ctfmon.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5664.89.986092729\1772224183" /prefetch:673131151
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a9f8ccf4-20d1-4706-9946-5dfd7ee0b15c -SystemEventPortName:HostProcess-948ab74a-8198-4b57-9221-52db4b7274dd -IoCancelEventPortName:HostProcess-25d687ac-30e1-4242-8663-c906a0a4bccc -NonStateChangingEventPortName:HostProcess-12b80ab5-18a8-4a96-94e9-a6102475c277 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:708313b1-b76e-4d20-8e52-dbc4afd69142 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "E:\Přihlášky na VŠ\ČVUT FIT\Směrnice děkana BI.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=9964.0.421474937 --type=renderer "E:\Přihlášky na VŠ\ČVUT FIT\Směrnice děkana BI.pdf"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5664.123.1107233153\1848154548" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5664.124.685917446\1756661879" /prefetch:673131151

"C:\Program Files (x86)\Acer\Live Updater\updater.exe" -auto
"C:\Users\uzivatel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf49d35637e5e4.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6aed842dec67.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0004588f0e311.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-12-02 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-03 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-03 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-01-21 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 6133848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-09-12 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-09-12 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-09-12 769520]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-06 2890056]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-27 13647576]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-01-18 161984]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09 1297112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-09-07 132736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2015-02-26 10680136]
"GoogleChromeAutoLaunch_FA6F99A34873A093FA88EBF49A43251D"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-02-19 843592]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppService.exe [2015-02-26 7852872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-28 5227112]
"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2015-03-05 2327248]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2015-03-05 1282632]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-09-07 132736]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe

