Pomaly notebook

Zpráva

toni · #1 Příspěvek od **toni** » 08 črc 2015 12:40

Prosim o kontrolu logu:

Logfile of random's system information tool 1.10 (written by random/random)
Run by toni at 2015-07-08 13:30:22
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 12 GB (14%) free of 85 GB
Total RAM: 3066 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:30:35, on 8.7.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16659)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Users\toni\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
C:\Users\toni\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\toni\Documents\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Users\toni\Documents\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\toni\Downloads\RSIT.exe
C:\Program Files\trend micro\toni.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10640A& ... 52-445&t=4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Users\toni\Documents\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [FLV Player] C:\Users\toni\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\toni\AppData\Roaming\Dropbox\bin\Dropbox.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 6150 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000Core.job - C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000UA.job - C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Open Chrome.job - c:\program files\Google\Chrome\Application\chrome.exe --new-window toolbar.avg.com/ch-uninstall?cid={6566D19B-8730-4AE7-A7E5-6906CFC0A8BB}&mid=581afe204f6447d28849d16836744347-9229d524867ba8d5cab7df19ea80c6d326b996b2&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=&v=4.0.0.16&pid=wtu&sg=

=========Mozilla firefox=========

ProfilePath - C:\Users\toni\AppData\Roaming\Mozilla\Firefox\Profiles\53u3ea4s.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.190 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Users\toni\AppData\Roaming\Mozilla\Firefox\Profiles\53u3ea4s.default\searchplugins\
Ask.xml
avg-secure-search.xml
Google.xml
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-18 586968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2008-07-04 132392]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [2008-06-03 446635]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-08-01 200704]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-06-02 3563520]
"StartCCC"=C:\Users\toni\Documents\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-31 5227648]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avgui.exe [2015-03-25 3723728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"FLV Player"=C:\Users\toni\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2012-10-26 202752]
"Dropbox Update"=C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 134512]

C:\Users\toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\toni\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-08 13:30:22 ----D---- C:\rsit
2015-07-08 13:30:22 ----D---- C:\Program Files\trend micro
2015-07-03 10:52:11 ----D---- C:\Program Files\Mozilla Firefox
2015-06-19 07:28:36 ----D---- C:\ProgramData\Dropbox
2015-06-11 03:12:34 ----A---- C:\Windows\system32\comctl32.dll
2015-06-11 03:12:10 ----A---- C:\Windows\system32\win32k.sys
2015-06-11 03:11:49 ----A---- C:\Windows\system32\kernel32.dll
2015-06-11 03:00:57 ----A---- C:\Windows\system32\spwmp.dll
2015-06-11 03:00:47 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-11 03:00:46 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-11 03:00:44 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 05:58:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-06-10 05:58:08 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 05:58:07 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 05:58:07 ----A---- C:\Windows\system32\url.dll
2015-06-10 05:58:07 ----A---- C:\Windows\system32\mshta.exe
2015-06-10 05:58:07 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 05:58:07 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 05:58:06 ----A---- C:\Windows\system32\msfeedssync.exe
2015-06-10 05:58:05 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 05:58:05 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 05:58:05 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 05:58:04 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 05:58:04 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 05:58:03 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 05:58:03 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 05:58:03 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 05:58:02 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 05:58:00 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 05:58:00 ----A---- C:\Windows\system32\jscript9.dll

======List of files/folders modified in the last 1 month======

2015-07-08 13:30:35 ----D---- C:\Windows\Prefetch
2015-07-08 13:30:22 ----D---- C:\Program Files
2015-07-08 13:30:14 ----D---- C:\Windows\Temp
2015-07-08 06:22:24 ----D---- C:\Windows\System32
2015-07-08 06:22:24 ----D---- C:\Windows\inf
2015-07-08 06:22:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-08 06:17:32 ----D---- C:\Users\toni\AppData\Roaming\Dropbox
2015-07-08 02:10:12 ----SHD---- C:\System Volume Information
2015-07-05 15:45:09 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-07-04 06:55:36 ----SHD---- C:\Windows\Installer
2015-07-04 06:55:35 ----SHD---- C:\Config.Msi
2015-07-04 06:54:26 ----D---- C:\Windows\system32\Tasks
2015-06-24 14:36:32 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-06-22 04:24:58 ----D---- C:\Windows\system32\catroot2
2015-06-19 07:28:39 ----D---- C:\Windows\Tasks
2015-06-19 07:28:36 ----HD---- C:\ProgramData
2015-06-11 03:47:45 ----D---- C:\Windows\rescache
2015-06-11 03:28:17 ----D---- C:\Windows\system32\migration
2015-06-11 03:28:15 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:12:51 ----D---- C:\Windows\winsxs
2015-06-11 03:12:48 ----D---- C:\Windows\system32\catroot
2015-06-11 03:03:21 ----D---- C:\Windows\system32\MRT
2015-06-11 03:03:03 ----A---- C:\Windows\system32\mrt.exe
2015-06-11 03:01:50 ----D---- C:\Windows\system32\en-US
2015-06-11 03:01:50 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:01:50 ----D---- C:\Program Files\Windows Media Player

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-18 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-18 206248]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-11-18 154904]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2015-02-03 265184]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2015-02-05 107488]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2009-04-11 143848]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-01-18 55240]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-18 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-18 423784]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-01-18 57928]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-03-25 224736]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-02-25 210912]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-10-21 42784]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-18 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-18 70384]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-07-24 170032]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-04 3847168]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-06-02 18424]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-06-02 1207288]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-02-24 203264]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver; C:\Windows\system32\DRIVERS\OA001Ufd.sys [2008-06-03 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver; C:\Windows\system32\DRIVERS\OA001Vid.sys [2008-05-13 277504]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S1 iSafeNetFilter;iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys []
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-19 35144]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-18 218192]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-03 692224]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\AtService.exe [2008-05-05 1168632]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-18 50344]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
R2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [2014-10-21 1849368]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-06-02 24064]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-18 3192344]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2015-03-25 3416016]
S2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2015-03-25 309232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-03 148136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-12 772296]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 08 črc 2015 21:44

