Ahoj mám problém, ještě před pár dny jsem v pohodě stahovala, ale teď to trvá hrozně dlouho. Internet jinak až na chvilkový vyjímky šlape dobře. Dle rad na zdejším fóru jsem použila aplikaci hijackthis a potřebuju pomoct co s tím dál. Předem děkuju za radu.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:10:53, on 30. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WindowsApps\33181HongsongLi.BeautifulPicturesFree_1.2.1.28_neutral__c011tc4ry6sj2\BingPics.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Users\Ajka4\Downloads\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [BtTray] "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [CLWCSM] "c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NCUpdateHelper] C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Windows] C:\Users\Public\Windows\downloadll.vbs
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Automatické vypnutí počítače.lnk = ?
O4 - Startup: Registration Assassin.LNK = C:\Program Files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DigitalPersona Ověřovací služba (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP HotSpot 1.0 Service (HotSpotSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem33.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14195 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
hijackthis pomalé stahování
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: hijackthis pomalé stahování
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . Je přesnější, než HJT.
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . Je přesnější, než HJT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: hijackthis pomalé stahování
Tady to je to z toho FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
Ran by Ajka4 (administrator) on KATIE (30-08-2015 19:32:28)
Running from C:\Users\Ajka4\Desktop
Loaded Profiles: Ajka4 (Available Profiles: Ajka4 & Michaela)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\JoyBitsLtd.DoodleGodPlanetHD_3.0.1.18_x64__2687mb06qk6xe\DoodleGodPlanet.exe
(Microsoft IT) C:\Program Files\WindowsApps\33181HongsongLi.BeautifulPicturesFree_1.2.1.28_neutral__c011tc4ry6sj2\BingPics.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(forum.viry.cz) C:\Users\Ajka4\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [144456 2013-03-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-04] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-01-02] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-01-31] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-31] (AVAST Software)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2015-01-10] (NCSOFT Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [Windows] => C:\Users\Public\Windows\downloadll.vbs [81 2014-05-08] ()
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-08-09] (Electronic Arts)
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-31] (AVAST Software)
Startup: C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Automatické vypnutí počítače.lnk [2015-07-11]
ShortcutTarget: Automatické vypnutí počítače.lnk -> C:\Program Files (x86)\Automatické vypnutí počítače\avp.exe (No File)
Startup: C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin.LNK [2015-08-30]
ShortcutTarget: Registration Assassin.LNK -> C:\Program Files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe (Ubisoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42C36156-2BE2-4701-B583-082A95576575}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F2FECA00-B700-45EC-9558-28A6D8183259}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-31] (AVAST Software)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-03-06] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-07] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Ajka4\AppData\Roaming\Mozilla\Firefox\Profiles\ekpb2f89.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2013-02-27] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2240536896-2200728666-304725237-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ajka4\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-09] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-25]
Chrome:
=======
CHR Profile: C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-20]
CHR Extension: (Google Search) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20]
CHR Extension: (DigitalPersona Extension) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2014-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20]
CHR Extension: (Gmail) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2013-02-27]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2015-03-09] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [491320 2013-03-12] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [357816 2012-12-19] (Hewlett-Packard Development Company, L.P.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [553248 2013-01-31] (Hewlett-Packard Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-09] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135752 2013-02-07] (PDF Complete Inc)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7743472 2015-08-19] (Reimage®)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-04] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-28] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-31] (AVAST Software)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-05] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-03-18] (WinMagic, Inc.)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243144 2013-03-07] (Realtek Semiconductor Corp.)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [212672 2013-03-27] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131928 2013-01-07] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-02-08] (Hewlett-Packard Development Company, L.P.)
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-30 19:32 - 2015-08-30 19:32 - 00022304 _____ C:\Users\Ajka4\Desktop\FRST.txt
2015-08-30 19:31 - 2015-08-30 19:32 - 00000000 ____D C:\FRST
2015-08-30 19:29 - 2015-08-30 19:29 - 00112640 _____ (forum.viry.cz) C:\Users\Ajka4\Desktop\FRSTLauncher.exe
2015-08-30 19:22 - 2015-08-30 19:22 - 02188288 _____ (Farbar) C:\Users\Ajka4\Desktop\FRST64.exe
2015-08-30 12:41 - 2015-08-30 16:51 - 00001078 _____ C:\WINDOWS\system32dbgraw.bmp
2015-08-21 12:37 - 2015-08-21 12:37 - 00756232 _____ C:\WINDOWS\Minidump\082115-43562-01.dmp
2015-08-21 10:24 - 2015-08-30 18:10 - 00014197 _____ C:\Users\Ajka4\Downloads\hijackthis.log
2015-08-21 10:23 - 2015-08-21 10:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ajka4\Downloads\hijackthis.exe
2015-08-20 23:11 - 2015-08-20 23:11 - 00019529 _____ C:\Users\Ajka4\Downloads\Fragile.mobi
2015-08-20 23:07 - 2015-08-20 23:07 - 00034952 _____ C:\Users\Ajka4\Downloads\Colors.mobi
2015-08-20 23:05 - 2015-08-20 23:05 - 00014251 _____ C:\Users\Ajka4\Downloads\Time Enough at Last.mobi
2015-08-20 23:05 - 2015-08-20 23:05 - 00013075 _____ C:\Users\Ajka4\Downloads\Destined by the Stars.mobi
2015-08-20 23:04 - 2015-08-20 23:04 - 00024381 _____ C:\Users\Ajka4\Downloads\Heaven Knows We Belong Way.mobi
2015-08-20 23:03 - 2015-08-20 23:03 - 00009311 _____ C:\Users\Ajka4\Downloads\On the edge of the abyss.mobi
2015-08-20 22:49 - 2015-08-20 22:49 - 00057663 _____ C:\Users\Ajka4\Downloads\A Lesson in Shipboard Discipline.mobi
2015-08-20 22:49 - 2015-08-20 22:49 - 00048008 _____ C:\Users\Ajka4\Downloads\Biotics Uncontrolled.mobi
2015-08-20 22:48 - 2015-08-20 22:48 - 00059285 _____ C:\Users\Ajka4\Downloads\A Minor Inconvenience.mobi
2015-08-20 22:47 - 2015-08-20 22:47 - 00013697 _____ C:\Users\Ajka4\Downloads\Damage.mobi
2015-08-20 22:46 - 2015-08-20 22:46 - 00014976 _____ C:\Users\Ajka4\Downloads\Surrender.mobi
2015-08-20 22:44 - 2015-08-20 22:44 - 00017491 _____ C:\Users\Ajka4\Downloads\And From the Darkness.mobi
2015-08-20 22:39 - 2015-08-20 22:39 - 00008896 _____ C:\Users\Ajka4\Downloads\Protection.mobi
2015-08-20 22:37 - 2015-08-20 22:37 - 00012941 _____ C:\Users\Ajka4\Downloads\Times Gone By.mobi
2015-08-20 22:34 - 2015-08-20 22:34 - 00040787 _____ C:\Users\Ajka4\Downloads\The Lives of Survivors.mobi
2015-08-20 22:32 - 2015-08-20 22:33 - 00006083 _____ C:\Users\Ajka4\Downloads\Ralice Drabble Collection.mobi
2015-08-20 22:18 - 2015-08-30 15:11 - 00007026 _____ C:\Users\Ajka4\Downloads\RESIDENT-EVIL-APOCALYPSA-Akční-Sci-fi-Horor,CZ-Dub.AVI
2015-08-19 10:16 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 10:16 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-18 17:53 - 2015-08-18 18:19 - 469667150 _____ C:\Users\Ajka4\Downloads\az-po-usi-13.avi
2015-08-17 16:30 - 2015-08-17 16:53 - 417322810 _____ C:\Users\Ajka4\Downloads\az-po-usi-12.avi
2015-08-16 22:06 - 2015-08-16 23:25 - 1404224818 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E11S01-TV-seriál-2014,-CZ.mkv
2015-08-16 21:32 - 2015-08-16 21:54 - 392568084 _____ C:\Users\Ajka4\Downloads\az-po-usi-11.avi
2015-08-16 20:46 - 2015-08-16 21:14 - 486283460 _____ C:\Users\Ajka4\Downloads\az-po-usi-10.avi
2015-08-16 17:18 - 2015-08-16 18:35 - 1353547052 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E09S01-TV-seriál-2014,-CZ.mkv
2015-08-16 14:22 - 2015-08-16 15:40 - 1405689018 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E08S01-TV-seriál-2014,-CZ.mkv
2015-08-16 12:44 - 2015-08-16 14:20 - 1386047041 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E07S01-TV-seriál-2014,-CZ.mkv
2015-08-16 11:02 - 2015-08-16 12:23 - 1429301359 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E06S01-TV-seriál-2014,-CZ.mkv
2015-08-16 09:13 - 2015-08-16 10:40 - 1531574222 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E05S01-TV-seriál-2014,-CZ.mkv
2015-08-14 23:33 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 23:33 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 23:11 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-14 23:11 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-14 23:11 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-14 23:11 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-14 23:11 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-14 23:11 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-14 23:11 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-14 23:11 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-14 23:11 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-14 23:11 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-14 23:11 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-14 23:10 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-14 23:10 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-14 21:54 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-14 21:54 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-14 21:54 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-14 21:54 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-14 21:54 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-14 21:54 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-14 21:54 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-14 21:54 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-14 21:54 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-14 21:54 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-14 21:54 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-14 21:54 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-14 21:54 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-14 21:54 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-14 21:54 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-14 21:54 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-14 21:54 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-14 21:54 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-14 21:54 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-14 21:54 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-14 21:53 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-14 21:53 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-14 21:53 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-14 21:53 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-14 21:53 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-14 21:53 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-14 21:53 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-14 21:53 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-14 21:53 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-14 21:53 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-14 21:53 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-14 21:53 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-14 21:53 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-14 21:53 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-14 21:53 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-14 21:53 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-14 21:53 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-14 21:53 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-14 21:52 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-14 21:52 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-14 21:52 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-14 21:52 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-14 21:52 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-14 21:52 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-14 21:52 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-14 21:52 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-14 21:52 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-14 21:52 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-14 21:52 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-14 21:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-14 21:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-14 21:52 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-14 21:52 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-14 21:52 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-14 21:52 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-14 21:52 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-14 21:51 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-14 21:51 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-14 21:51 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-14 21:51 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-14 21:51 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-14 21:51 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-14 21:51 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-14 21:51 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-14 21:51 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-14 21:51 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-14 21:51 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-14 21:51 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 12:15 - 2015-08-11 12:33 - 322365440 _____ C:\Users\Ajka4\Downloads\[l33t-raws]Kashimashi_-_Girl_Meets_Girl_03_(640x480_LameVBR_WMV9).[F908DB60].avi