C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-09-09 623104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-06 19:31:11 ----D---- C:\Program Files\trend micro
2015-03-06 19:31:10 ----D---- C:\rsit
2015-03-06 15:02:19 ----A---- C:\AILog.txt
2015-03-06 12:47:49 ----D---- C:\Program Files (x86)\Microsoft Games
2015-03-05 23:50:18 ----D---- C:\Users\uzivatel\AppData\Roaming\Trine1
2015-03-05 23:43:39 ----D---- C:\Windows\SYSWOW64\AGEIA
2015-03-05 23:43:38 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-03-05 21:52:00 ----D---- C:\Users\uzivatel\AppData\Roaming\Canon
2015-03-05 21:51:50 ----HD---- C:\ProgramData\CanonIJQuickMenu
2015-03-05 21:19:44 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2015-03-05 21:19:44 ----A---- C:\Windows\SYSWOW64\CNC_BVL.dll
2015-03-05 20:45:09 ----D---- C:\ProgramData\CanonIJWSpt
2015-03-05 20:37:10 ----D---- C:\Program Files\Canon
2015-03-05 20:35:57 ----HD---- C:\ProgramData\CanonBJ
2015-03-05 20:34:52 ----A---- C:\Windows\system32\CNHMCA6.dll
2015-03-05 20:34:52 ----A---- C:\Windows\system32\CNC_BVL.dll
2015-03-05 20:34:52 ----A---- C:\Windows\system32\CNC_BVI.dll
2015-03-05 20:34:52 ----A---- C:\Windows\system32\CNC_BVC.dll
2015-03-05 20:34:01 ----A---- C:\Windows\system32\CNMLMBV.DLL
2015-03-05 20:33:32 ----HD---- C:\Program Files\CanonBJ
2015-03-05 20:31:01 ----D---- C:\ProgramData\CanonIJPLM
2015-03-05 20:30:35 ----HD---- C:\ProgramData\CanonIJETV
2015-03-05 20:27:36 ----D---- C:\Program Files (x86)\Canon
2015-02-25 19:07:59 ----A---- C:\Windows\system32\Windows.Globalization.dll
2015-02-25 19:07:58 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2015-02-25 19:07:56 ----A---- C:\Windows\SYSWOW64\GlobCollationHost.dll
2015-02-25 19:07:55 ----A---- C:\Windows\system32\GlobCollationHost.dll
2015-02-19 20:36:24 ----D---- C:\Windows\Minidump
2015-02-14 19:55:00 ----A---- C:\Windows\system32\jscript9.dll
2015-02-14 19:54:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 17:31:24 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 17:31:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 17:31:23 ----A---- C:\Windows\system32\certcli.dll
2015-02-12 17:31:22 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-02-12 17:31:21 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 17:31:21 ----A---- C:\Windows\system32\msaudite.dll
2015-02-12 17:31:21 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 17:31:20 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 17:31:20 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 17:30:27 ----A---- C:\Windows\system32\schannel.dll
2015-02-12 17:30:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-12 17:30:21 ----A---- C:\Windows\system32\scesrv.dll
2015-02-12 17:30:20 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-12 17:30:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 17:30:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-02-12 17:30:06 ----A---- C:\Windows\system32\ntdll.dll
2015-02-12 17:30:05 ----A---- C:\Windows\system32\wow64.dll
2015-02-12 17:30:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-02-12 17:30:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-02-12 17:30:01 ----A---- C:\Windows\system32\wow64cpu.dll
2015-02-12 17:29:59 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-02-12 17:29:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-02-12 17:29:58 ----A---- C:\Windows\system32\ntvdm64.dll
2015-02-12 17:29:57 ----A---- C:\Windows\SYSWOW64\user.exe
2015-02-12 17:29:30 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-12 17:29:23 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-12 17:28:43 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-12 17:28:37 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-12 17:28:20 ----A---- C:\Windows\system32\mshtml.dll
2015-02-12 17:28:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-12 17:28:14 ----A---- C:\Windows\system32\ieframe.dll
2015-02-12 17:28:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-12 17:28:11 ----A---- C:\Windows\system32\iertutil.dll
2015-02-12 17:28:10 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-12 17:28:10 ----A---- C:\Windows\system32\jscript.dll
2015-02-12 17:28:09 ----A---- C:\Windows\system32\wininet.dll
2015-02-12 17:28:08 ----A---- C:\Windows\system32\vbscript.dll
2015-02-12 17:28:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-12 17:28:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-02-12 17:28:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-12 17:28:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-12 17:28:05 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-12 17:28:04 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-12 17:28:04 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-12 17:28:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-12 17:28:03 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-12 17:28:03 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-12 17:28:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-12 17:28:03 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-12 17:28:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-12 17:28:02 ----A---- C:\Windows\system32\webcheck.dll
2015-02-12 17:28:02 ----A---- C:\Windows\system32\actxprxy.dll
2015-02-12 17:28:01 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-02-12 17:28:01 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-02-12 17:28:01 ----A---- C:\Windows\system32\urlmon.dll
2015-02-12 17:28:01 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-12 17:28:00 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-02-12 17:28:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-12 17:28:00 ----A---- C:\Windows\system32\inetcomm.dll
2015-02-12 17:28:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-12 17:26:32 ----A---- C:\Windows\system32\sppobjs.dll
2015-02-12 17:24:38 ----A---- C:\Windows\system32\generaltel.dll
2015-02-12 17:24:36 ----A---- C:\Windows\system32\appraiser.dll
2015-02-12 17:24:35 ----A---- C:\Windows\system32\aeinv.dll
2015-02-12 17:24:33 ----A---- C:\Windows\system32\invagent.dll
2015-02-12 17:24:32 ----A---- C:\Windows\system32\devinv.dll
2015-02-12 17:24:22 ----A---- C:\Windows\system32\aepdu.dll
2015-02-12 17:23:06 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-03-06 19:31:11 ----RD---- C:\Program Files
2015-03-06 19:31:09 ----D---- C:\Windows\Prefetch
2015-03-06 19:30:39 ----D---- C:\Users\uzivatel\AppData\Roaming\ClassicShell
2015-03-06 19:29:39 ----D---- C:\Users\uzivatel\AppData\Roaming\Skype
2015-03-06 19:02:09 ----D---- C:\Windows\system32\sru
2015-03-06 14:17:20 ----D---- C:\Windows\Temp
2015-03-06 13:09:02 ----D---- C:\Windows\system32\config
2015-03-06 13:06:46 ----D---- C:\Windows\WinSxS
2015-03-06 12:56:26 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-06 12:56:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-06 12:56:26 ----D---- C:\Windows\SysWOW64
2015-03-06 12:56:25 ----RD---- C:\Windows\System32
2015-03-06 12:56:25 ----D---- C:\Windows\system32\en-US
2015-03-06 12:56:25 ----D---- C:\Windows\system32\cs-CZ
2015-03-06 12:56:07 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2015-03-06 12:56:07 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2015-03-06 12:56:07 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2015-03-06 12:56:07 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2015-03-06 12:56:06 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2015-03-06 12:56:02 ----A---- C:\Windows\system32\dpnhpast.dll
2015-03-06 12:56:02 ----A---- C:\Windows\system32\dpnet.dll
2015-03-06 12:56:01 ----A---- C:\Windows\system32\dpnhupnp.dll
2015-03-06 12:56:01 ----A---- C:\Windows\system32\dpnathlp.dll
2015-03-06 12:56:00 ----A---- C:\Windows\system32\dpnsvr.exe
2015-03-06 12:55:40 ----A---- C:\Windows\SYSWOW64\dpmodemx.dll
2015-03-06 12:55:39 ----A---- C:\Windows\SYSWOW64\dpwsockx.dll
2015-03-06 12:55:39 ----A---- C:\Windows\SYSWOW64\dplaysvr.exe
2015-03-06 12:55:38 ----A---- C:\Windows\SYSWOW64\dplayx.dll
2015-03-06 12:55:15 ----D---- C:\Windows\CbsTemp
2015-03-06 12:48:27 ----RSD---- C:\Windows\Fonts
2015-03-06 12:47:49 ----RD---- C:\Program Files (x86)
2015-03-06 11:53:59 ----D---- C:\Users\uzivatel\AppData\Roaming\uTorrent
2015-03-06 11:34:29 ----D---- C:\Windows\system32\Tasks
2015-03-06 11:22:24 ----D---- C:\Windows\Inf
2015-03-06 11:22:17 ----D---- C:\Windows\Microsoft.NET
2015-03-06 00:09:03 ----D---- C:\ProgramData\Origin
2015-03-06 00:06:57 ----D---- C:\Program Files (x86)\Origin
2015-03-06 00:02:45 ----D---- C:\Program Files (x86)\Steam
2015-03-06 00:00:40 ----RSD---- C:\Windows\assembly
2015-03-05 23:45:43 ----D---- C:\Windows\Logs
2015-03-05 23:44:41 ----D---- C:\Windows
2015-03-05 23:44:09 ----SHD---- C:\Windows\Installer
2015-03-05 23:43:38 ----A---- C:\Windows\SYSWOW64\PhysXCplUI.exe
2015-03-05 23:43:38 ----A---- C:\Windows\SYSWOW64\PhysXCompatCplUI.exe
2015-03-05 23:43:09 ----D---- C:\Program Files (x86)\Common Files
2015-03-05 23:39:25 ----SHD---- C:\System Volume Information
2015-03-05 22:29:13 ----D---- C:\ProgramData\Skype
2015-03-05 22:27:48 ----RD---- C:\Program Files (x86)\Skype
2015-03-05 21:51:50 ----HD---- C:\ProgramData
2015-03-05 21:31:59 ----D---- C:\Windows\AppReadiness
2015-03-05 21:23:11 ----HD---- C:\Program Files\WindowsApps
2015-03-05 21:21:57 ----D---- C:\Windows\system32\DriverStore
2015-03-05 21:19:57 ----RSD---- C:\Windows\Media
2015-03-05 21:19:44 ----D---- C:\Windows\twain_32
2015-03-05 20:14:52 ----D---- C:\Users\uzivatel\AppData\Roaming\vlc
2015-03-05 16:00:25 ----D---- C:\Windows\system32\wdi
2015-03-04 19:32:18 ----D---- C:\Users\uzivatel\AppData\Roaming\Atheros
2015-03-03 18:11:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-03 11:59:58 ----D---- C:\Windows\rescache
2015-02-27 20:41:32 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-02-27 20:34:16 ----D---- C:\Program Files\Microsoft Office 15
2015-02-27 16:14:36 ----D---- C:\Windows\system32\catroot
2015-02-21 19:20:56 ----D---- C:\ProgramData\Microsoft Help
2015-02-14 14:23:43 ----D---- C:\Windows\system32\catroot2
2015-02-14 14:19:18 ----D---- C:\Windows\system32\drivers
2015-02-14 14:19:15 ----D---- C:\Windows\apppatch
2015-02-12 21:34:02 ----A---- C:\Windows\win.ini
2015-02-12 20:51:32 ----D---- C:\Windows\system32\MRT
2015-02-12 20:29:30 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 19:40:18 ----SD---- C:\Windows\system32\CompatTel
2015-02-12 19:40:17 ----D---- C:\Windows\system32\appraiser