Zdravim

Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

toni · #3 Příspěvek od **toni** » 11 črc 2015 08:56

# AdwCleaner v4.208 - Log vytvořen 11/07/2015 v 09:53:24
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-10.1 [Server]
# Operační system : Windows Vista (TM) Ultimate Service Pack 2 (x86)
# Uživatelské jméno : toni - TONI-PC
# Spuštěno z : C:\Users\toni\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Soubor Smazáno : C:\Users\toni\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jlnfdbbladgcmhhamgkioifhbobjaoof

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

-\\ Internet Explorer v9.0.8112.16659

-\\ Mozilla Firefox v39.0 (x86 cs)

-\\ Google Chrome v43.0.2357.132

*************************

AdwCleaner[R0].txt - [10370 bytů] - [09/07/2015 05:02:54]
AdwCleaner[R1].txt - [1058 bytů] - [09/07/2015 06:46:59]
AdwCleaner[R2].txt - [1172 bytů] - [11/07/2015 09:50:15]
AdwCleaner[S0].txt - [9651 bytů] - [09/07/2015 05:10:52]
AdwCleaner[S1].txt - [1120 bytů] - [09/07/2015 06:48:34]
AdwCleaner[S2].txt - [1097 bytů] - [11/07/2015 09:53:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1155 bytů] ##########

#4 Příspěvek od **Márty84** » 11 črc 2015 10:04

Zase nekdo, kdo vidi jen to, co se mu hodi?

Proc jste nedal log hned z toho prvniho spusteni ADWCleaneru?

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

toni · #5 Příspěvek od **toni** » 11 črc 2015 19:26

Márty84 píše:Zase nekdo, kdo vidi jen to, co se mu hodi?

Proc jste nedal log hned z toho prvniho spusteni ADWCleaneru?

Dobry vecer,
po prvnim spusteni ADWCl. jsem musel od pocitace a kolega jej pak vypnul, tak jsem pro jistotu spustil cleaner znovu, jinak prvni log jsem nasel, pokud byste ho chtel videt.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11.7.2015
Čas skenování: 18:13:55
Protokol: ddd.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.11.03
Databáze rootkitů: v2015.07.10.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: toni

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 506161
Uplynulý čas: 2 hod, 5 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 8
PUP.Optional.BrowseFox, C:\AdwCleaner\Quarantine\C\Program Files\LemurLeap\LemurLeapUninstall.exe.vir, , [c9b6e8f80a8049edca57881d0001c33d],
PUP.Optional.SafetyNut.A, C:\AdwCleaner\Quarantine\C\Program Files\Movies App\SafetyNut\Helper.dll.vir, , [205fb92754365fd767ab6cf5bd48a65a],
PUP.Optional.SafetyNut.A, C:\AdwCleaner\Quarantine\C\Program Files\Movies App\SafetyNut\Internet Explorer Settings.exe.vir, , [97e85090d5b5f541ed259ac733d2ce32],
PUP.Optional.SafetyNut.A, C:\AdwCleaner\Quarantine\C\Program Files\Movies App\SafetyNut\safetynut.exe.vir, , [bec1a7391f6bdf57c9490e53e71eec14],
PUP.Optional.SafetyNut.A, C:\AdwCleaner\Quarantine\C\Program Files\Movies App\SafetyNut\Uninstall.exe.vir, , [dea1815f711986b0759d303122e3b64a],
PUP.Optional.Somoto.A, C:\AdwCleaner\Quarantine\C\Users\toni\AppData\Local\FilesFrog Update Checker\uninstall.exe.vir, , [9fe05888573367cfdba36088ac5407f9],
PUP.Optional.OpenCandy, C:\Users\toni\AppData\Local\Temp\HYD17BD.tmp.1436356591\HTA\install.1436356591.zip, , [b9c6b927a9e11f17fbc51141768f19e7],
PUP.Optional.Softonic.A, C:\Users\toni\Downloads\SoftonicDownloader_for_samsung-kies.exe, , [8df2f5ebfb8f90a6e6741dd90af6f907],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#6 Příspěvek od **Márty84** » 11 črc 2015 21:46

Ja narazel na otazku ohledne legality systemu. Protoze Ultimate se doma prilis nepouziva. Jedna se o pracovni/firemni pc?

toni · #7 Příspěvek od **toni** » 12 črc 2015 06:53

Márty84 píše:Ja narazel na otazku ohledne legality systemu. Protoze Ultimate se doma prilis nepouziva. Jedna se o pracovni/firemni pc?

Puvodne to bylo firemni PC, odkoupil jsem ho pro domaci pouziti.

#8 Příspěvek od **Márty84** » 12 črc 2015 07:50

Takze ho mate doma, ale kolega vam ho vypina, jo? Asi vas neprekvapi, ze mi to cele smrdi, ze?