2015-08-11 11:43 - 2015-08-11 11:58 - 271104000 _____ C:\Users\Ajka4\Downloads\[l33t-raws]Kashimashi_-_Girl_Meets_Girl_02_(640x480_DivX521).[5C4F0038].avi
2015-08-09 22:32 - 2015-08-09 22:32 - 00080302 _____ C:\Users\Ajka4\Downloads\Jenny's-Wedding-CZ-Titulky.srt
2015-08-07 01:53 - 2015-08-30 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 13:31 - 2015-08-06 13:31 - 00000000 ____D C:\Users\Ajka4\AppData\Local\CEF
2015-08-06 11:27 - 2008-06-05 11:10 - 00003096 _____ C:\Users\Ajka4\Downloads\Heroes3C_registry.reg
2015-08-06 11:27 - 2001-11-11 14:14 - 02732032 _____ (The 3DO Company) C:\Users\Ajka4\Downloads\Heroes3.exe
2015-08-05 23:29 - 2015-08-05 23:29 - 00000000 ____D C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-08-05 23:25 - 2015-08-05 23:25 - 00000000 ____D C:\ProgramData\InstallShield
2015-08-05 23:19 - 2013-02-06 18:32 - 1031634944 _____ C:\Users\Ajka4\Downloads\Heroes of Might and Magic 3 Complete (2000) game+CZ.iso
2015-07-31 18:43 - 2015-07-31 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F4V Player
2015-07-31 18:43 - 2015-07-31 18:43 - 00000000 ____D C:\Program Files (x86)\F4V Player
2015-07-31 18:42 - 2015-07-31 18:43 - 06617154 _____ (www.f4vplayer.com ) C:\Users\Ajka4\Downloads\f4vplayer_setup.exe
2015-07-31 16:08 - 2015-07-31 16:08 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-07-31 16:08 - 2015-07-31 16:08 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-07-31 15:35 - 2015-07-31 15:35 - 06420480 _____ C:\Program Files (x86)\GUT1E3.tmp
2015-07-31 15:35 - 2015-07-31 15:35 - 00000000 ____D C:\Program Files (x86)\GUM1E2.tmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-30 19:32 - 2015-07-14 18:07 - 00000000 ____D C:\Users\Ajka4\AppData\Roaming\Skype
2015-08-30 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-30 18:58 - 2014-05-20 19:05 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 18:52 - 2014-05-21 19:02 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-30 18:19 - 2014-05-28 18:21 - 01168545 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-30 15:58 - 2014-05-20 19:05 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 14:57 - 2014-05-12 17:41 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2240536896-2200728666-304725237-1002
2015-08-30 13:59 - 2014-05-20 19:10 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-30 13:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-30 13:26 - 2015-01-10 12:46 - 00000158 _____ C:\WINDOWS\Reimage.ini
2015-08-30 13:26 - 2013-09-08 11:36 - 00000000 ____D C:\ProgramData\PDFC
2015-08-30 13:21 - 2014-10-09 18:27 - 00000000 ____D C:\ProgramData\Origin
2015-08-30 13:21 - 2014-06-22 11:23 - 00000000 ____D C:\Users\Public\Windows
2015-08-30 12:45 - 2014-10-10 06:08 - 00003112 _____ C:\WINDOWS\System32\Tasks\RDReminder
2015-08-30 12:44 - 2013-02-22 15:59 - 00000983 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-08-30 12:43 - 2013-11-02 08:30 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-08-30 12:41 - 2014-05-28 19:04 - 00000000 __RDO C:\Users\Ajka4\OneDrive
2015-08-30 12:41 - 2013-11-02 08:30 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-08-21 16:31 - 2014-05-12 18:37 - 00000332 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2015-08-21 16:05 - 2014-03-18 17:33 - 01938474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-21 16:05 - 2014-03-18 16:54 - 00803244 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-21 16:05 - 2014-03-18 16:54 - 00184236 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-21 15:56 - 2013-08-22 16:46 - 00329239 _____ C:\WINDOWS\setupact.log
2015-08-21 12:38 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-21 12:37 - 2014-07-09 15:23 - 690685340 _____ C:\WINDOWS\MEMORY.DMP
2015-08-21 12:37 - 2014-07-09 15:23 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-20 14:00 - 2014-05-25 21:31 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-19 13:24 - 2014-08-19 12:34 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-08-19 12:22 - 2015-01-13 21:47 - 00281803 _____ C:\WINDOWS\system32\ScanResults.xml
2015-08-19 12:14 - 2015-01-13 21:41 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings
2015-08-19 10:19 - 2013-08-22 15:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-08-19 10:18 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-16 18:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-15 16:10 - 2014-05-25 21:31 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-15 09:55 - 2013-08-22 16:44 - 00346656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-15 09:53 - 2014-12-23 15:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-15 09:53 - 2014-12-23 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-14 23:51 - 2015-04-16 22:59 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 23:51 - 2015-03-15 01:26 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 23:32 - 2014-12-23 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-14 23:30 - 2014-05-15 20:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-14 23:22 - 2014-05-15 20:19 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 22:52 - 2014-05-21 19:02 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-11 15:28 - 2015-07-14 18:06 - 00000000 ____D C:\ProgramData\Skype
2015-08-10 01:23 - 2014-05-28 18:03 - 00000000 ____D C:\Users\Ajka4
2015-08-09 11:27 - 2014-10-09 18:27 - 00000000 ____D C:\Program Files (x86)\Origin
2015-08-09 11:16 - 2014-05-20 19:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-09 11:16 - 2014-03-18 09:20 - 00186362 _____ C:\WINDOWS\PFRO.log
2015-08-08 15:55 - 2015-06-10 06:52 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-06-10 06:52 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 12:59 - 2014-05-28 18:52 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 12:56 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 11:41 - 2014-07-31 07:39 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-07 11:41 - 2014-06-22 11:35 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-06 14:18 - 2014-08-19 12:34 - 00000000 ____D C:\Users\Ajka4\Documents\My Games
2015-08-06 14:15 - 2015-01-05 19:33 - 00000000 ____D C:\Users\Ajka4\AppData\Local\The Witcher
2015-08-06 13:32 - 2014-11-08 16:07 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-06 12:50 - 2013-09-08 11:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-06 12:49 - 2014-12-19 23:36 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-08-06 12:46 - 2014-10-10 05:28 - 00000000 ____D C:\Users\Ajka4\Documents\BioWare
2015-08-06 11:01 - 2014-05-16 16:28 - 00000000 ____D C:\Games
2015-08-05 21:06 - 2014-05-31 12:08 - 00003958 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E4D12A9D-3702-4B86-BF52-F1A2D5C9C7D7}
2015-08-02 08:45 - 2014-08-04 11:32 - 00585728 ___SH C:\Users\Ajka4\Downloads\Thumbs.db
2015-08-01 21:58 - 2014-10-10 06:08 - 00000304 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-07-31 17:52 - 2015-04-09 19:28 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-31 17:50 - 2015-04-09 19:28 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-31 16:08 - 2014-05-25 21:31 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-31 15:53 - 2014-05-20 19:05 - 00003944 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-31 15:53 - 2014-05-20 19:05 - 00003708 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2015-07-31 15:35 - 2015-07-31 15:35 - 6420480 _____ () C:\Program Files (x86)\GUT1E3.tmp
2015-04-19 16:40 - 2015-04-19 16:40 - 0000218 _____ () C:\Users\Ajka4\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
C:\Users\Ajka4\AppData\Local\Temp\AskSLib.dll
C:\Users\Ajka4\AppData\Local\Temp\bdfilters.dll
C:\Users\Ajka4\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Ajka4\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Ajka4\AppData\Local\Temp\ExPromo.exe
C:\Users\Ajka4\AppData\Local\Temp\GrLauncherTempSetup.exe
C:\Users\Ajka4\AppData\Local\Temp\ICReinstall_installer_minecraft_English.exe
C:\Users\Ajka4\AppData\Local\Temp\installer_minecraft_English.exe
C:\Users\Ajka4\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Ajka4\AppData\Local\Temp\NSISPromotionEx.dll
C:\Users\Ajka4\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Ajka4\AppData\Local\Temp\SRLDetectionLibrary3510591322360735803.dll
C:\Users\Ajka4\AppData\Local\Temp\_isA04C.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Users\Ajka4\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Michaela\OneDrive:ms-properties
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ajka4\Desktop" je 2 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
Ran by Ajka4 (administrator) on KATIE (30-08-2015 19:32:28)
Running from C:\Users\Ajka4\Desktop
Loaded Profiles: Ajka4 (Available Profiles: Ajka4 & Michaela)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\JoyBitsLtd.DoodleGodPlanetHD_3.0.1.18_x64__2687mb06qk6xe\DoodleGodPlanet.exe
(Microsoft IT) C:\Program Files\WindowsApps\33181HongsongLi.BeautifulPicturesFree_1.2.1.28_neutral__c011tc4ry6sj2\BingPics.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(forum.viry.cz) C:\Users\Ajka4\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [144456 2013-03-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-04] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-01-02] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-01-31] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-31] (AVAST Software)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2015-01-10] (NCSOFT Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [Windows] => C:\Users\Public\Windows\downloadll.vbs [81 2014-05-08] ()
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-08-09] (Electronic Arts)
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-31] (AVAST Software)
Startup: C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Automatické vypnutí počítače.lnk [2015-07-11]
ShortcutTarget: Automatické vypnutí počítače.lnk -> C:\Program Files (x86)\Automatické vypnutí počítače\avp.exe (No File)
Startup: C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin.LNK [2015-08-30]
ShortcutTarget: Registration Assassin.LNK -> C:\Program Files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe (Ubisoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42C36156-2BE2-4701-B583-082A95576575}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F2FECA00-B700-45EC-9558-28A6D8183259}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-31] (AVAST Software)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-03-06] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-07] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Ajka4\AppData\Roaming\Mozilla\Firefox\Profiles\ekpb2f89.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2013-02-27] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2240536896-2200728666-304725237-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ajka4\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-09] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-25]
Chrome:
=======
CHR Profile: C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-20]
CHR Extension: (Google Search) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20]
CHR Extension: (DigitalPersona Extension) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2014-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20]
CHR Extension: (Gmail) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2013-02-27]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2015-03-09] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [491320 2013-03-12] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [357816 2012-12-19] (Hewlett-Packard Development Company, L.P.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [553248 2013-01-31] (Hewlett-Packard Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-09] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135752 2013-02-07] (PDF Complete Inc)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7743472 2015-08-19] (Reimage®)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-04] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-28] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-31] (AVAST Software)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-05] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-03-18] (WinMagic, Inc.)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243144 2013-03-07] (Realtek Semiconductor Corp.)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [212672 2013-03-27] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131928 2013-01-07] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-02-08] (Hewlett-Packard Development Company, L.P.)