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-08-07 776168]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-08-07 343568]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2015-01-03 40224]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-12-09 20184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2014-12-09 807568]
R1 cmdhlp;COMODO Internet Security Helper Driver; C:\Windows\system32\DRIVERS\cmdhlp.sys [2014-12-09 35080]
R1 inspect;@oem29.inf,%inspect_Desc%;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-12-09 126208]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-03 271752]
R3 AthBTPort;@oem20.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-09-07 89800]
R3 athr;@oem16.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-16 3859968]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2013-07-19 82128]
R3 BTATH_A2DP;@oem19.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-09-07 338120]
R3 btath_avdt;@oem19.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-09-07 116424]
R3 BTATH_BUS;@oem17.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-09-07 34384]
R3 BTATH_HCRP;@oem22.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-09-07 179432]
R3 BTATH_LWFLT;@oem24.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-09-07 77464]
R3 BTATH_RCP;@oem26.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-09-07 137928]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-09-07 594120]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ccSet_NARA;NARA Settings Manager; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [2013-07-30 150104]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-09-06 370504]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-09-09 4170752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-27 3613528]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 k57nd60a;@oem13.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-07-26 458960]
R3 LMDriver;@oem4.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-17 21360]
R3 MarvinBus;@oem40.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\Windows\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;@oem31.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-19 99288]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-08-07 310224]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-08-07 519064]
R3 RadioShim;@oem4.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-17 14680]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2013-08-07 69264]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-08-07 70112]
S3 dg_ssudbus;@oem33.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-09-09 449528]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-08-07 179664]
S3 RimUsb;@oem38.inf,%RimUsb.DeviceDesc%;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 ssudmdm;@oem35.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 USBAAPL64;@oem47.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2013-09-07 312448]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-03 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2013-07-27 2650696]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-02-27 2711736]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2015-03-05 70872]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-12-09 7618952]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-06 101192]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-28 227904]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2015-03-05 2327248]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 KMSServerService;KMS Server Service; C:\Windows\KMSServerService\KMS Server Service.exe [2014-12-10 211968]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2013-08-03 457768]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-07 219272]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-08-07 182752]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-03 4012248]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2012-01-25 240408]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-07-06 663592]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
R3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-03-06 1910640]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-05 835776]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2012-01-25 192792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-12-09 2265304]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-09-12 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2013-08-02 4278112]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola notebooku

#2 Příspěvek od Márty84 »

Zdravim :)

:???: Jake pouzivate zabezpeceni (antivir a firewall)? Vidim tam toho nejak moc (Avast, Comodo, McAfee, Norton).

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Xenty
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 12 úno 2011 23:51

Re: Preventivní kontrola notebooku

#3 Příspěvek od Xenty »

Zdravím :-) ... Zabezpečení je Avast (antivir) a Comodo (firewall).

Log z AdwCleaneru:

# AdwCleaner v4.112 - Logfile created 11/03/2015 at 17:04:06
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : uzivatel - ANETAKRÁLOVÁ
# Running from : C:\Users\uzivatel\Desktop\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\uzivatel\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
File Deleted : C:\Users\Public\Desktop\GeekBuddy.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
File Deleted : C:\Users\uzivatel\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GeekBuddyRSP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.115


-\\ Comodo Dragon v36.1.1.21


*************************

AdwCleaner[R0].txt - [2304 bytes] - [11/03/2015 16:58:56]
AdwCleaner[S0].txt - [2187 bytes] - [11/03/2015 17:04:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2246 bytes] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola notebooku

#4 Příspěvek od Márty84 »

:arrow: Fajn, odinstalujte tedy vse od McAfee a Nortonu. Co zbyde, odpalim pak skriptem.


:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Xenty
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 12 úno 2011 23:51

Re: Preventivní kontrola notebooku

#5 Příspěvek od Xenty »

Zdravím, všechno od McAfee i Nortonu by už mělo být pryč, ale je možný, že to ještě bude potřebovat vyčistit zbytky...

MBAM je čistej, log :-) :

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 13. 3. 2015
Čas skenování: 16:23:18
Protokol: log.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.03.13.06
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: uzivatel

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 644155
Uplynulý čas: 5 hod, 18 min, 44 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola notebooku

#6 Příspěvek od Márty84 »

:arrow: MBAM muzete odinstalovat.

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Xenty
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 12 úno 2011 23:51

Re: Preventivní kontrola notebooku

#7 Příspěvek od Xenty »

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by uzivatel (administrator) on ANETAKRÁLOVÁ on 14-03-2015 20:26:45
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available profiles: uzivatel)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(forum.viry.cz) C:\Users\uzivatel\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-09] (COMODO)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-28] (AVAST Software)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-03-05] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2015-03-05] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2015-03-06] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\Run: [GoogleChromeAutoLaunch_FA6F99A34873A093FA88EBF49A43251D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-19] (Google Inc.)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\RunOnce: [Application Restart #2] => C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppService.exe [7852872 2015-02-26] (Pokki)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [786432 2013-08-22] (Microsoft Corporation)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-587030048-3224470265-833415060-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKU\S-1-5-21-587030048-3224470265-833415060-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-587030048-3224470265-833415060-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-587030048-3224470265-833415060-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-587030048-3224470265-833415060-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-587030048-3224470265-833415060-1001 -> {C7A43DCA-E26C-4004-A296-C125FAAABA56} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-03] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-03] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Tcpip\..\Interfaces\{93AB9F7E-A7F4-4120-84A4-FC12B2647437}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{F5A97FFC-105C-4542-9073-6B3574DAAC69}: [NameServer] 156.154.70.25,156.154.71.25