A pak prisly Jeskynky a unesly Smolicka

Nalezy MBAM nechte odstranit, pak muzete MBAM odinstalovat.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

toni · #9 Příspěvek od **toni** » 12 črc 2015 19:54

Logfile of random's system information tool 1.10 (written by random/random)
Run by toni at 2015-07-12 20:38:31
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 10 GB (12%) free of 85 GB
Total RAM: 3066 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:36, on 12.7.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16659)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Users\toni\Documents\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\toni\Documents\ATI.ACE\Core-Static\CCC.exe
C:\Users\toni\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\notepad.exe
C:\Users\toni\Desktop\RSIT (1).exe
C:\Program Files\trend micro\toni.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Users\toni\Documents\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\toni\AppData\Roaming\Dropbox\bin\Dropbox.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 5556 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000Core.job - C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000UA.job - C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Open Chrome.job - c:\program files\Google\Chrome\Application\chrome.exe --new-window toolbar.avg.com/ch-uninstall?cid={6566D19B-8730-4AE7-A7E5-6906CFC0A8BB}&mid=581afe204f6447d28849d16836744347-9229d524867ba8d5cab7df19ea80c6d326b996b2&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=&v=4.0.0.16&pid=wtu&sg=

=========Mozilla firefox=========

ProfilePath - C:\Users\toni\AppData\Roaming\Mozilla\Firefox\Profiles\53u3ea4s.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.191 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_191.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Users\toni\AppData\Roaming\Mozilla\Firefox\Profiles\53u3ea4s.default\searchplugins\
Google.xml
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-18 586968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2008-07-04 132392]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [2008-06-03 446635]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-08-01 200704]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-06-02 3563520]
"StartCCC"=C:\Users\toni\Documents\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-31 5227648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Dropbox Update"=C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 134512]

C:\Users\toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\toni\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-12 13:57:03 ----D---- C:\Users\toni\AppData\Roaming\BANDISOFT
2015-07-12 13:56:29 ----D---- C:\Program Files\Bandicam
2015-07-12 13:56:27 ----D---- C:\Program Files\BandiMPEG1
2015-07-11 15:52:49 ----D---- C:\Users\toni\AppData\Roaming\Wargaming.net
2015-07-11 13:46:15 ----D---- C:\ProgramData\Malwarebytes
2015-07-11 13:46:15 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-07-11 10:07:55 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-07-11 10:07:55 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-07-11 10:07:55 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-07-11 10:07:55 ----A---- C:\Windows\system32\d3dx11_43.dll
2015-07-11 10:07:55 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-07-11 10:07:55 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-07-11 10:07:54 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-07-11 10:07:54 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-07-11 10:07:54 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-07-11 10:07:54 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2015-07-11 10:07:54 ----A---- C:\Windows\system32\D3DX9_43.dll
2015-07-11 10:07:54 ----A---- C:\Windows\system32\d3dx10_43.dll
2015-07-11 10:07:53 ----A---- C:\Windows\system32\XAudio2_5.dll
2015-07-11 10:07:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2015-07-11 10:07:53 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-07-11 10:07:53 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-07-11 10:07:53 ----A---- C:\Windows\system32\d3dcsx_42.dll
2015-07-11 10:07:53 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2015-07-11 10:07:52 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-07-11 10:07:52 ----A---- C:\Windows\system32\D3DX9_41.dll
2015-07-11 10:07:52 ----A---- C:\Windows\system32\d3dx10_41.dll
2015-07-11 10:07:52 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2015-07-11 10:07:50 ----A---- C:\Windows\system32\XAudio2_4.dll
2015-07-11 10:07:50 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2015-07-11 10:07:50 ----A---- C:\Windows\system32\xactengine3_4.dll
2015-07-11 10:07:49 ----A---- C:\Windows\system32\XAudio2_3.dll
2015-07-11 10:07:49 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2015-07-11 10:07:49 ----A---- C:\Windows\system32\xactengine3_3.dll
2015-07-11 10:07:49 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2015-07-11 10:07:49 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2015-07-11 10:07:49 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-07-11 10:07:49 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-07-11 10:07:49 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-07-11 10:07:48 ----A---- C:\Windows\system32\XAudio2_2.dll
2015-07-11 10:07:48 ----A---- C:\Windows\system32\XAudio2_1.dll
2015-07-11 10:07:48 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2015-07-11 10:07:48 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2015-07-11 10:07:48 ----A---- C:\Windows\system32\xactengine3_2.dll
2015-07-11 10:07:48 ----A---- C:\Windows\system32\D3DX9_39.dll
2015-07-11 10:07:48 ----A---- C:\Windows\system32\d3dx10_39.dll
2015-07-11 10:07:48 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2015-07-11 10:07:47 ----A---- C:\Windows\system32\XAudio2_0.dll
2015-07-11 10:07:47 ----A---- C:\Windows\system32\xactengine3_1.dll
2015-07-11 10:07:47 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2015-07-11 10:07:47 ----A---- C:\Windows\system32\D3DX9_38.dll
2015-07-11 10:07:47 ----A---- C:\Windows\system32\d3dx10_38.dll
2015-07-11 10:07:47 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2015-07-11 10:07:46 ----A---- C:\Windows\system32\xactengine3_0.dll
2015-07-11 10:07:46 ----A---- C:\Windows\system32\xactengine2_10.dll
2015-07-11 10:07:46 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2015-07-11 10:07:46 ----A---- C:\Windows\system32\D3DX9_37.dll
2015-07-11 10:07:46 ----A---- C:\Windows\system32\d3dx10_37.dll
2015-07-11 10:07:46 ----A---- C:\Windows\system32\d3dx10_36.dll
2015-07-11 10:07:46 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2015-07-11 10:07:45 ----A---- C:\Windows\system32\xactengine2_9.dll
2015-07-11 10:07:45 ----A---- C:\Windows\system32\d3dx9_36.dll
2015-07-11 10:07:45 ----A---- C:\Windows\system32\d3dx10_35.dll
2015-07-11 10:07:45 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2015-07-11 10:07:45 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2015-07-11 10:07:44 ----A---- C:\Windows\system32\xinput1_3.dll
2015-07-11 10:07:44 ----A---- C:\Windows\system32\xactengine2_8.dll
2015-07-11 10:07:44 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2015-07-11 10:07:44 ----A---- C:\Windows\system32\d3dx9_35.dll
2015-07-11 10:07:44 ----A---- C:\Windows\system32\d3dx9_34.dll
2015-07-11 10:07:44 ----A---- C:\Windows\system32\d3dx10_34.dll
2015-07-11 10:07:44 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2015-07-11 10:07:43 ----A---- C:\Windows\system32\xactengine2_7.dll
2015-07-11 10:07:43 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-07-11 10:07:43 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-07-11 10:07:43 ----A---- C:\Windows\system32\d3dx9_33.dll
2015-07-11 10:07:43 ----A---- C:\Windows\system32\d3dx10_33.dll
2015-07-11 10:07:43 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2015-07-11 10:07:42 ----A---- C:\Windows\system32\xinput1_2.dll
2015-07-11 10:07:42 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-07-11 10:07:42 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-07-11 10:07:42 ----A---- C:\Windows\system32\x3daudio1_1.dll
2015-07-11 10:07:42 ----A---- C:\Windows\system32\d3dx9_32.dll
2015-07-11 10:07:42 ----A---- C:\Windows\system32\d3dx9_31.dll
2015-07-11 10:07:42 ----A---- C:\Windows\system32\d3dx10.dll
2015-07-11 10:07:41 ----A---- C:\Windows\system32\xinput1_1.dll
2015-07-11 10:07:41 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-07-11 10:07:41 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-07-11 10:07:39 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-07-11 10:07:39 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-07-11 10:07:39 ----A---- C:\Windows\system32\d3dx9_30.dll
2015-07-11 10:07:38 ----A---- C:\Windows\system32\d3dx9_29.dll
2015-07-11 10:07:38 ----A---- C:\Windows\system32\d3dx9_28.dll
2015-07-11 10:07:38 ----A---- C:\Windows\system32\d3dx9_27.dll
2015-07-11 10:07:38 ----A---- C:\Windows\system32\d3dx9_26.dll
2015-07-11 10:07:38 ----A---- C:\Windows\system32\d3dx9_25.dll
2015-07-11 10:07:37 ----A---- C:\Windows\system32\d3dx9_24.dll
2015-07-11 10:03:19 ----D---- C:\Windows\system32\directx
2015-07-09 05:01:59 ----D---- C:\AdwCleaner
2015-07-08 13:56:31 ----D---- C:\Users\toni\AppData\Roaming\uTorrent
2015-07-08 13:30:22 ----D---- C:\rsit
2015-07-08 13:30:22 ----D---- C:\Program Files\trend micro
2015-07-03 10:52:11 ----D---- C:\Program Files\Mozilla Firefox
2015-06-19 07:28:36 ----D---- C:\ProgramData\Dropbox