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-30 19:32 - 2015-08-30 19:32 - 00022304 _____ C:\Users\Ajka4\Desktop\FRST.txt
2015-08-30 19:31 - 2015-08-30 19:32 - 00000000 ____D C:\FRST
2015-08-30 19:29 - 2015-08-30 19:29 - 00112640 _____ (forum.viry.cz) C:\Users\Ajka4\Desktop\FRSTLauncher.exe
2015-08-30 19:22 - 2015-08-30 19:22 - 02188288 _____ (Farbar) C:\Users\Ajka4\Desktop\FRST64.exe
2015-08-30 12:41 - 2015-08-30 16:51 - 00001078 _____ C:\WINDOWS\system32dbgraw.bmp
2015-08-21 12:37 - 2015-08-21 12:37 - 00756232 _____ C:\WINDOWS\Minidump\082115-43562-01.dmp
2015-08-21 10:24 - 2015-08-30 18:10 - 00014197 _____ C:\Users\Ajka4\Downloads\hijackthis.log
2015-08-21 10:23 - 2015-08-21 10:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ajka4\Downloads\hijackthis.exe
2015-08-20 23:11 - 2015-08-20 23:11 - 00019529 _____ C:\Users\Ajka4\Downloads\Fragile.mobi
2015-08-20 23:07 - 2015-08-20 23:07 - 00034952 _____ C:\Users\Ajka4\Downloads\Colors.mobi
2015-08-20 23:05 - 2015-08-20 23:05 - 00014251 _____ C:\Users\Ajka4\Downloads\Time Enough at Last.mobi
2015-08-20 23:05 - 2015-08-20 23:05 - 00013075 _____ C:\Users\Ajka4\Downloads\Destined by the Stars.mobi
2015-08-20 23:04 - 2015-08-20 23:04 - 00024381 _____ C:\Users\Ajka4\Downloads\Heaven Knows We Belong Way.mobi
2015-08-20 23:03 - 2015-08-20 23:03 - 00009311 _____ C:\Users\Ajka4\Downloads\On the edge of the abyss.mobi
2015-08-20 22:49 - 2015-08-20 22:49 - 00057663 _____ C:\Users\Ajka4\Downloads\A Lesson in Shipboard Discipline.mobi
2015-08-20 22:49 - 2015-08-20 22:49 - 00048008 _____ C:\Users\Ajka4\Downloads\Biotics Uncontrolled.mobi
2015-08-20 22:48 - 2015-08-20 22:48 - 00059285 _____ C:\Users\Ajka4\Downloads\A Minor Inconvenience.mobi
2015-08-20 22:47 - 2015-08-20 22:47 - 00013697 _____ C:\Users\Ajka4\Downloads\Damage.mobi
2015-08-20 22:46 - 2015-08-20 22:46 - 00014976 _____ C:\Users\Ajka4\Downloads\Surrender.mobi
2015-08-20 22:44 - 2015-08-20 22:44 - 00017491 _____ C:\Users\Ajka4\Downloads\And From the Darkness.mobi
2015-08-20 22:39 - 2015-08-20 22:39 - 00008896 _____ C:\Users\Ajka4\Downloads\Protection.mobi
2015-08-20 22:37 - 2015-08-20 22:37 - 00012941 _____ C:\Users\Ajka4\Downloads\Times Gone By.mobi
2015-08-20 22:34 - 2015-08-20 22:34 - 00040787 _____ C:\Users\Ajka4\Downloads\The Lives of Survivors.mobi
2015-08-20 22:32 - 2015-08-20 22:33 - 00006083 _____ C:\Users\Ajka4\Downloads\Ralice Drabble Collection.mobi
2015-08-20 22:18 - 2015-08-30 15:11 - 00007026 _____ C:\Users\Ajka4\Downloads\RESIDENT-EVIL-APOCALYPSA-Akční-Sci-fi-Horor,CZ-Dub.AVI
2015-08-19 10:16 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 10:16 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-18 17:53 - 2015-08-18 18:19 - 469667150 _____ C:\Users\Ajka4\Downloads\az-po-usi-13.avi
2015-08-17 16:30 - 2015-08-17 16:53 - 417322810 _____ C:\Users\Ajka4\Downloads\az-po-usi-12.avi
2015-08-16 22:06 - 2015-08-16 23:25 - 1404224818 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E11S01-TV-seriál-2014,-CZ.mkv
2015-08-16 21:32 - 2015-08-16 21:54 - 392568084 _____ C:\Users\Ajka4\Downloads\az-po-usi-11.avi
2015-08-16 20:46 - 2015-08-16 21:14 - 486283460 _____ C:\Users\Ajka4\Downloads\az-po-usi-10.avi
2015-08-16 17:18 - 2015-08-16 18:35 - 1353547052 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E09S01-TV-seriál-2014,-CZ.mkv
2015-08-16 14:22 - 2015-08-16 15:40 - 1405689018 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E08S01-TV-seriál-2014,-CZ.mkv
2015-08-16 12:44 - 2015-08-16 14:20 - 1386047041 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E07S01-TV-seriál-2014,-CZ.mkv
2015-08-16 11:02 - 2015-08-16 12:23 - 1429301359 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E06S01-TV-seriál-2014,-CZ.mkv
2015-08-16 09:13 - 2015-08-16 10:40 - 1531574222 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E05S01-TV-seriál-2014,-CZ.mkv
2015-08-14 23:33 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 23:33 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 23:11 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-14 23:11 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-14 23:11 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-14 23:11 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-14 23:11 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-14 23:11 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-14 23:11 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-14 23:11 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-14 23:11 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-14 23:11 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-14 23:11 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-14 23:10 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-14 23:10 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-14 21:54 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-14 21:54 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-14 21:54 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-14 21:54 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-14 21:54 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-14 21:54 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-14 21:54 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-14 21:54 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-14 21:54 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-14 21:54 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-14 21:54 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-14 21:54 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-14 21:54 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-14 21:54 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-14 21:54 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-14 21:54 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-14 21:54 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-14 21:54 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-14 21:54 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-14 21:54 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-14 21:53 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-14 21:53 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-14 21:53 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-14 21:53 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-14 21:53 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-14 21:53 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-14 21:53 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-14 21:53 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-14 21:53 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-14 21:53 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-14 21:53 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-14 21:53 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-14 21:53 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-14 21:53 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-14 21:53 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-14 21:53 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-14 21:53 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-14 21:53 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-14 21:52 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-14 21:52 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-14 21:52 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-14 21:52 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-14 21:52 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-14 21:52 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-14 21:52 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-14 21:52 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-14 21:52 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-14 21:52 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-14 21:52 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-14 21:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-14 21:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-14 21:52 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-14 21:52 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-14 21:52 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-14 21:52 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-14 21:52 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-14 21:51 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-14 21:51 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-14 21:51 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-14 21:51 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-14 21:51 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-14 21:51 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-14 21:51 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-14 21:51 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-14 21:51 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-14 21:51 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-14 21:51 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-14 21:51 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 12:15 - 2015-08-11 12:33 - 322365440 _____ C:\Users\Ajka4\Downloads\[l33t-raws]Kashimashi_-_Girl_Meets_Girl_03_(640x480_LameVBR_WMV9).[F908DB60].avi
2015-08-11 11:43 - 2015-08-11 11:58 - 271104000 _____ C:\Users\Ajka4\Downloads\[l33t-raws]Kashimashi_-_Girl_Meets_Girl_02_(640x480_DivX521).[5C4F0038].avi
2015-08-09 22:32 - 2015-08-09 22:32 - 00080302 _____ C:\Users\Ajka4\Downloads\Jenny's-Wedding-CZ-Titulky.srt
2015-08-07 01:53 - 2015-08-30 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 13:31 - 2015-08-06 13:31 - 00000000 ____D C:\Users\Ajka4\AppData\Local\CEF
2015-08-06 11:27 - 2008-06-05 11:10 - 00003096 _____ C:\Users\Ajka4\Downloads\Heroes3C_registry.reg
2015-08-06 11:27 - 2001-11-11 14:14 - 02732032 _____ (The 3DO Company) C:\Users\Ajka4\Downloads\Heroes3.exe
2015-08-05 23:29 - 2015-08-05 23:29 - 00000000 ____D C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-08-05 23:25 - 2015-08-05 23:25 - 00000000 ____D C:\ProgramData\InstallShield
2015-08-05 23:19 - 2013-02-06 18:32 - 1031634944 _____ C:\Users\Ajka4\Downloads\Heroes of Might and Magic 3 Complete (2000) game+CZ.iso
2015-07-31 18:43 - 2015-07-31 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F4V Player
2015-07-31 18:43 - 2015-07-31 18:43 - 00000000 ____D C:\Program Files (x86)\F4V Player
2015-07-31 18:42 - 2015-07-31 18:43 - 06617154 _____ (www.f4vplayer.com ) C:\Users\Ajka4\Downloads\f4vplayer_setup.exe
2015-07-31 16:08 - 2015-07-31 16:08 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-07-31 16:08 - 2015-07-31 16:08 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-07-31 15:35 - 2015-07-31 15:35 - 06420480 _____ C:\Program Files (x86)\GUT1E3.tmp