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-03]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://youtube.com/", "hxxp://www.facebook.com/"
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-08]
CHR Extension: (Google Drive) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-08]
CHR Extension: (Fast Proxy) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkjcdfmmpdfjohenejbkaaafkoeknjnh [2014-02-08]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-08]
CHR Extension: (Google Search) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-08]
CHR Extension: (Google Calendar) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-02-08]
CHR Extension: (AdBlock) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-08]
CHR Extension: (Avast Online Security) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-03]
CHR Extension: (Google Play) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-02-08]
CHR Extension: (Google Wallet) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-08]
CHR Extension: (Instagram for Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-02-08]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-03] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-03] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-02-27] (Microsoft Corporation)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70872 2015-03-05] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-09] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-03-05] (Comodo Security Solutions, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2014-12-10] (My Digital Life Forums) [File not signed]
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-06] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-03] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-03] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2015-01-03] (Windows (R) Win 7 DDK provider)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [807568 2014-12-09] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35080 2014-12-09] (COMODO)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126208 2014-12-09] (COMODO)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-13] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-03] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
U4 ccSet_NARA; \SystemRoot\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 20:26 - 2015-03-14 20:28 - 00024880 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2015-03-14 20:20 - 2015-03-14 20:26 - 00000000 ____D () C:\FRST
2015-03-14 20:12 - 2015-03-14 20:12 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Desktop\FRSTLauncher.exe
2015-03-14 20:11 - 2015-03-14 20:11 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Downloads\Nepotvrzeno 438109.crdownload
2015-03-14 20:11 - 2015-03-14 20:11 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Downloads\Nepotvrzeno 258350.crdownload
2015-03-14 20:11 - 2015-03-14 20:11 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Downloads\Nepotvrzeno 257959.crdownload
2015-03-14 20:10 - 2015-03-14 20:11 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Downloads\Nepotvrzeno 820406.crdownload
2015-03-14 20:10 - 2015-03-14 20:11 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Downloads\Nepotvrzeno 704607.crdownload
2015-03-14 20:06 - 2015-03-14 20:07 - 02095616 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2015-03-13 16:21 - 2015-03-13 16:21 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-13 16:21 - 2015-03-13 16:21 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-13 16:21 - 2015-03-13 16:21 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-13 16:21 - 2015-03-13 16:21 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-13 16:21 - 2015-03-13 16:21 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-13 16:21 - 2015-03-13 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-13 16:20 - 2015-03-13 16:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-13 16:20 - 2015-03-13 16:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-13 16:18 - 2015-03-13 16:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\uzivatel\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-13 16:03 - 2015-03-13 16:03 - 00019602 _____ () C:\Users\uzivatel\Downloads\Wild (2014) [1080p] YIFY - YTS.torrent
2015-03-12 17:47 - 2015-03-12 17:47 - 00000197 _____ () C:\Windows\system32\2015-03-12-16-47-31.016-AvastVBoxSVC.exe-2952.log
2015-03-12 17:43 - 2015-03-12 17:43 - 00000197 _____ () C:\Windows\system32\2015-03-12-16-43-06.064-AvastVBoxSVC.exe-3008.log
2015-03-12 17:43 - 2015-03-11 19:41 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-12 17:43 - 2015-03-11 19:41 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-11 21:44 - 2015-03-14 13:56 - 00041478 _____ () C:\Users\uzivatel\Downloads\výtvarka.odt
2015-03-11 20:05 - 2015-03-11 20:05 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 20:05 - 2015-03-11 20:05 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 20:05 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 20:00 - 2015-03-11 20:00 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 20:00 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-03-11 19:59 - 2015-03-11 19:59 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-11 19:59 - 2015-03-11 19:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 19:59 - 2015-03-11 19:59 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-03-11 19:59 - 2015-03-11 19:59 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 19:59 - 2015-03-11 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 19:59 - 2015-03-11 19:59 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-03-11 19:59 - 2015-03-11 19:59 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 19:59 - 2015-03-11 19:59 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 19:59 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 19:59 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 19:59 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 19:59 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 19:59 - 2014-10-29 03:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-03-11 19:58 - 2015-03-11 19:58 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 19:58 - 2015-03-11 19:58 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 19:58 - 2015-03-11 19:58 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 19:58 - 2015-03-11 19:58 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 19:58 - 2015-03-11 19:58 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 19:58 - 2015-03-11 19:58 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 19:58 - 2015-03-11 19:58 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 19:58 - 2015-03-11 19:58 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 19:53 - 2015-03-11 19:53 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 19:53 - 2015-03-11 19:53 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 19:53 - 2015-03-11 19:53 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 19:53 - 2015-03-11 19:53 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 19:53 - 2015-03-11 19:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 19:53 - 2015-03-11 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 