======List of files/folders modified in the last 1 month======

2015-07-12 20:38:36 ----D---- C:\Windows\Prefetch
2015-07-12 20:38:29 ----D---- C:\Windows\Temp
2015-07-12 20:31:37 ----D---- C:\Windows\system32\drivers
2015-07-12 20:31:30 ----D---- C:\Users\toni\AppData\Roaming\Dropbox
2015-07-12 20:29:27 ----D---- C:\Windows\System32
2015-07-12 20:29:27 ----D---- C:\Windows\inf
2015-07-12 20:29:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-12 20:22:43 ----D---- C:\Windows\Registration
2015-07-12 18:12:50 ----SHD---- C:\System Volume Information
2015-07-12 13:56:29 ----D---- C:\Program Files
2015-07-11 22:39:05 ----D---- C:\Windows\system32\WDI
2015-07-11 18:05:53 ----D---- C:\Windows\system32\catroot2
2015-07-11 18:05:36 ----HD---- C:\ProgramData
2015-07-11 18:05:19 ----SHD---- C:\Windows\Installer
2015-07-11 10:07:41 ----RSD---- C:\Windows\assembly
2015-07-11 10:07:34 ----D---- C:\Windows\Microsoft.NET
2015-07-11 10:03:19 ----D---- C:\Windows\Logs
2015-07-11 09:33:44 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-09 05:11:00 ----D---- C:\Program Files\Common Files
2015-07-08 14:08:20 ----D---- C:\Windows
2015-07-05 15:45:09 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-07-04 06:55:35 ----SHD---- C:\Config.Msi
2015-07-04 06:54:26 ----D---- C:\Windows\system32\Tasks
2015-06-19 07:28:39 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-18 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-18 206248]
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2009-04-11 143848]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-01-18 55240]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-18 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-18 423784]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-01-18 57928]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-10-21 42784]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-18 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-18 70384]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-07-24 170032]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-04 3847168]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-06-02 18424]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-06-02 1207288]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-02-24 203264]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver; C:\Windows\system32\DRIVERS\OA001Ufd.sys [2008-06-03 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver; C:\Windows\system32\DRIVERS\OA001Vid.sys [2008-05-13 277504]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-19 35144]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-18 218192]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-03 692224]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\AtService.exe [2008-05-05 1168632]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-18 50344]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-06-02 24064]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-18 3192344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-11 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-03 148136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-12 772296]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

toni · #10 Příspěvek od **toni** » 12 črc 2015 19:55

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2015
Ran by toni (administrator) on TONI-PC on 12-07-2015 20:46:27
Running from C:\Users\toni\Desktop
Loaded Profiles: toni (Available Profiles: toni)
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Advanced Micro Devices Inc.) C:\Users\toni\Documents\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Users\toni\Documents\ATI.ACE\Core-Static\CCC.exe
(Dropbox, Inc.) C:\Users\toni\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\toni\Desktop\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Windows\System32\conime.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [132392 2008-07-04] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [446635 2008-06-03] (Creative Technology Ltd.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-25] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [200704 2008-08-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-06-02] (Dell Inc.)
HKLM\...\Run: [StartCCC] => C:\Users\toni\Documents\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-31] (AVAST Software)
HKU\S-1-5-21-574980916-2342325873-4179199679-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-574980916-2342325873-4179199679-1000\...\Run: [Dropbox Update] => C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-574980916-2342325873-4179199679-1000\...\MountPoints2: {8a8fdbc9-0e30-11e4-9227-00217090aab4} - J:\Startme.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Startup: C:\Users\toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\toni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-01-18] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\toni\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\toni\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\toni\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-574980916-2342325873-4179199679-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchT ... VV_csCZ556
SearchScopes: HKU\S-1-5-21-574980916-2342325873-4179199679-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={65 ... 2014-10-21 22:29:14&v=4.0.0.16&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-18] (AVAST Software)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{4939135C-3DE3-42A1-9AA9-6DEE459159CE}: [DhcpNameServer] 192.168.1.1 192.168.3.1
Tcpip\..\Interfaces\{4C989051-A036-4406-BBC2-788D573CA244}: [DhcpNameServer] 192.168.137.1