2015-07-31 15:35 - 2015-07-31 15:35 - 00000000 ____D C:\Program Files (x86)\GUM1E2.tmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-30 19:32 - 2015-07-14 18:07 - 00000000 ____D C:\Users\Ajka4\AppData\Roaming\Skype
2015-08-30 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-30 18:58 - 2014-05-20 19:05 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 18:52 - 2014-05-21 19:02 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-30 18:19 - 2014-05-28 18:21 - 01168545 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-30 15:58 - 2014-05-20 19:05 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 14:57 - 2014-05-12 17:41 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2240536896-2200728666-304725237-1002
2015-08-30 13:59 - 2014-05-20 19:10 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-30 13:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-30 13:26 - 2015-01-10 12:46 - 00000158 _____ C:\WINDOWS\Reimage.ini
2015-08-30 13:26 - 2013-09-08 11:36 - 00000000 ____D C:\ProgramData\PDFC
2015-08-30 13:21 - 2014-10-09 18:27 - 00000000 ____D C:\ProgramData\Origin
2015-08-30 13:21 - 2014-06-22 11:23 - 00000000 ____D C:\Users\Public\Windows
2015-08-30 12:45 - 2014-10-10 06:08 - 00003112 _____ C:\WINDOWS\System32\Tasks\RDReminder
2015-08-30 12:44 - 2013-02-22 15:59 - 00000983 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-08-30 12:43 - 2013-11-02 08:30 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-08-30 12:41 - 2014-05-28 19:04 - 00000000 __RDO C:\Users\Ajka4\OneDrive
2015-08-30 12:41 - 2013-11-02 08:30 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-08-21 16:31 - 2014-05-12 18:37 - 00000332 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2015-08-21 16:05 - 2014-03-18 17:33 - 01938474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-21 16:05 - 2014-03-18 16:54 - 00803244 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-21 16:05 - 2014-03-18 16:54 - 00184236 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-21 15:56 - 2013-08-22 16:46 - 00329239 _____ C:\WINDOWS\setupact.log
2015-08-21 12:38 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-21 12:37 - 2014-07-09 15:23 - 690685340 _____ C:\WINDOWS\MEMORY.DMP
2015-08-21 12:37 - 2014-07-09 15:23 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-20 14:00 - 2014-05-25 21:31 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-19 13:24 - 2014-08-19 12:34 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-08-19 12:22 - 2015-01-13 21:47 - 00281803 _____ C:\WINDOWS\system32\ScanResults.xml
2015-08-19 12:14 - 2015-01-13 21:41 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings
2015-08-19 10:19 - 2013-08-22 15:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-08-19 10:18 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-16 18:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-15 16:10 - 2014-05-25 21:31 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-15 09:55 - 2013-08-22 16:44 - 00346656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-15 09:53 - 2014-12-23 15:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-15 09:53 - 2014-12-23 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-14 23:51 - 2015-04-16 22:59 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 23:51 - 2015-03-15 01:26 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 23:32 - 2014-12-23 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-14 23:30 - 2014-05-15 20:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-14 23:22 - 2014-05-15 20:19 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 22:52 - 2014-05-21 19:02 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-11 15:28 - 2015-07-14 18:06 - 00000000 ____D C:\ProgramData\Skype
2015-08-10 01:23 - 2014-05-28 18:03 - 00000000 ____D C:\Users\Ajka4
2015-08-09 11:27 - 2014-10-09 18:27 - 00000000 ____D C:\Program Files (x86)\Origin
2015-08-09 11:16 - 2014-05-20 19:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-09 11:16 - 2014-03-18 09:20 - 00186362 _____ C:\WINDOWS\PFRO.log
2015-08-08 15:55 - 2015-06-10 06:52 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-06-10 06:52 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 12:59 - 2014-05-28 18:52 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 12:56 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 11:41 - 2014-07-31 07:39 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-07 11:41 - 2014-06-22 11:35 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-06 14:18 - 2014-08-19 12:34 - 00000000 ____D C:\Users\Ajka4\Documents\My Games
2015-08-06 14:15 - 2015-01-05 19:33 - 00000000 ____D C:\Users\Ajka4\AppData\Local\The Witcher
2015-08-06 13:32 - 2014-11-08 16:07 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-06 12:50 - 2013-09-08 11:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-06 12:49 - 2014-12-19 23:36 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-08-06 12:46 - 2014-10-10 05:28 - 00000000 ____D C:\Users\Ajka4\Documents\BioWare
2015-08-06 11:01 - 2014-05-16 16:28 - 00000000 ____D C:\Games
2015-08-05 21:06 - 2014-05-31 12:08 - 00003958 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E4D12A9D-3702-4B86-BF52-F1A2D5C9C7D7}
2015-08-02 08:45 - 2014-08-04 11:32 - 00585728 ___SH C:\Users\Ajka4\Downloads\Thumbs.db
2015-08-01 21:58 - 2014-10-10 06:08 - 00000304 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-07-31 17:52 - 2015-04-09 19:28 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-31 17:50 - 2015-04-09 19:28 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-31 16:08 - 2014-05-25 21:31 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-31 15:53 - 2014-05-20 19:05 - 00003944 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-31 15:53 - 2014-05-20 19:05 - 00003708 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2015-07-31 15:35 - 2015-07-31 15:35 - 6420480 _____ () C:\Program Files (x86)\GUT1E3.tmp
2015-04-19 16:40 - 2015-04-19 16:40 - 0000218 _____ () C:\Users\Ajka4\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
C:\Users\Ajka4\AppData\Local\Temp\AskSLib.dll
C:\Users\Ajka4\AppData\Local\Temp\bdfilters.dll
C:\Users\Ajka4\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Ajka4\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Ajka4\AppData\Local\Temp\ExPromo.exe
C:\Users\Ajka4\AppData\Local\Temp\GrLauncherTempSetup.exe
C:\Users\Ajka4\AppData\Local\Temp\ICReinstall_installer_minecraft_English.exe
C:\Users\Ajka4\AppData\Local\Temp\installer_minecraft_English.exe
C:\Users\Ajka4\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Ajka4\AppData\Local\Temp\NSISPromotionEx.dll
C:\Users\Ajka4\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Ajka4\AppData\Local\Temp\SRLDetectionLibrary3510591322360735803.dll
C:\Users\Ajka4\AppData\Local\Temp\_isA04C.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Users\Ajka4\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Michaela\OneDrive:ms-properties
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ajka4\Desktop" je 2 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (24.65 KiB) Staženo 50 x
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: hijackthis pomalé stahování
Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: hijackthis pomalé stahování
Tady to je
# AdwCleaner v5.004 - Logfile created 30/08/2015 at 20:40:46
# Updated 26/08/2015 by Xplode
# Database : 2015-08-30.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Ajka4 - KATIE
# Running from : C:\Users\Ajka4\Desktop\adwcleaner_5.004.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : ReimageRealTimeProtector
***** [ Folders ] *****
[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\ProgramData\MountainApp
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Folder Deleted : C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
[-] Folder Deleted : C:\Users\Ajka4\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Ajka4\AppData\Roaming\Solvusoft
[-] Folder Deleted : C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
***** [ Files ] *****
[-] File Deleted : C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\WINDOWS\Reimage.ini
[-] File Deleted : C:\WINDOWS\Sysnative\roboot64.exe
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : RDReminder
[-] Task Deleted : ReimageUpdater
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
[-] Key Deleted : HKCU\Software\ba4c12bee3027d94da5c81db2d196bfd
[-] Key Deleted : HKCU\Software\c6f82197d830d6d6a2c24953e68632f4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\reimagerepair
[!] Key Not Deleted : [x64] HKCU\Software\Reimage
[!] Key Not Deleted : [x64] HKCU\Software\reimagerepair
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3304 bytes] ##########
# AdwCleaner v5.004 - Logfile created 30/08/2015 at 20:40:46
# Updated 26/08/2015 by Xplode
# Database : 2015-08-30.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Ajka4 - KATIE
# Running from : C:\Users\Ajka4\Desktop\adwcleaner_5.004.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : ReimageRealTimeProtector
***** [ Folders ] *****
[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\ProgramData\MountainApp
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Folder Deleted : C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
[-] Folder Deleted : C:\Users\Ajka4\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Ajka4\AppData\Roaming\Solvusoft
[-] Folder Deleted : C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
***** [ Files ] *****
[-] File Deleted : C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\WINDOWS\Reimage.ini
[-] File Deleted : C:\WINDOWS\Sysnative\roboot64.exe
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : RDReminder
[-] Task Deleted : ReimageUpdater
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
[-] Key Deleted : HKCU\Software\ba4c12bee3027d94da5c81db2d196bfd
[-] Key Deleted : HKCU\Software\c6f82197d830d6d6a2c24953e68632f4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\reimagerepair
[!] Key Not Deleted : [x64] HKCU\Software\Reimage
[!] Key Not Deleted : [x64] HKCU\Software\reimagerepair
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3304 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: hijackthis pomalé stahování
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: hijackthis pomalé stahování
Tady je
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
Ran by Ajka4 (administrator) on KATIE (30-08-2015 21:21:51)
Running from C:\Users\Ajka4\Desktop