19:53 - 2015-03-11 19:53 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 19:53 - 2015-03-11 19:53 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 19:53 - 2015-03-11 19:53 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 19:53 - 2015-03-11 19:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 19:53 - 2015-03-11 19:53 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 19:53 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 19:42 - 2015-03-11 19:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 19:42 - 2015-03-11 19:42 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 19:42 - 2015-03-11 19:42 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 19:42 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 19:42 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 19:41 - 2015-03-11 19:41 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 19:41 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 19:41 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 19:37 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 19:37 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 19:37 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 19:37 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 19:37 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 19:24 - 2015-03-11 19:24 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 19:24 - 2015-03-11 19:24 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 19:24 - 2015-03-11 19:24 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 19:24 - 2015-03-11 19:24 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 19:24 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 19:24 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 19:20 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 19:20 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 17:08 - 2015-03-11 17:08 - 00000197 _____ () C:\Windows\system32\2015-03-11-16-08-16.079-AvastVBoxSVC.exe-3292.log
2015-03-11 16:58 - 2015-03-11 17:04 - 00000000 ____D () C:\AdwCleaner
2015-03-11 16:56 - 2015-03-11 16:57 - 02171392 _____ () C:\Users\uzivatel\Desktop\adwcleaner_4.112.exe
2015-03-10 15:59 - 2015-03-10 15:59 - 00022816 _____ () C:\Users\uzivatel\Downloads\Exodus Gods And Kings (2014) [1080p] YIFY - YTS.torrent
2015-03-10 15:59 - 2015-03-10 15:59 - 00021854 _____ () C:\Users\uzivatel\Downloads\The Hobbit The Battle Of The Five Armies (2014) [1080p] YIFY - YTS.torrent
2015-03-08 17:53 - 2015-03-08 18:05 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2015-03-08 17:51 - 2015-03-08 17:52 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2015-03-06 23:48 - 2015-03-06 23:48 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2015-03-06 20:12 - 2015-03-06 20:12 - 00000197 _____ () C:\Windows\system32\2015-03-06-19-12-05.037-AvastVBoxSVC.exe-3040.log
2015-03-06 20:06 - 2015-03-06 20:06 - 00000000 ____D () C:\ProgramData\Canon IJ Network Tool
2015-03-06 20:01 - 2015-03-06 20:01 - 00000000 ____D () C:\Windows\system32\STRING
2015-03-06 20:01 - 2013-01-24 08:24 - 00359936 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2015-03-06 20:01 - 2013-01-24 08:24 - 00039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2015-03-06 20:01 - 2013-01-24 08:23 - 00366592 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2015-03-06 20:00 - 2015-03-06 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uživatele zařízení Canon MG3500 series
2015-03-06 19:48 - 2015-03-06 19:48 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2015-03-06 19:31 - 2015-03-06 19:31 - 00000000 ____D () C:\rsit
2015-03-06 19:31 - 2015-03-06 19:31 - 00000000 ____D () C:\Program Files\trend micro
2015-03-06 19:23 - 2015-03-06 19:23 - 01222144 _____ () C:\Users\uzivatel\Desktop\RSITx64.exe
2015-03-06 19:06 - 2015-03-06 19:09 - 00000000 ____D () C:\Users\uzivatel\Desktop\Latina
2015-03-06 14:34 - 2015-03-06 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection
2015-03-06 12:52 - 2015-03-06 12:52 - 00002252 _____ () C:\Users\uzivatel\Desktop\Microsoft Age of Empires II Trial.lnk
2015-03-06 12:49 - 2015-03-06 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-03-06 12:47 - 2015-03-06 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2015-03-06 12:44 - 2015-03-06 12:45 - 49083656 _____ (Microsoft Corp.) C:\Users\uzivatel\Downloads\AoE2demo (1).exe
2015-03-06 12:25 - 2015-03-06 12:25 - 00011682 _____ () C:\Users\uzivatel\Downloads\Icelandic Sheepdog Brown.zip
2015-03-06 12:22 - 2015-03-06 12:23 - 01014213 _____ () C:\Users\uzivatel\Downloads\Modern Bachelor Villa.zip
2015-03-06 00:13 - 2015-03-06 00:13 - 49083656 _____ (Microsoft Corp.) C:\Users\uzivatel\Downloads\age-of-empires-ii-the-age-of-kings_1.0.exe
2015-03-06 00:11 - 2015-03-06 00:12 - 49083656 _____ (Microsoft Corp.) C:\Users\uzivatel\Downloads\AoE2demo.exe
2015-03-05 23:50 - 2015-03-05 23:51 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Trine1
2015-03-05 23:44 - 2015-03-05 23:44 - 00000565 _____ () C:\Windows\wmsetup.log
2015-03-05 23:43 - 2015-03-05 23:43 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2015-03-05 23:43 - 2015-03-05 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-05 23:43 - 2015-03-05 23:43 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-03-05 23:40 - 2015-03-06 00:01 - 00035615 _____ () C:\Windows\DirectX.log
2015-03-05 22:24 - 2015-03-05 22:24 - 00000197 _____ () C:\Windows\system32\2015-03-05-21-24-55.046-AvastVBoxSVC.exe-2936.log
2015-03-05 21:57 - 2015-03-05 21:57 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Steam
2015-03-05 21:52 - 2015-03-13 18:59 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Canon
2015-03-05 21:51 - 2015-03-05 21:51 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2015-03-05 21:19 - 2015-03-05 21:19 - 00321536 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BVL.dll
2015-03-05 21:19 - 2015-03-05 21:19 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-03-05 21:19 - 2012-11-26 12:32 - 00088576 _____ () C:\Windows\SysWOW64\CNC176ED.TBL
2015-03-05 20:45 - 2015-03-05 20:45 - 00002041 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2015-03-05 20:45 - 2015-03-05 20:45 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2015-03-05 20:37 - 2015-03-06 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-03-05 20:37 - 2015-03-05 20:46 - 00000000 ____D () C:\Program Files\Canon
2015-03-05 20:36 - 2015-03-05 20:36 - 00002378 _____ () C:\Users\Public\Desktop\Canon MG3500 series Elektronická příručka.lnk
2015-03-05 20:36 - 2015-03-05 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3500 series Manual
2015-03-05 20:35 - 2015-03-05 20:35 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-03-05 20:34 - 2015-03-05 20:34 - 00391168 _____ (CANON INC.) C:\Windows\system32\CNMLMBV.DLL
2015-03-05 20:34 - 2015-03-05 20:34 - 00367104 _____ (CANON INC.) C:\Windows\system32\CNC_BVL.dll
2015-03-05 20:34 - 2015-03-05 20:34 - 00282624 _____ (CANON INC.) C:\Windows\system32\CNC_BVC.dll
2015-03-05 20:34 - 2015-03-05 20:34 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNC_BVI.dll
2015-03-05 20:34 - 2015-03-05 20:34 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-03-05 20:34 - 2012-11-26 12:32 - 00088576 _____ () C:\Windows\system32\CNC176ED.TBL