FireFox:
========
FF ProfilePath: C:\Users\toni\AppData\Roaming\Mozilla\Firefox\Profiles\53u3ea4s.default
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-10] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\toni\AppData\Roaming\Mozilla\Firefox\Profiles\53u3ea4s.default\searchplugins\seznam-avast.xml [2015-02-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-08]

Chrome:
=======
CHR Profile: C:\Users\toni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-11]
CHR Extension: (Avast SafePrice) - C:\Users\toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-21]
CHR Extension: (Avast Online Security) - C:\Users\toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-21]
CHR Extension: (Google Wallet) - C:\Users\toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-18]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1168632 2008-05-05] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-18] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2015-01-18] (Avast Software)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-06-02] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-18] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2015-01-18] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-18] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [35144 2014-07-19] (The OpenVPN Project)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2015-01-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-18] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-10-21] (AVG Technologies)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-06-02] (Broadcom Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-18] (ITE Tech. Inc. )
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 OA001Ufd; C:\Windows\System32\DRIVERS\OA001Ufd.sys [144672 2008-06-03] (Creative Technology Ltd.)
R3 OA001Vid; C:\Windows\System32\DRIVERS\OA001Vid.sys [277504 2008-05-13] (Creative Technology Ltd.)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2015-01-18] (Avast Software)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 20:46 - 2015-07-12 20:46 - 00013714 _____ C:\Users\toni\Desktop\FRST.txt
2015-07-12 20:46 - 2015-07-12 20:46 - 00000000 ____D C:\FRST
2015-07-12 20:45 - 2015-07-12 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\toni\Desktop\FRSTLauncher (1).exe
2015-07-12 20:44 - 2015-07-12 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\toni\Downloads\FRSTLauncher (1).exe
2015-07-12 20:43 - 2015-07-12 20:43 - 00112640 _____ (forum.viry.cz) C:\Users\toni\Downloads\Nepotvrzeno 555510.crdownload
2015-07-12 20:43 - 2015-07-12 20:42 - 01634816 _____ (Farbar) C:\Users\toni\Desktop\FRST.exe
2015-07-12 20:42 - 2015-07-12 20:42 - 01634816 _____ (Farbar) C:\Users\toni\Downloads\FRST.exe
2015-07-12 20:38 - 2015-07-12 20:37 - 01107968 _____ C:\Users\toni\Desktop\RSIT (1).exe
2015-07-12 20:37 - 2015-07-12 20:37 - 01107968 _____ C:\Users\toni\Downloads\RSIT (1).exe
2015-07-12 20:35 - 2015-07-12 20:36 - 00000000 ____D C:\Users\toni\Downloads\CrystalDiskInfo5_0_0
2015-07-12 20:34 - 2015-07-12 20:34 - 01496172 _____ C:\Users\toni\Downloads\CrystalDiskInfo5_0_0.zip
2015-07-12 13:57 - 2015-07-12 13:57 - 00000000 ____D C:\Users\toni\AppData\Roaming\BANDISOFT
2015-07-12 13:56 - 2015-07-12 14:01 - 00000000 ____D C:\Users\toni\Documents\Bandicam
2015-07-12 13:56 - 2015-07-12 13:56 - 00000745 _____ C:\Users\toni\Desktop\Bandicam.lnk
2015-07-12 13:56 - 2015-07-12 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-07-12 13:56 - 2015-07-12 13:56 - 00000000 ____D C:\Program Files\BandiMPEG1
2015-07-12 13:56 - 2015-07-12 13:56 - 00000000 ____D C:\Program Files\Bandicam
2015-07-12 13:55 - 2015-07-12 13:56 - 09971968 _____ (Bandisoft) C:\Users\toni\Downloads\bdcamsetup.exe
2015-07-11 22:33 - 2015-07-11 20:21 - 00005874 _____ C:\Users\toni\Desktop\jjj.xml
2015-07-11 20:22 - 2015-07-11 20:22 - 00002305 _____ C:\Users\toni\Desktop\ddd.txt
2015-07-11 18:05 - 2015-07-11 18:07 - 00503219 _____ C:\Users\toni\Downloads\avgremover.log
2015-07-11 18:04 - 2015-07-11 18:04 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\toni\Downloads\avg_remover_stf_x86_2015_5501.exe
2015-07-11 15:52 - 2015-07-11 15:52 - 00000000 ____D C:\Users\toni\AppData\Roaming\Wargaming.net
2015-07-11 13:46 - 2015-07-12 20:31 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-11 13:46 - 2015-07-11 13:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-11 13:42 - 2015-07-11 13:44 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\toni\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-11 10:07 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-07-11 10:07 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-07-11 10:07 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-07-11 10:07 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-07-11 10:07 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-07-11 10:07 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-07-11 10:07 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-07-11 10:07 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-07-11 10:07 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-07-11 10:07 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-07-11 10:07 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-07-11 10:07 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-07-11 10:07 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-07-11 10:07 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-07-11 10:07 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-07-11 10:07 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-07-11 10:07 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-07-11 10:07 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-07-11 10:07 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-07-11 10:07 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-07-11 10:07 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-07-11 10:07 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-07-11 10:07 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-07-11 10:07 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-07-11 10:07 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-07-11 10:07 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-07-11 10:07 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-07-11 10:07 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-07-11 10:07 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-07-11 10:07 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-07-11 10:07 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-07-11 10:07 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-07-11 10:07 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-07-11 10:07 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-07-11 10:07 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-07-11 10:07 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-07-11 10:07 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-07-11 10:07 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-07-11 10:07 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-07-11 10:07 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-07-11 10:07 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-07-11 10:07 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-07-11 10:07 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-07-11 10:07 