Loaded Profiles: Ajka4 (Available Profiles: Ajka4 & Michaela)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(forum.viry.cz) C:\Users\Ajka4\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [144456 2013-03-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-04] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-01-02] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-01-31] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-30] (AVAST Software)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2015-01-10] (NCSOFT Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [Windows] => C:\Users\Public\Windows\downloadll.vbs [81 2014-05-08] ()
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-08-09] (Electronic Arts)
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-31] (AVAST Software)
Startup: C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Automatické vypnutí počítače.lnk [2015-07-11]
ShortcutTarget: Automatické vypnutí počítače.lnk -> C:\Program Files (x86)\Automatické vypnutí počítače\avp.exe (No File)
Startup: C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin.LNK [2015-08-30]
ShortcutTarget: Registration Assassin.LNK -> C:\Program Files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe (Ubisoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42C36156-2BE2-4701-B583-082A95576575}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F2FECA00-B700-45EC-9558-28A6D8183259}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-31] (AVAST Software)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-03-06] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-07] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Ajka4\AppData\Roaming\Mozilla\Firefox\Profiles\ekpb2f89.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2013-02-27] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2240536896-2200728666-304725237-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ajka4\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-09] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-25]
Chrome:
=======
CHR Profile: C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-20]
CHR Extension: (Google Search) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20]
CHR Extension: (Gmail) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2013-02-27]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2015-03-09] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [491320 2013-03-12] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [357816 2012-12-19] (Hewlett-Packard Development Company, L.P.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [553248 2013-01-31] (Hewlett-Packard Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-09] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135752 2013-02-07] (PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-04] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-28] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-31] (AVAST Software)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-05] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-03-18] (WinMagic, Inc.)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243144 2013-03-07] (Realtek Semiconductor Corp.)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [212672 2013-03-27] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131928 2013-01-07] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-02-08] (Hewlett-Packard Development Company, L.P.)
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-30 21:21 - 2015-08-30 21:21 - 00029696 _____ C:\Users\Ajka4\AppData\Local\MSGBOX.EXE
2015-08-30 21:21 - 2015-08-30 21:21 - 00021368 _____ C:\Users\Ajka4\Desktop\FRST.txt
2015-08-30 21:21 - 2015-08-30 21:21 - 00015327 _____ C:\Users\Ajka4\Desktop\LM.bat
2015-08-30 21:16 - 2015-08-30 21:16 - 00112640 _____ (forum.viry.cz) C:\Users\Ajka4\Desktop\FRSTLauncher.exe
2015-08-30 20:31 - 2015-08-30 20:40 - 00000000 ____D C:\AdwCleaner
2015-08-30 20:30 - 2015-08-30 20:30 - 01618432 _____ C:\Users\Ajka4\Desktop\adwcleaner_5.004.exe
2015-08-30 19:39 - 2015-08-30 19:39 - 00025245 _____ C:\Users\Ajka4\Desktop\Addition.rar
2015-08-30 19:34 - 2015-08-30 21:19 - 00102630 _____ C:\Users\Ajka4\Desktop\FRST3-původní.txt
2015-08-30 19:31 - 2015-08-30 21:21 - 00000000 ____D C:\FRST
2015-08-30 19:22 - 2015-08-30 19:22 - 02188288 _____ (Farbar) C:\Users\Ajka4\Desktop\FRST64.exe
2015-08-30 15:45 - 2015-08-30 20:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-30 12:41 - 2015-08-30 20:44 - 00001078 _____ C:\WINDOWS\system32dbgraw.bmp
2015-08-21 12:37 - 2015-08-21 12:37 - 00756232 _____ C:\WINDOWS\Minidump\082115-43562-01.dmp
2015-08-21 10:24 - 2015-08-30 18:10 - 00014197 _____ C:\Users\Ajka4\Downloads\hijackthis.log
2015-08-21 10:23 - 2015-08-21 10:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ajka4\Downloads\hijackthis.exe
2015-08-20 23:11 - 2015-08-20 23:11 - 00019529 _____ C:\Users\Ajka4\Downloads\Fragile.mobi
2015-08-20 23:07 - 2015-08-20 23:07 - 00034952 _____ C:\Users\Ajka4\Downloads\Colors.mobi
2015-08-20 23:05 - 2015-08-20 23:05 - 00014251 _____ C:\Users\Ajka4\Downloads\Time Enough at Last.mobi
2015-08-20 23:05 - 2015-08-20 23:05 - 00013075 _____ C:\Users\Ajka4\Downloads\Destined by the Stars.mobi
2015-08-20 23:04 - 2015-08-20 23:04 - 00024381 _____ C:\Users\Ajka4\Downloads\Heaven Knows We Belong Way.mobi
2015-08-20 23:03 - 2015-08-20 23:03 - 00009311 _____ C:\Users\Ajka4\Downloads\On the edge of the abyss.mobi
2015-08-20 22:49 - 2015-08-20 22:49 - 00057663 _____ C:\Users\Ajka4\Downloads\A Lesson in Shipboard Discipline.mobi
2015-08-20 22:49 - 2015-08-20 22:49 - 00048008 _____ C:\Users\Ajka4\Downloads\Biotics Uncontrolled.mobi
2015-08-20 22:48 - 2015-08-20 22:48 - 00059285 _____ C:\Users\Ajka4\Downloads\A Minor Inconvenience.mobi
2015-08-20 22:47 - 2015-08-20 22:47 - 00013697 _____ C:\Users\Ajka4\Downloads\Damage.mobi
2015-08-20 22:46 - 2015-08-20 22:46 - 00014976 _____ C:\Users\Ajka4\Downloads\Surrender.mobi
2015-08-20 22:44 - 2015-08-20 22:44 - 00017491 _____ C:\Users\Ajka4\Downloads\And From the Darkness.mobi
2015-08-20 22:39 - 2015-08-20 22:39 - 00008896 _____ C:\Users\Ajka4\Downloads\Protection.mobi
2015-08-20 22:37 - 2015-08-20 22:37 - 00012941 _____ C:\Users\Ajka4\Downloads\Times Gone By.mobi
2015-08-20 22:34 - 2015-08-20 22:34 - 00040787 _____ C:\Users\Ajka4\Downloads\The Lives of Survivors.mobi
2015-08-20 22:32 - 2015-08-20 22:33 - 00006083 _____ C:\Users\Ajka4\Downloads\Ralice Drabble Collection.mobi
2015-08-20 22:18 - 2015-08-30 15:11 - 00007026 _____ C:\Users\Ajka4\Downloads\RESIDENT-EVIL-APOCALYPSA-Akční-Sci-fi-Horor,CZ-Dub.AVI
2015-08-19 10:16 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 10:16 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-18 17:53 - 2015-08-18 18:19 - 469667150 _____ C:\Users\Ajka4\Downloads\az-po-usi-13.avi
2015-08-17 16:30 - 2015-08-17 16:53 - 417322810 _____ C:\Users\Ajka4\Downloads\az-po-usi-12.avi
2015-08-16 22:06 - 2015-08-16 23:25 - 1404224818 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E11S01-TV-seriál-2014,-CZ.mkv
2015-08-16 21:32 - 2015-08-16 21:54 - 392568084 _____ C:\Users\Ajka4\Downloads\az-po-usi-11.avi
2015-08-16 20:46 - 2015-08-16 21:14 - 486283460 _____ C:\Users\Ajka4\Downloads\az-po-usi-10.avi
2015-08-16 17:18 - 2015-08-16 18:35 - 1353547052 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E09S01-TV-seriál-2014,-CZ.mkv
2015-08-16 14:22 - 2015-08-16 15:40 - 1405689018 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E08S01-TV-seriál-2014,-CZ.mkv
2015-08-16 12:44 - 2015-08-16 14:20 - 1386047041 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E07S01-TV-seriál-2014,-CZ.mkv
2015-08-16 11:02 - 2015-08-16 12:23 - 1429301359 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E06S01-TV-seriál-2014,-CZ.mkv
2015-08-16 09:13 - 2015-08-16 10:40 - 1531574222 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E05S01-TV-seriál-2014,-CZ.mkv
2015-08-14 23:33 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 23:33 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 23:11 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-14 23:11 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-14 23:11 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-14 23:11 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-14 23:11 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-14 23:11 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-14 23:11 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-14 23:11 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-14 23:11 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-14 23:11 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-14 23:11 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-14 23:10 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-14 23:10 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-14 21:54 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-14 21:54 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-14 21:54 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-14 21:54 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-14 21:54 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-14 21:54 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-14 21:54 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-14 21:54 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-14 21:54 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-14 21:54 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-14 21:54 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-14 21:54 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-14 21:54 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-14 21:54 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-14 21:54 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-14 21:54 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-14 21:54 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-14 21:54 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-14 21:54 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-14 21:54 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-14 21:53 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-14 21:53 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-14 21:53 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-14 21:53 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-14 21:53 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-14 21:53 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-14 21:53 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-14 21:53 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-14 21:53 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-14 21:53 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-14 21:53 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-14 21:53 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-14 21:53 