2015-03-05 20:33 - 2015-03-05 20:35 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-03-05 20:31 - 2015-03-08 18:05 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-03-05 20:30 - 2015-03-05 20:30 - 00000000 ___HD () C:\ProgramData\CanonIJETV
2015-03-05 20:27 - 2015-03-06 20:15 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-03-05 16:03 - 2015-03-05 16:06 - 00000000 ____D () C:\Users\uzivatel\Desktop\Nymphomaniac II
2015-03-03 18:10 - 2015-03-03 18:13 - 00000000 ____D () C:\Users\uzivatel\Desktop\The Road
2015-03-03 13:25 - 2015-03-03 13:25 - 00000197 _____ () C:\Windows\system32\2015-03-03-12-25-26.021-AvastVBoxSVC.exe-3848.log
2015-03-02 18:15 - 2015-03-02 18:29 - 00000000 ____D () C:\Users\uzivatel\Desktop\členovci
2015-03-01 21:02 - 2015-03-01 21:25 - 00000000 ____D () C:\Users\uzivatel\Desktop\fotky k vyvolání
2015-03-01 20:55 - 2015-03-01 20:55 - 00000197 _____ () C:\Windows\system32\2015-03-01-19-55-04.044-AvastVBoxSVC.exe-2872.log
2015-03-01 20:51 - 2015-03-01 20:51 - 00000197 _____ () C:\Windows\system32\2015-03-01-19-51-06.073-AvastVBoxSVC.exe-2968.log
2015-02-28 13:03 - 2015-02-28 13:03 - 00017576 _____ () C:\Users\uzivatel\Downloads\Love Rosie (2014) [1080p] YIFY - YTS.torrent
2015-02-28 13:03 - 2015-02-28 13:03 - 00015418 _____ () C:\Users\uzivatel\Downloads\Penguins Of Madagascar (2014) [1080p] YIFY - YTS.torrent
2015-02-27 20:33 - 2015-02-27 20:34 - 00000197 _____ () C:\Windows\system32\2015-02-27-19-33-56.092-AvastVBoxSVC.exe-3184.log
2015-02-26 17:18 - 2015-02-26 17:18 - 00000197 _____ () C:\Windows\system32\2015-02-26-16-17-56.022-AvastVBoxSVC.exe-3048.log
2015-02-25 19:07 - 2015-02-25 19:07 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 19:07 - 2015-02-25 19:07 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-25 19:07 - 2015-02-25 19:07 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-25 19:07 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 19:07 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-25 19:07 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-25 18:52 - 2015-02-25 18:52 - 00017387 _____ () C:\Users\uzivatel\Downloads\[kickass.to]pretty.little.liars.s05e21.hdtv.x264.lol.ettv.torrent
2015-02-21 18:43 - 2015-02-21 18:43 - 00013266 _____ () C:\Users\uzivatel\Downloads\[CzT]Sedm_Se7en.torrent
2015-02-21 15:49 - 2015-02-21 15:49 - 00281874 _____ () C:\Users\uzivatel\Downloads\Love_And_Other_Drugs_2010_720p_BRRiP_AC3_XViD_-_IMAGiNE.torrent
2015-02-21 15:38 - 2015-02-21 15:38 - 00019631 _____ () C:\Users\uzivatel\Downloads\The Theory Of Everything (2014) [1080p] YIFY - YTS.torrent
2015-02-19 20:39 - 2015-02-19 20:39 - 00000197 _____ () C:\Windows\system32\2015-02-19-19-39-17.094-AvastVBoxSVC.exe-2872.log
2015-02-19 20:36 - 2015-02-19 20:36 - 556420829 _____ () C:\Windows\MEMORY.DMP
2015-02-19 20:36 - 2015-02-19 20:36 - 00285640 _____ () C:\Windows\Minidump\021915-33468-01.dmp
2015-02-19 20:36 - 2015-02-19 20:36 - 00000000 ____D () C:\Windows\Minidump
2015-02-19 20:33 - 2015-02-19 20:33 - 00000197 _____ () C:\Windows\system32\2015-02-19-19-33-33.008-AvastVBoxSVC.exe-3444.log
2015-02-18 22:00 - 2015-02-18 22:00 - 00000000 ____D () C:\Users\uzivatel\Desktop\Subs
2015-02-18 21:59 - 2014-05-16 23:14 - 1764734617 _____ () C:\Users\uzivatel\Desktop\Endless.Love.2014.1080p.BluRay.x264.YIFY.mp4
2015-02-17 15:29 - 2015-02-17 15:29 - 01247912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-02-14 20:37 - 2015-02-14 20:37 - 00018196 _____ () C:\Users\uzivatel\Downloads\Magic Mike (2012) [1080p] YIFY - YTS.torrent
2015-02-14 20:37 - 2015-02-14 20:37 - 00018196 _____ () C:\Users\uzivatel\Downloads\Magic Mike (2012) [1080p] YIFY - YTS (1).torrent
2015-02-14 19:55 - 2015-02-14 19:55 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-14 19:54 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-14 14:26 - 2015-02-14 14:26 - 00000197 _____ () C:\Windows\system32\2015-02-14-13-26-23.046-AvastVBoxSVC.exe-2888.log
2015-02-12 17:31 - 2015-02-12 17:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 17:31 - 2015-02-12 17:31 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 17:31 - 2015-02-12 17:31 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 17:31 - 2015-02-12 17:31 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 17:31 - 2015-02-12 17:31 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-12 17:31 - 2015-02-12 17:31 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-12 17:31 - 2015-02-12 17:31 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 17:31 - 2015-02-12 17:31 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 17:31 - 2015-02-12 17:31 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 17:30 - 2015-02-12 17:30 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 17:30 - 2015-02-12 17:30 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 17:30 - 2015-02-12 17:30 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-12 17:30 - 2015-02-12 17:30 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 17:30 - 2015-02-12 17:30 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-12 17:30 - 2015-02-12 17:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-12 17:30 - 2015-02-12 17:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-12 17:30 - 2015-02-12 17:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-12 17:29 - 2015-02-12 17:30 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-12 17:29 - 2015-02-12 17:29 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-12 17:29 - 2015-02-12 17:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-12 17:29 - 2015-02-12 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-12 17:28 - 2015-02-12 17:28 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 17:28 - 2015-02-12 17:28 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 17:28 - 2015-02-12 17:28 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 17:28 - 2015-02-12 17:28 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 17:28 - 2015-02-12 17:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 17:28 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-12 17:26 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-12 17:24 - 2015-02-12 17:24 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-12 17:24 - 2015-02-12 17:24 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-12 17:24 - 2015-02-12 17:24 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-12 17:24 - 2015-02-12 17:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-12 17:24 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-12 17:24 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 14:36 - 2013-11-17 17:51 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2013-11-17 17:51 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2015-03-14 20:24 - 2013-12-18 12:37 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Skype
2015-03-14 20:19 - 2015-01-15 19:14 - 01788570 _____ () C:\Windows\WindowsUpdate.log
2015-03-14 20:11 - 2013-12-18 13:18 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\ClassicShell
2015-03-14 20:04 - 2014-05-08 19:44 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6aed842dec67.job