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-07-11 10:07 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-07-11 10:07 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-07-11 10:07 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-07-11 10:07 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-07-11 10:07 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-07-11 10:07 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-07-11 10:07 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-07-11 10:07 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-07-11 10:07 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-07-11 10:07 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-07-11 10:07 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-07-11 10:07 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-07-11 10:07 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-07-11 10:07 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-07-11 10:07 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-07-11 10:07 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-07-11 10:07 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-07-11 10:07 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-07-11 10:07 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-07-11 10:07 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-07-11 10:07 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-07-11 10:07 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-07-11 10:07 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-07-11 10:07 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-07-11 10:07 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-07-11 10:07 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-07-11 10:07 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-07-11 10:07 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-07-11 10:07 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-07-11 10:07 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-07-11 10:07 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-07-11 10:07 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-07-11 10:07 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-07-11 10:07 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-07-11 10:07 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-07-11 10:07 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-07-11 10:07 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-07-11 10:07 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-07-11 10:07 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-07-11 10:07 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-07-11 10:07 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-07-11 10:07 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-07-11 10:07 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-07-11 10:07 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-07-11 10:07 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-07-11 10:07 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-07-11 10:07 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-07-11 10:03 - 2015-07-11 10:07 - 00000000 ____D C:\Windows\system32\directx
2015-07-11 10:03 - 2015-07-11 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-07-11 09:57 - 2015-07-11 09:58 - 06693128 _____ (Wargaming.net ) C:\Users\toni\Downloads\WoT_internet_install_eu.exe
2015-07-11 09:47 - 2015-07-11 09:47 - 02248704 _____ C:\Users\toni\Desktop\adwcleaner_4.208.exe
2015-07-11 06:56 - 2015-07-11 06:56 - 00000000 ____D C:\Users\toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-09 05:01 - 2015-07-11 09:53 - 00000000 ____D C:\AdwCleaner
2015-07-09 05:00 - 2015-07-09 05:00 - 02244096 _____ C:\Users\toni\Downloads\adwcleaner_4.207.exe
2015-07-08 14:08 - 2015-07-11 14:05 - 00000823 _____ C:\Windows\setupact.log
2015-07-08 14:08 - 2015-07-08 14:08 - 00000000 _____ C:\Windows\setuperr.log
2015-07-08 14:06 - 2015-07-08 14:06 - 00000000 ____D C:\Users\toni\Downloads\Fast.and.Furious.7.2015.HD-TS.XVID.AC3.HQ.Hive-CM8
2015-07-08 13:57 - 2015-07-08 13:57 - 00002540 _____ C:\Users\toni\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-07-08 13:56 - 2015-07-12 09:59 - 00000000 ____D C:\Users\toni\AppData\Roaming\uTorrent
2015-07-08 13:54 - 2015-07-08 13:54 - 01993056 _____ (BitTorrent Inc.) C:\Users\toni\Downloads\uTorrent.exe
2015-07-08 13:30 - 2015-07-12 20:38 - 00000000 ____D C:\Program Files\trend micro
2015-07-08 13:30 - 2015-07-08 13:30 - 00000000 ____D C:\rsit
2015-07-08 13:29 - 2015-07-08 13:29 - 01107968 _____ C:\Users\toni\Downloads\RSIT.exe
2015-07-07 19:12 - 2015-07-07 19:12 - 00015356 _____ C:\Users\toni\Desktop\doučování.odt
2015-07-07 07:42 - 2015-07-07 07:42 - 00000000 ____D C:\Users\toni\Desktop\smlouvy nové
2015-07-03 10:52 - 2015-07-05 15:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-02 12:49 - 2015-07-02 12:49 - 00011907 _____ C:\Users\toni\Desktop\angličtina.odt
2015-06-19 07:28 - 2015-07-12 20:33 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000UA.job
2015-06-19 07:28 - 2015-07-12 07:33 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000Core.job
2015-06-19 07:28 - 2015-06-19 07:28 - 00000000 ____D C:\Users\toni\AppData\Local\Dropbox
2015-06-19 07:28 - 2015-06-19 07:28 - 00000000 ____D C:\ProgramData\Dropbox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 20:35 - 2013-10-07 12:01 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-12 20:31 - 2013-11-12 12:05 - 00000000 ___RD C:\Users\toni\Dropbox
2015-07-12 20:31 - 2013-10-12 10:13 - 00000000 ____D C:\Users\toni\AppData\Roaming\Dropbox
2015-07-12 20:29 - 2006-11-02 12:33 - 01531394 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-12 20:28 - 2008-01-21 03:37 - 01351625 _____ C:\Windows\WindowsUpdate.log
2015-07-12 20:23 - 2013-10-06 21:37 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-12 20:23 - 2006-11-02 15:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-12 20:23 - 2006-11-02 14:46 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-12 20:23 - 2006-11-02 14:46 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-12 20:22 - 2006-11-02 15:00 - 00032532 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-12 20:22 - 2006-11-02 14:59 - 00142722 _____ C:\Windows\PFRO.log
2015-07-12 20:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Registration
2015-07-12 20:21 - 2013-10-06 21:37 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-11 18:01 - 2013-10-04 14:27 - 00061504 _____ C:\Users\toni\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-11 18:00 - 2006-11-02 14:46 - 00285320 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-11 10:07 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-11 09:55 - 2013-10-04 14:27 - 00007620 _____ C:\Users\toni\AppData\Local\d3d9caps.dat
2015-07-11 09:37 - 2013-10-07 08:36 - 00000000 ____D C:\Users\toni\AppData\Local\Adobe
2015-07-11 09:33 - 2013-10-07 12:01 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-11 09:33 - 2013-10-07 12:01 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-08 02:34 - 2013-10-06 21:46 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-07 08:21 - 2015-03-26 11:27 - 00000000 ____D C:\Users\toni\Desktop\Rpa Nez upr
2015-07-05 15:45 - 2013-10-07 09:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-04 06:55 - 2013-10-07 08:38 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