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-14 21:53 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-14 21:53 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-14 21:53 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-14 21:53 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-14 21:53 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-14 21:52 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-14 21:52 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-14 21:52 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-14 21:52 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-14 21:52 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-14 21:52 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-14 21:52 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-14 21:52 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-14 21:52 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-14 21:52 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-14 21:52 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-14 21:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-14 21:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-14 21:52 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-14 21:52 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-14 21:52 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-14 21:52 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-14 21:52 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-14 21:51 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-14 21:51 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-14 21:51 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-14 21:51 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-14 21:51 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-14 21:51 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-14 21:51 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-14 21:51 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-14 21:51 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-14 21:51 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-14 21:51 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-14 21:51 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 12:15 - 2015-08-11 12:33 - 322365440 _____ C:\Users\Ajka4\Downloads\[l33t-raws]Kashimashi_-_Girl_Meets_Girl_03_(640x480_LameVBR_WMV9).[F908DB60].avi
2015-08-11 11:43 - 2015-08-11 11:58 - 271104000 _____ C:\Users\Ajka4\Downloads\[l33t-raws]Kashimashi_-_Girl_Meets_Girl_02_(640x480_DivX521).[5C4F0038].avi
2015-08-09 22:32 - 2015-08-09 22:32 - 00080302 _____ C:\Users\Ajka4\Downloads\Jenny's-Wedding-CZ-Titulky.srt
2015-08-06 13:31 - 2015-08-06 13:31 - 00000000 ____D C:\Users\Ajka4\AppData\Local\CEF
2015-08-06 11:27 - 2008-06-05 11:10 - 00003096 _____ C:\Users\Ajka4\Downloads\Heroes3C_registry.reg
2015-08-06 11:27 - 2001-11-11 14:14 - 02732032 _____ (The 3DO Company) C:\Users\Ajka4\Downloads\Heroes3.exe
2015-08-05 23:29 - 2015-08-05 23:29 - 00000000 ____D C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-08-05 23:25 - 2015-08-05 23:25 - 00000000 ____D C:\ProgramData\InstallShield
2015-08-05 23:19 - 2013-02-06 18:32 - 1031634944 _____ C:\Users\Ajka4\Downloads\Heroes of Might and Magic 3 Complete (2000) game+CZ.iso
2015-07-31 18:43 - 2015-07-31 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F4V Player
2015-07-31 18:43 - 2015-07-31 18:43 - 00000000 ____D C:\Program Files (x86)\F4V Player
2015-07-31 18:42 - 2015-07-31 18:43 - 06617154 _____ (www.f4vplayer.com ) C:\Users\Ajka4\Downloads\f4vplayer_setup.exe
2015-07-31 16:08 - 2015-07-31 16:08 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-07-31 16:08 - 2015-07-31 16:08 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-07-31 15:35 - 2015-07-31 15:35 - 06420480 _____ C:\Program Files (x86)\GUT1E3.tmp
2015-07-31 15:35 - 2015-07-31 15:35 - 00000000 ____D C:\Program Files (x86)\GUM1E2.tmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-30 21:20 - 2014-05-28 18:21 - 01263398 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-30 21:16 - 2014-05-28 19:04 - 00000000 ___DO C:\Users\Ajka4\OneDrive
2015-08-30 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-30 20:58 - 2014-05-20 19:05 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 20:55 - 2015-07-14 18:07 - 00000000 ____D C:\Users\Ajka4\AppData\Roaming\Skype
2015-08-30 20:53 - 2014-05-20 19:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-30 20:52 - 2014-05-21 19:02 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-30 20:52 - 2014-05-12 17:41 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2240536896-2200728666-304725237-1002
2015-08-30 20:48 - 2014-10-09 18:27 - 00000000 ____D C:\ProgramData\Origin
2015-08-30 20:48 - 2013-11-02 08:30 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-08-30 20:47 - 2014-06-22 11:23 - 00000000 ____D C:\Users\Public\Windows
2015-08-30 20:46 - 2014-05-20 19:05 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 20:46 - 2013-02-22 15:59 - 00000983 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-08-30 20:44 - 2013-09-08 11:36 - 00000000 ____D C:\ProgramData\PDFC
2015-08-30 20:43 - 2013-11-02 08:30 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-08-30 20:43 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-30 20:42 - 2013-08-22 16:46 - 00329316 _____ C:\WINDOWS\setupact.log
2015-08-30 20:41 - 2013-08-22 15:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-08-30 19:42 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-30 13:59 - 2014-05-20 19:10 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 16:31 - 2014-05-12 18:37 - 00000332 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2015-08-21 16:05 - 2014-03-18 17:33 - 01938474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-21 16:05 - 2014-03-18 16:54 - 00803244 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-21 16:05 - 2014-03-18 16:54 - 00184236 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-21 12:37 - 2014-07-09 15:23 - 690685340 _____ C:\WINDOWS\MEMORY.DMP
2015-08-21 12:37 - 2014-07-09 15:23 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-20 14:00 - 2014-05-25 21:31 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-19 13:24 - 2014-08-19 12:34 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-08-19 12:22 - 2015-01-13 21:47 - 00281803 _____ C:\WINDOWS\system32\ScanResults.xml
2015-08-19 12:14 - 2015-01-13 21:41 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings
2015-08-19 10:18 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-16 18:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-15 16:10 - 2014-05-25 21:31 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-15 09:55 - 2013-08-22 16:44 - 00346656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-15 09:53 - 2014-12-23 15:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-15 09:53 - 2014-12-23 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-14 23:51 - 2015-04-16 22:59 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 23:51 - 2015-03-15 01:26 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 23:32 - 2014-12-23 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-14 23:30 - 2014-05-15 20:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-14 23:22 - 2014-05-15 20:19 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 22:52 - 2014-05-21 19:02 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-11 15:28 - 2015-07-14 18:06 - 00000000 ____D C:\ProgramData\Skype
2015-08-10 01:23 - 2014-05-28 18:03 - 00000000 ____D C:\Users\Ajka4
2015-08-09 11:27 - 2014-10-09 18:27 - 00000000 ____D C:\Program Files (x86)\Origin
2015-08-09 11:16 - 2014-03-18 09:20 - 00186362 _____ C:\WINDOWS\PFRO.log
2015-08-08 15:55 - 2015-06-10 06:52 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-06-10 06:52 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 12:59 - 2014-05-28 18:52 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 12:56 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 11:41 - 2014-07-31 07:39 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-07 11:41 - 2014-06-22 11:35 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-06 14:18 - 2014-08-19 12:34 - 00000000 ____D C:\Users\Ajka4\Documents\My Games
2015-08-06 14:15 - 2015-01-05 19:33 - 00000000 ____D C:\Users\Ajka4\AppData\Local\The Witcher
2015-08-06 13:32 - 2014-11-08 16:07 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-06 12:50 - 2013-09-08 11:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-06 12:49 - 2014-12-19 23:36 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-08-06 12:46 - 2014-10-10 05:28 - 00000000 ____D C:\Users\Ajka4\Documents\BioWare
2015-08-06 11:01 - 2014-05-16 16:28 - 00000000 ____D C:\Games
2015-08-05 21:06 - 2014-05-31 12:08 - 00003958 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E4D12A9D-3702-4B86-BF52-F1A2D5C9C7D7}
2015-08-02 08:45 - 2014-08-04 11:32 - 00585728 ___SH C:\Users\Ajka4\Downloads\Thumbs.db
2015-08-01 21:58 - 2014-10-10 06:08 - 00000304 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-07-31 17:52 - 2015-04-09 19:28 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-31 17:50 - 2015-04-09 19:28 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-31 16:08 - 2014-05-25 21:31 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-31 15:53 - 2014-05-20 19:05 - 00003944 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-31 15:53 - 2014-05-20 19:05 - 00003708 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2015-07-31 15:35 - 2015-07-31 15:35 - 6420480 _____ () C:\Program Files (x86)\GUT1E3.tmp
2015-08-30 21:21 - 2015-08-30 21:21 - 0029696 _____ () C:\Users\Ajka4\AppData\Local\MSGBOX.EXE
2015-04-19 16:40 - 2015-04-19 16:40 - 0000218 _____ () C:\Users\Ajka4\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
C:\Users\Ajka4\AppData\Local\Temp\AskSLib.dll
C:\Users\Ajka4\AppData\Local\Temp\bdfilters.dll
C:\Users\Ajka4\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Ajka4\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Ajka4\AppData\Local\Temp\ExPromo.exe
C:\Users\Ajka4\AppData\Local\Temp\GrLauncherTempSetup.exe
C:\Users\Ajka4\AppData\Local\Temp\ICReinstall_installer_minecraft_English.exe
C:\Users\Ajka4\AppData\Local\Temp\installer_minecraft_English.exe
C:\Users\Ajka4\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Ajka4\AppData\Local\Temp\NSISPromotionEx.dll
C:\Users\Ajka4\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Ajka4\AppData\Local\Temp\sqlite3.dll
C:\Users\Ajka4\AppData\Local\Temp\SRLDetectionLibrary3510591322360735803.dll
C:\Users\Ajka4\AppData\Local\Temp\_isA04C.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-30 12:52
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