2015-03-14 20:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-14 19:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-14 14:23 - 2014-11-14 20:59 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0004588f0e311.job
2015-03-14 13:59 - 2014-01-30 19:40 - 00000000 ____D () C:\Users\uzivatel\Desktop\škola
2015-03-14 13:39 - 2013-12-19 03:04 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-587030048-3224470265-833415060-1001
2015-03-14 13:33 - 2014-02-08 18:34 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-14 13:27 - 2014-04-12 12:03 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\CrashDumps
2015-03-14 12:58 - 2015-01-21 17:44 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-03-14 12:46 - 2014-02-27 17:39 - 00003110 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-587030048-3224470265-833415060-1001
2015-03-13 23:38 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-13 23:36 - 2014-02-09 11:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-13 23:33 - 2014-03-12 17:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-13 23:15 - 2013-08-22 14:25 - 00000199 _____ () C:\Windows\win.ini
2015-03-13 22:32 - 2014-02-08 18:53 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\uTorrent
2015-03-13 19:24 - 2014-03-27 16:43 - 00000982 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf49d35637e5e4.job
2015-03-13 16:16 - 2013-11-17 18:11 - 00000000 ____D () C:\Program Files (x86)\Norton Online Backup ARA
2015-03-13 16:15 - 2013-11-17 18:11 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-03-13 16:14 - 2014-09-13 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-03-13 16:14 - 2014-09-13 18:15 - 00000000 ____D () C:\Program Files (x86)\HP
2015-03-12 18:11 - 2014-05-08 19:18 - 00004996 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ANETAKRÁLOVÁ-uzivatel AnetaKrálová
2015-03-12 17:54 - 2013-11-17 18:15 - 00964516 _____ () C:\Windows\system32\perfh005.dat
2015-03-12 17:54 - 2013-11-17 18:15 - 00231402 _____ () C:\Windows\system32\perfc005.dat
2015-03-12 17:54 - 2013-10-31 07:27 - 02054670 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-12 17:50 - 2014-02-08 19:00 - 00000000 ___DO () C:\Users\uzivatel\SkyDrive
2015-03-12 17:48 - 2015-01-03 14:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-12 17:45 - 2013-12-19 02:57 - 00000000 ____D () C:\Users\uzivatel
2015-03-12 17:44 - 2015-01-15 19:23 - 00004293 _____ () C:\Windows\setupact.log
2015-03-12 17:44 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-12 17:41 - 2013-08-22 15:44 - 00576448 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 17:39 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-12 17:36 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-12 17:36 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-11 20:48 - 2013-12-18 14:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 20:33 - 2013-12-18 14:05 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 20:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-11 16:51 - 2013-12-19 02:57 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Pokki
2015-03-08 18:28 - 2015-01-03 15:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-06 22:30 - 2014-02-08 18:32 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Deployment
2015-03-06 20:09 - 2014-07-24 15:03 - 00000000 ____D () C:\ProgramData\Origin
2015-03-06 20:05 - 2013-08-22 16:36 - 00000000 __RSD () C:\Windows\Media
2015-03-06 19:05 - 2015-01-04 14:16 - 00000000 ____D () C:\Users\uzivatel\Desktop\Hry
2015-03-06 12:56 - 2013-08-22 12:22 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-03-06 12:56 - 2013-08-22 12:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2015-03-06 12:56 - 2013-08-22 12:17 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2015-03-06 12:56 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2015-03-06 12:56 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2015-03-06 12:56 - 2013-08-22 04:56 - 00377856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-03-06 12:56 - 2013-08-22 04:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2015-03-06 12:56 - 2013-08-22 04:51 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2015-03-06 12:56 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2015-03-06 12:56 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2015-03-06 12:55 - 2013-08-22 05:05 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2015-03-06 12:55 - 2013-08-22 05:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2015-03-06 12:55 - 2013-08-22 04:59 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2015-03-06 12:55 - 2013-08-22 04:51 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2015-03-06 00:06 - 2014-07-24 15:02 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-05 23:43 - 2008-11-26 08:55 - 00288024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\PhysXCplUI.exe
2015-03-05 23:43 - 2008-11-25 08:38 - 00288024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\PhysXCompatCplUI.exe
2015-03-05 22:29 - 2014-12-01 21:47 - 00000000 ____D () C:\ProgramData\Skype
2015-03-05 22:27 - 2014-12-28 13:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-05 22:23 - 2013-12-19 02:59 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Atheros
2015-03-05 22:21 - 2015-01-15 19:23 - 00044098 _____ () C:\Windows\PFRO.log
2015-03-05 22:16 - 2015-01-03 15:18 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-05 21:26 - 2013-12-19 02:58 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Packages
2015-03-05 20:14 - 2014-02-09 09:10 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\vlc
2015-03-05 11:26 - 2015-01-03 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-03-04 20:21 - 2014-02-05 14:11 - 00000000 ____D () C:\Users\uzivatel\Documents\Bluetooth Folder
2015-03-03 11:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-27 20:34 - 2014-02-09 11:58 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-26 17:22 - 2013-12-18 14:27 - 00002297 _____ () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-12 19:40 - 2014-12-17 18:45 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 19:40 - 2014-07-11 23:15 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2014-09-13 18:20 - 2014-09-13 18:20 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-11-17 17:51 - 2013-11-17 17:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\uzivatel\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\uzivatel\AppData\Local\Temp\MSETUP4.EXE
C:\Users\uzivatel\AppData\Local\Temp\oct30DE.tmp.exe
C:\Users\uzivatel\AppData\Local\Temp\octA427.tmp.exe
C:\Users\uzivatel\AppData\Local\Temp\PidGenX.dll
C:\Users\uzivatel\AppData\Local\Temp\Quarantine.exe
C:\Users\uzivatel\AppData\Local\Temp\sqlite3.dll
C:\Users\uzivatel\AppData\Local\Temp\{311739EB-5C94-4EE1-B911-2D1F005060F4}_NARA_19091.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf49d35637e5e4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6aed842dec67.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0004588f0e311.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall (Disabled) {C8870897-C358-086B-2944-184866CC6D0A}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\uzivatel\Desktop" je 38126 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.rar
(7.61 KiB) Staženo 71 x
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola notebooku