==================== Files in the root of some directories =======

2013-10-04 14:27 - 2015-07-11 09:55 - 0007620 _____ () C:\Users\toni\AppData\Local\d3d9caps.dat
2013-10-04 17:18 - 2015-06-09 08:54 - 0011264 _____ () C:\Users\toni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-04 20:04 - 2015-04-10 19:10 - 0000000 _____ () C:\ProgramData\TEMP

Some files in TEMP:
====================
C:\Users\toni\AppData\Local\Temp\bdfilters.dll
C:\Users\toni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpekv_ni.dll
C:\Users\toni\AppData\Local\Temp\Quarantine.exe
C:\Users\toni\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\toni\Desktop" je 1398 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

toni · #11 Příspěvek od **toni** » 12 črc 2015 19:58

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Ultimate Edition SP2 [6.0 Build 6002] (x86)
Date : 2015/07/12 20:57:45

-- Controller Map ----------------------------------------------------------
- Ricoh SD/MMC Host Controller [ATA]
- Ricoh Memory Stick Controller [ATA]
- Ricoh xD-Picture Card Controller [ATA]
+ Intel(R) ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929 [ATA]
+ Kanál IDE (0)
- FUJITSU MHZ2250BJ FFS G2 ATA Device
+ Kanál IDE (1)
- HL-DT-ST DVD+-RW GA10N ATA Device
+ Kanál IDE (4)
- FUJITSU MHV2060BH ATA Device
- Kanál IDE (5)
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) FUJITSU MHZ2250BJ FFS G2 : 250,0 GB [0/0/0, pd1]
(2) FUJITSU MHV2060BH : 60,0 GB [1/2/0, pd1]

----------------------------------------------------------------------------
(1) FUJITSU MHZ2250BJ FFS G2
----------------------------------------------------------------------------
Model : FUJITSU MHZ2250BJ FFS G2
Firmware : 0085001C
Serial Number : K83ET9526LY8
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : SATA/300
Power On Hours : 1738403 hod.
Power On Count : 3546 krát
Temparature : 46 C (114 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : FE80h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _46 00000001FE67 Počet chyb čtení
03 100 100 _25 000000000002 Čas na roztočení ploten
05 100 100 _24 07D000000000 Počet přemapovaných sektorů
09 _43 _43 __0 0000001A86A3 Hodin v činnosti
0C 100 100 __0 000000000DDA Počet cyklů zapnutí zařízení
BF 100 100 __0 00000000010E Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000001A Počet vypnutí disku
C1 _86 _86 __0 000200045EE9 Počet cyklů načítání/vymazání
C2 100 _90 __0 003E000E002E Teplota
C7 100 100 __0 000007D93BD5 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000018448750 Počet chyb při zápisu sektorů
F0 100 100 __0 000000189AEF Čas nastavování hlaviček - v hodinách
F1 100 100 __0 A47B27EE0003 Total LBAs Written
F2 100 100 __0 4ACCEBFC0004 Total LBAs Read
FE 100 100 __0 000000000002 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 4B38 5439 5439 3532 364C 5938
020: 0003 8000 0000 3030 3835 3143 3143 4655 4A49 5453
030: 5520 4D48 5A32 3235 3042 4646 4646 5320 4732 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 004C 0040
080: 01F8 0042 346B 7F09 6163 BE09 BE09 6163 203F 007D
090: 0000 4080 FFFE 0000 FE80 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 4000 4000 0000 5000 00E0
110: 4389 494E 0000 0000 0000 0000 0000 0000 0000 403D
120: 403C 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 401A 0000 0504 0000 0000 0000 4004 4000
150: 4001 4001 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 AEA5

----------------------------------------------------------------------------
(2) FUJITSU MHV2060BH
----------------------------------------------------------------------------
Model : FUJITSU MHV2060BH
Firmware : 892C
Serial Number : NW14T61257P4
Disk Size : 60,0 GB (8,4/60,0/60,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 117231408
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 4a
Transfer Mode : SATA/150
Power On Hours : 25500 hod.
Power On Count : 4181 krát
Temparature : 47 C (116 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _46 000000035540 Počet chyb čtení
02 100 100 _30 000000E900EB Průchodnost disku
03 100 100 _25 000000000001 Čas na roztočení ploten
04 _98 _98 __0 000000002761 Počet spuštění/zastavení
05 100 100 _24 07D000000000 Počet přemapovaných sektorů
07 100 100 _47 00000000066E Počet chybných hledání
08 100 100 _19 000000000000 Čas potřebný na vyhledání
09 _50 _50 __0 00000578CFC5 Hodin v činnosti
0A 100 100 _20 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000001055 Počet cyklů zapnutí zařízení
C0 100 100 __0 000000000050 Počet vypnutí disku
C1 _98 _98 __0 00000000ADF9 Počet cyklů načítání/vymazání
C2 100 _65 __0 0043000E002F Teplota
C3 100 100 __0 00000000006E Počet oprav chybného čtení
C4 100 100 __0 00001B570000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 _60 00000000257A Počet chyb při zápisu sektorů
CB 100 100 __0 0264FDABFEC9 Počet chyb v kódech na opravu chyb
F0 200 200 __0 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 4E57 3134 5436 3132 3537 2020 2020 2020 2020 2020
020: 0003 4000 0004 3839 3243 2020 2020 4655 4A49 5453
030: 5520 4D48 5632 3036 3042 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: CF30 06FC 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0602 0602 0000 0048 0040
080: 00F8 0021 306B 7C09 6023 3C09 3C09 6023 203F 0017
090: 0017 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: CF30 06FC 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 08A1 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 1CA5