Ran by Ajka4 (administrator) on KATIE (30-08-2015 21:21:51)
Running from C:\Users\Ajka4\Desktop
Loaded Profiles: Ajka4 (Available Profiles: Ajka4 & Michaela)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(forum.viry.cz) C:\Users\Ajka4\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [144456 2013-03-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-04] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-01-02] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-01-31] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-30] (AVAST Software)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2015-01-10] (NCSOFT Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [Windows] => C:\Users\Public\Windows\downloadll.vbs [81 2014-05-08] ()
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-08-09] (Electronic Arts)
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-31] (AVAST Software)
Startup: C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Automatické vypnutí počítače.lnk [2015-07-11]
ShortcutTarget: Automatické vypnutí počítače.lnk -> C:\Program Files (x86)\Automatické vypnutí počítače\avp.exe (No File)
Startup: C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin.LNK [2015-08-30]
ShortcutTarget: Registration Assassin.LNK -> C:\Program Files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe (Ubisoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42C36156-2BE2-4701-B583-082A95576575}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F2FECA00-B700-45EC-9558-28A6D8183259}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-31] (AVAST Software)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-03-06] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-07] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Ajka4\AppData\Roaming\Mozilla\Firefox\Profiles\ekpb2f89.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2013-02-27] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2240536896-2200728666-304725237-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ajka4\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-09] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-25]
Chrome:
=======
CHR Profile: C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-20]
CHR Extension: (Google Search) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20]
CHR Extension: (Gmail) - C:\Users\Ajka4\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2013-02-27]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2015-03-09] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [491320 2013-03-12] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [357816 2012-12-19] (Hewlett-Packard Development Company, L.P.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [553248 2013-01-31] (Hewlett-Packard Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-09] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135752 2013-02-07] (PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-04] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-28] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-31] (AVAST Software)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-05] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-03-18] (WinMagic, Inc.)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243144 2013-03-07] (Realtek Semiconductor Corp.)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [212672 2013-03-27] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131928 2013-01-07] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-02-08] (Hewlett-Packard Development Company, L.P.)
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-30 21:21 - 2015-08-30 21:21 - 00029696 _____ C:\Users\Ajka4\AppData\Local\MSGBOX.EXE
2015-08-30 21:21 - 2015-08-30 21:21 - 00021368 _____ C:\Users\Ajka4\Desktop\FRST.txt
2015-08-30 21:21 - 2015-08-30 21:21 - 00015327 _____ C:\Users\Ajka4\Desktop\LM.bat
2015-08-30 21:16 - 2015-08-30 21:16 - 00112640 _____ (forum.viry.cz) C:\Users\Ajka4\Desktop\FRSTLauncher.exe
2015-08-30 20:31 - 2015-08-30 20:40 - 00000000 ____D C:\AdwCleaner
2015-08-30 20:30 - 2015-08-30 20:30 - 01618432 _____ C:\Users\Ajka4\Desktop\adwcleaner_5.004.exe
2015-08-30 19:39 - 2015-08-30 19:39 - 00025245 _____ C:\Users\Ajka4\Desktop\Addition.rar
2015-08-30 19:34 - 2015-08-30 21:19 - 00102630 _____ C:\Users\Ajka4\Desktop\FRST3-původní.txt
2015-08-30 19:31 - 2015-08-30 21:21 - 00000000 ____D C:\FRST
2015-08-30 19:22 - 2015-08-30 19:22 - 02188288 _____ (Farbar) C:\Users\Ajka4\Desktop\FRST64.exe
2015-08-30 15:45 - 2015-08-30 20:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-30 12:41 - 2015-08-30 20:44 - 00001078 _____ C:\WINDOWS\system32dbgraw.bmp
2015-08-21 12:37 - 2015-08-21 12:37 - 00756232 _____ C:\WINDOWS\Minidump\082115-43562-01.dmp
2015-08-21 10:24 - 2015-08-30 18:10 - 00014197 _____ C:\Users\Ajka4\Downloads\hijackthis.log
2015-08-21 10:23 - 2015-08-21 10:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ajka4\Downloads\hijackthis.exe
2015-08-20 23:11 - 2015-08-20 23:11 - 00019529 _____ C:\Users\Ajka4\Downloads\Fragile.mobi
2015-08-20 23:07 - 2015-08-20 23:07 - 00034952 _____ C:\Users\Ajka4\Downloads\Colors.mobi
2015-08-20 23:05 - 2015-08-20 23:05 - 00014251 _____ C:\Users\Ajka4\Downloads\Time Enough at Last.mobi
2015-08-20 23:05 - 2015-08-20 23:05 - 00013075 _____ C:\Users\Ajka4\Downloads\Destined by the Stars.mobi
2015-08-20 23:04 - 2015-08-20 23:04 - 00024381 _____ C:\Users\Ajka4\Downloads\Heaven Knows We Belong Way.mobi
2015-08-20 23:03 - 2015-08-20 23:03 - 00009311 _____ C:\Users\Ajka4\Downloads\On the edge of the abyss.mobi
2015-08-20 22:49 - 2015-08-20 22:49 - 00057663 _____ C:\Users\Ajka4\Downloads\A Lesson in Shipboard Discipline.mobi
2015-08-20 22:49 - 2015-08-20 22:49 - 00048008 _____ C:\Users\Ajka4\Downloads\Biotics Uncontrolled.mobi
2015-08-20 22:48 - 2015-08-20 22:48 - 00059285 _____ C:\Users\Ajka4\Downloads\A Minor Inconvenience.mobi
2015-08-20 22:47 - 2015-08-20 22:47 - 00013697 _____ C:\Users\Ajka4\Downloads\Damage.mobi
2015-08-20 22:46 - 2015-08-20 22:46 - 00014976 _____ C:\Users\Ajka4\Downloads\Surrender.mobi
2015-08-20 22:44 - 2015-08-20 22:44 - 00017491 _____ C:\Users\Ajka4\Downloads\And From the Darkness.mobi
2015-08-20 22:39 - 2015-08-20 22:39 - 00008896 _____ C:\Users\Ajka4\Downloads\Protection.mobi
2015-08-20 22:37 - 2015-08-20 22:37 - 00012941 _____ C:\Users\Ajka4\Downloads\Times Gone By.mobi
2015-08-20 22:34 - 2015-08-20 22:34 - 00040787 _____ C:\Users\Ajka4\Downloads\The Lives of Survivors.mobi
2015-08-20 22:32 - 2015-08-20 22:33 - 00006083 _____ C:\Users\Ajka4\Downloads\Ralice Drabble Collection.mobi
2015-08-20 22:18 - 2015-08-30 15:11 - 00007026 _____ C:\Users\Ajka4\Downloads\RESIDENT-EVIL-APOCALYPSA-Akční-Sci-fi-Horor,CZ-Dub.AVI
2015-08-19 10:16 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 10:16 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-18 17:53 - 2015-08-18 18:19 - 469667150 _____ C:\Users\Ajka4\Downloads\az-po-usi-13.avi
2015-08-17 16:30 - 2015-08-17 16:53 - 417322810 _____ C:\Users\Ajka4\Downloads\az-po-usi-12.avi
2015-08-16 22:06 - 2015-08-16 23:25 - 1404224818 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E11S01-TV-seriál-2014,-CZ.mkv
2015-08-16 21:32 - 2015-08-16 21:54 - 392568084 _____ C:\Users\Ajka4\Downloads\az-po-usi-11.avi
2015-08-16 20:46 - 2015-08-16 21:14 - 486283460 _____ C:\Users\Ajka4\Downloads\az-po-usi-10.avi
2015-08-16 17:18 - 2015-08-16 18:35 - 1353547052 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E09S01-TV-seriál-2014,-CZ.mkv
2015-08-16 14:22 - 2015-08-16 15:40 - 1405689018 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E08S01-TV-seriál-2014,-CZ.mkv
2015-08-16 12:44 - 2015-08-16 14:20 - 1386047041 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E07S01-TV-seriál-2014,-CZ.mkv
2015-08-16 11:02 - 2015-08-16 12:23 - 1429301359 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E06S01-TV-seriál-2014,-CZ.mkv
2015-08-16 09:13 - 2015-08-16 10:40 - 1531574222 _____ C:\Users\Ajka4\Downloads\Až-po-uši-E05S01-TV-seriál-2014,-CZ.mkv
2015-08-14 23:33 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 23:33 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 23:11 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-14 23:11 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-14 23:11 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-14 23:11 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-14 23:11 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-14 23:11 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-14 23:11 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-14 23:11 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-14 23:11 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-14 23:11 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-14 23:11 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-14 23:11 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-14 23:10 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-14 23:10 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-14 21:54 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-14 21:54 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-14 21:54 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-14 21:54 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-14 21:54 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-14 21:54 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-14 21:54 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-14 21:54 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-14 21:54 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-14 21:54 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-14 21:54 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-14 21:54 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-14 21:54 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-14 21:54 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-14 21:54 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-14 21:54 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-14 21:54 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-14 21:54 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-14 21:54 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-14 21:54 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-14 21:54 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-14 21:53 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-14 21:53 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-14 21:53 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-14 21:53 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-14 21:53 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-14 21:53 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-14 