#8 Příspěvek od Márty84 »

Xenty píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\uzivatel\Desktop" je 38126 MB.
:arrow: Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :D



:arrow: McAfee si tam vesele bezi. Pouzijte tento odinstalator http://download.mcafee.com/products/lic ... s/MCPR.exe



:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

C:\Windows\System32\mfevtps.exe
C:\Program Files\Common Files\mcafee
C:\Windows\System32\drivers\cfwids.sys
C:\Windows\System32\drivers\mfeapfk.sys
C:\Windows\System32\drivers\mfeavfk.sys
C:\Windows\System32\drivers\mfeelamk.sys
C:\Windows\System32\drivers\mfefirek.sys
C:\Windows\System32\drivers\mfehidk.sys
C:\Windows\System32\drivers\mfewfpk.sys

HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\Run: [GoogleChromeAutoLaunch_FA6F99A34873A093FA88EBF49A43251D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-19] (Google Inc.)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\RunOnce: [Application Restart #2] => C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppService.exe [7852872 2015-02-26] (Pokki)

SearchScopes: HKU\S-1-5-21-587030048-3224470265-833415060-1001 -> {C7A43DCA-E26C-4004-A296-C125FAAABA56} URL =
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
U4 ccSet_NARA; \SystemRoot\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2012-01-25 240408]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2012-01-25 192792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2013-08-02 4278112]

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf49d35637e5e4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6aed842dec67.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0004588f0e311.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Xenty
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 12 úno 2011 23:51

Re: Preventivní kontrola notebooku

#9 Příspěvek od Xenty »

Plocha by měla bejt relativně vyčištěná a McAfee pryč :-) .

FixLog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by uzivatel at 2015-03-20 17:56:30 Run:1
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available profiles: uzivatel)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

C:\Windows\System32\mfevtps.exe
C:\Program Files\Common Files\mcafee
C:\Windows\System32\drivers\cfwids.sys
C:\Windows\System32\drivers\mfeapfk.sys
C:\Windows\System32\drivers\mfeavfk.sys
C:\Windows\System32\drivers\mfeelamk.sys
C:\Windows\System32\drivers\mfefirek.sys
C:\Windows\System32\drivers\mfehidk.sys
C:\Windows\System32\drivers\mfewfpk.sys

HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\Run: [GoogleChromeAutoLaunch_FA6F99A34873A093FA88EBF49A43251D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-19] (Google Inc.)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-587030048-3224470265-833415060-1001\...\RunOnce: [Application Restart #2] => C:\Users\uzivatel\AppData\Local\Pokki\Engine\HostAppService.exe [7852872 2015-02-26] (Pokki)

SearchScopes: HKU\S-1-5-21-587030048-3224470265-833415060-1001 -> {C7A43DCA-E26C-4004-A296-C125FAAABA56} URL =
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
U4 ccSet_NARA; \SystemRoot\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2012-01-25 240408]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2012-01-25 192792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2013-08-02 4278112]

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf49d35637e5e4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6aed842dec67.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0004588f0e311.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"C:\Windows\System32\mfevtps.exe" => File/Directory not found.
"C:\Program Files\Common Files\mcafee" => File/Directory not found.
"C:\Windows\System32\drivers\cfwids.sys" => File/Directory not found.
"C:\Windows\System32\drivers\mfeapfk.sys" => File/Directory not found.
"C:\Windows\System32\drivers\mfeavfk.sys" => File/Directory not found.
"C:\Windows\System32\drivers\mfeelamk.sys" => File/Directory not found.
"C:\Windows\System32\drivers\mfefirek.sys" => File/Directory not found.
"C:\Windows\System32\drivers\mfehidk.sys" => File/Directory not found.
"C:\Windows\System32\drivers\mfewfpk.sys" => File/Directory not found.
HKU\S-1-5-21-587030048-3224470265-833415060-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_FA6F99A34873A093FA88EBF49A43251D => value deleted successfully.
HKU\S-1-5-21-587030048-3224470265-833415060-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-587030048-3224470265-833415060-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-587030048-3224470265-833415060-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #2 => value deleted successfully.
"HKU\S-1-5-21-587030048-3224470265-833415060-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C7A43DCA-E26C-4004-A296-C125FAAABA56}" => Key deleted successfully.
HKCR\CLSID\{C7A43DCA-E26C-4004-A296-C125FAAABA56} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
mfefire => Service not found.
mfevtp => Service not found.
cfwids => Service not found.
mfeapfk => Service not found.
mfeavfk => Service not found.
mfeelamk => Service not found.
mfefirek => Service not found.
mfehidk => Service not found.
mfewfpk => Service not found.
ccSet_NARA => Service not found.
AdobeARMservice => Service deleted successfully.
NAUpdate => Service deleted successfully.
BBUpdate => Service deleted successfully.
BBSvc => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
gupdatem => Service deleted successfully.
gusvc => Service deleted successfully.
NOBU => Service not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf49d35637e5e4.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6aed842dec67.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0004588f0e311.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 698.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 17:58:32 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola notebooku

#10 Příspěvek od Márty84 »

:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Xenty
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 12 úno 2011 23:51

Re: Preventivní kontrola notebooku

#11 Příspěvek od Xenty »

Zdravím, tak on ani původně nebyl žádný konkrétní problém, každopádně všechno je hotovo, tak věřim, že jsme tomu alespoň trochu pomohli, každopádně děkuju moc za pomoc :all_coholic: .
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola notebooku

#12 Příspěvek od Márty84 »

Kdyz uz nic jineho, alespon jsme udelali poradek v tech antivirech :D

Nemate zac! :)

Mejte se a treba zase nekdy :bye:

:closed:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“