#12 Příspěvek od **Márty84** » 13 črc 2015 16:57

Disky hlasi spousty chyb, to urcite rychlosti nepridava.

toni píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\toni\Desktop" je 1398 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-574980916-2342325873-4179199679-1000\...\Run: [Dropbox Update] => C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-574980916-2342325873-4179199679-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={6566D19B-8730-4AE7-A7E5-6906CFC0A8BB}&mid=581afe204f6447d28849d16836744347-9229d524867ba8d5cab7df19ea80c6d326b996b2&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-10-21 22:29:14&v=4.0.0.16&pid=wtu&sg=&sap=dsp&q={searchTerms}

R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-10-21] (AVG Technologies)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-11 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]

C:\Windows\system32\drivers\avgtpx86.sys
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000Core.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Open Chrome.job

2015-07-11 13:46 - 2015-07-12 20:31 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-11 13:46 - 2015-07-11 13:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-11 13:42 - 2015-07-11 13:44 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\toni\Downloads\mbam-setup-2.1.8.1057.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

toni · #13 Příspěvek od **toni** » 13 črc 2015 17:41

Ulozil jsem fixlog.txt na Plochu. Vypnul antivir. Spustil jsem FRST pres launcher jako Spravce, probehnul update, zvolil jsem Fix a po chvili se FRST kousnul (neodpovida), killnul jsem ho a restartoval pocitac, zde je log:

Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by toni at 2015-07-13 18:25:09 Run:1
Running from C:\Users\toni\Desktop
Loaded Profiles: toni (Available Profiles: toni)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-574980916-2342325873-4179199679-1000\...\Run: [Dropbox Update] => C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-574980916-2342325873-4179199679-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={65 ... 2014-10-21 22:29:14&v=4.0.0.16&pid=wtu&sg=&sap=dsp&q={searchTerms}

R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-10-21] (AVG Technologies)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-11 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]

C:\Windows\system32\drivers\avgtpx86.sys
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000Core.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Open Chrome.job

2015-07-11 13:46 - 2015-07-12 20:31 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-11 13:46 - 2015-07-11 13:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-11 13:42 - 2015-07-11 13:44 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\toni\Downloads\mbam-setup-2.1.8.1057.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-574980916-2342325873-4179199679-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Dropbox Update => value removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => key removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
"HKU\S-1-5-21-574980916-2342325873-4179199679-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
avgtp => Service stopped successfully.
avgtp => Service removed successfully.
AdobeARMservice => Service removed successfully.
gupdate => Service removed successfully.
AdobeFlashPlayerUpdateSvc => Service removed successfully.
gupdatem => Service removed successfully.
C:\Windows\system32\drivers\avgtpx86.sys => moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000Core.job => moved successfully.
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000UA.job => moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\tasks\Open Chrome.job => moved successfully.
C:\Program Files\Malwarebytes Anti-Malware => moved successfully.
C:\ProgramData\Malwarebytes => moved successfully.
C:\Users\toni\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.

#14 Příspěvek od **Márty84** » 13 črc 2015 18:37

A urcite se kousnul? Treba jen pracoval.

Zkuste to jeste jednou. Bez pouziti Launcheru.

toni · #15 Příspěvek od **toni** » 13 črc 2015 19:51

Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by toni at 2015-07-13 20:42:00 Run:2
Running from C:\Users\toni\Desktop
Loaded Profiles: toni (Available Profiles: toni)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-574980916-2342325873-4179199679-1000\...\Run: [Dropbox Update] => C:\Users\toni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-574980916-2342325873-4179199679-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={65 ... 2014-10-21 22:29:14&v=4.0.0.16&pid=wtu&sg=&sap=dsp&q={searchTerms}

R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-10-21] (AVG Technologies)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-11 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-06 116648]

C:\Windows\system32\drivers\avgtpx86.sys
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000Core.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Open Chrome.job

2015-07-11 13:46 - 2015-07-12 20:31 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-11 13:46 - 2015-07-11 13:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-11 13:42 - 2015-07-11 13:44 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\toni\Downloads\mbam-setup-2.1.8.1057.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-574980916-2342325873-4179199679-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Dropbox Update => value not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => key not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => value not found.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => value not found.
HKU\S-1-5-21-574980916-2342325873-4179199679-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
avgtp => Service not found.
AdobeARMservice => Service not found.
gupdate => Service not found.
AdobeFlashPlayerUpdateSvc => Service not found.
gupdatem => Service not found.
"C:\Windows\system32\drivers\avgtpx86.sys" => File/Folder not found.
"C:\Windows\tasks\Adobe Flash Player Updater.job" => File/Folder not found.
"C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000Core.job" => File/Folder not found.
"C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-574980916-2342325873-4179199679-1000UA.job" => File/Folder not found.
"C:\Windows\tasks\GoogleUpdateTaskMachineCore.job" => File/Folder not found.
"C:\Windows\tasks\GoogleUpdateTaskMachineUA.job" => File/Folder not found.
"C:\Windows\tasks\Open Chrome.job" => File/Folder not found.
"C:\Program Files\Malwarebytes Anti-Malware" => File/Folder not found.
"C:\ProgramData\Malwarebytes" => File/Folder not found.
"C:\Users\toni\Downloads\mbam-setup-2.1.8.1057.exe" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 600.6 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 20:46:12 ====

VIRY.CZ

Pomaly notebook

Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook

Re: Pomaly notebook