21:53 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-14 21:53 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-14 21:53 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-14 21:53 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-14 21:53 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-14 21:53 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-14 21:53 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-14 21:53 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-14 21:53 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-14 21:53 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-14 21:53 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-14 21:53 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-14 21:52 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-14 21:52 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-14 21:52 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-14 21:52 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-14 21:52 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-14 21:52 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-14 21:52 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-14 21:52 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-14 21:52 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-14 21:52 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-14 21:52 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-14 21:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-14 21:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-14 21:52 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-14 21:52 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-14 21:52 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-14 21:52 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-14 21:52 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-14 21:51 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-14 21:51 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-14 21:51 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-14 21:51 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-14 21:51 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-14 21:51 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-14 21:51 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-14 21:51 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-14 21:51 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-14 21:51 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-14 21:51 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-14 21:51 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 12:15 - 2015-08-11 12:33 - 322365440 _____ C:\Users\Ajka4\Downloads\[l33t-raws]Kashimashi_-_Girl_Meets_Girl_03_(640x480_LameVBR_WMV9).[F908DB60].avi
2015-08-11 11:43 - 2015-08-11 11:58 - 271104000 _____ C:\Users\Ajka4\Downloads\[l33t-raws]Kashimashi_-_Girl_Meets_Girl_02_(640x480_DivX521).[5C4F0038].avi
2015-08-09 22:32 - 2015-08-09 22:32 - 00080302 _____ C:\Users\Ajka4\Downloads\Jenny's-Wedding-CZ-Titulky.srt
2015-08-06 13:31 - 2015-08-06 13:31 - 00000000 ____D C:\Users\Ajka4\AppData\Local\CEF
2015-08-06 11:27 - 2008-06-05 11:10 - 00003096 _____ C:\Users\Ajka4\Downloads\Heroes3C_registry.reg
2015-08-06 11:27 - 2001-11-11 14:14 - 02732032 _____ (The 3DO Company) C:\Users\Ajka4\Downloads\Heroes3.exe
2015-08-05 23:29 - 2015-08-05 23:29 - 00000000 ____D C:\Users\Ajka4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-08-05 23:25 - 2015-08-05 23:25 - 00000000 ____D C:\ProgramData\InstallShield
2015-08-05 23:19 - 2013-02-06 18:32 - 1031634944 _____ C:\Users\Ajka4\Downloads\Heroes of Might and Magic 3 Complete (2000) game+CZ.iso
2015-07-31 18:43 - 2015-07-31 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F4V Player
2015-07-31 18:43 - 2015-07-31 18:43 - 00000000 ____D C:\Program Files (x86)\F4V Player
2015-07-31 18:42 - 2015-07-31 18:43 - 06617154 _____ (www.f4vplayer.com ) C:\Users\Ajka4\Downloads\f4vplayer_setup.exe
2015-07-31 16:08 - 2015-07-31 16:08 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-07-31 16:08 - 2015-07-31 16:08 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-07-31 15:35 - 2015-07-31 15:35 - 06420480 _____ C:\Program Files (x86)\GUT1E3.tmp
2015-07-31 15:35 - 2015-07-31 15:35 - 00000000 ____D C:\Program Files (x86)\GUM1E2.tmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-30 21:20 - 2014-05-28 18:21 - 01263398 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-30 21:16 - 2014-05-28 19:04 - 00000000 ___DO C:\Users\Ajka4\OneDrive
2015-08-30 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-30 20:58 - 2014-05-20 19:05 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 20:55 - 2015-07-14 18:07 - 00000000 ____D C:\Users\Ajka4\AppData\Roaming\Skype
2015-08-30 20:53 - 2014-05-20 19:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-30 20:52 - 2014-05-21 19:02 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-30 20:52 - 2014-05-12 17:41 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2240536896-2200728666-304725237-1002
2015-08-30 20:48 - 2014-10-09 18:27 - 00000000 ____D C:\ProgramData\Origin
2015-08-30 20:48 - 2013-11-02 08:30 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-08-30 20:47 - 2014-06-22 11:23 - 00000000 ____D C:\Users\Public\Windows
2015-08-30 20:46 - 2014-05-20 19:05 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 20:46 - 2013-02-22 15:59 - 00000983 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-08-30 20:44 - 2013-09-08 11:36 - 00000000 ____D C:\ProgramData\PDFC
2015-08-30 20:43 - 2013-11-02 08:30 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-08-30 20:43 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-30 20:42 - 2013-08-22 16:46 - 00329316 _____ C:\WINDOWS\setupact.log
2015-08-30 20:41 - 2013-08-22 15:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-08-30 19:42 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-30 13:59 - 2014-05-20 19:10 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 16:31 - 2014-05-12 18:37 - 00000332 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2015-08-21 16:05 - 2014-03-18 17:33 - 01938474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-21 16:05 - 2014-03-18 16:54 - 00803244 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-21 16:05 - 2014-03-18 16:54 - 00184236 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-21 12:37 - 2014-07-09 15:23 - 690685340 _____ C:\WINDOWS\MEMORY.DMP
2015-08-21 12:37 - 2014-07-09 15:23 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-20 14:00 - 2014-05-25 21:31 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-19 13:24 - 2014-08-19 12:34 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-08-19 12:22 - 2015-01-13 21:47 - 00281803 _____ C:\WINDOWS\system32\ScanResults.xml
2015-08-19 12:14 - 2015-01-13 21:41 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings
2015-08-19 10:18 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-16 18:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-15 16:10 - 2014-05-25 21:31 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-15 09:55 - 2013-08-22 16:44 - 00346656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-15 09:53 - 2014-12-23 15:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-15 09:53 - 2014-12-23 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-14 23:51 - 2015-04-16 22:59 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 23:51 - 2015-03-15 01:26 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 23:32 - 2014-12-23 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-14 23:30 - 2014-05-15 20:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-14 23:22 - 2014-05-15 20:19 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 22:52 - 2014-05-21 19:02 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-11 15:28 - 2015-07-14 18:06 - 00000000 ____D C:\ProgramData\Skype
2015-08-10 01:23 - 2014-05-28 18:03 - 00000000 ____D C:\Users\Ajka4
2015-08-09 11:27 - 2014-10-09 18:27 - 00000000 ____D C:\Program Files (x86)\Origin
2015-08-09 11:16 - 2014-03-18 09:20 - 00186362 _____ C:\WINDOWS\PFRO.log
2015-08-08 15:55 - 2015-06-10 06:52 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-06-10 06:52 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 12:59 - 2014-05-28 18:52 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 12:56 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 11:41 - 2014-07-31 07:39 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-07 11:41 - 2014-06-22 11:35 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-06 14:18 - 2014-08-19 12:34 - 00000000 ____D C:\Users\Ajka4\Documents\My Games
2015-08-06 14:15 - 2015-01-05 19:33 - 00000000 ____D C:\Users\Ajka4\AppData\Local\The Witcher
2015-08-06 13:32 - 2014-11-08 16:07 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-06 12:50 - 2013-09-08 11:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-06 12:49 - 2014-12-19 23:36 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-08-06 12:46 - 2014-10-10 05:28 - 00000000 ____D C:\Users\Ajka4\Documents\BioWare
2015-08-06 11:01 - 2014-05-16 16:28 - 00000000 ____D C:\Games
2015-08-05 21:06 - 2014-05-31 12:08 - 00003958 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E4D12A9D-3702-4B86-BF52-F1A2D5C9C7D7}
2015-08-02 08:45 - 2014-08-04 11:32 - 00585728 ___SH C:\Users\Ajka4\Downloads\Thumbs.db
2015-08-01 21:58 - 2014-10-10 06:08 - 00000304 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-07-31 17:52 - 2015-04-09 19:28 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-31 17:50 - 2015-04-09 19:28 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-31 16:08 - 2014-05-25 21:31 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-31 16:08 - 2014-05-25 21:31 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-31 15:53 - 2014-05-20 19:05 - 00003944 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-31 15:53 - 2014-05-20 19:05 - 00003708 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2015-07-31 15:35 - 2015-07-31 15:35 - 6420480 _____ () C:\Program Files (x86)\GUT1E3.tmp
2015-08-30 21:21 - 2015-08-30 21:21 - 0029696 _____ () C:\Users\Ajka4\AppData\Local\MSGBOX.EXE
2015-04-19 16:40 - 2015-04-19 16:40 - 0000218 _____ () C:\Users\Ajka4\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
C:\Users\Ajka4\AppData\Local\Temp\AskSLib.dll
C:\Users\Ajka4\AppData\Local\Temp\bdfilters.dll
C:\Users\Ajka4\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Ajka4\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Ajka4\AppData\Local\Temp\ExPromo.exe
C:\Users\Ajka4\AppData\Local\Temp\GrLauncherTempSetup.exe
C:\Users\Ajka4\AppData\Local\Temp\ICReinstall_installer_minecraft_English.exe
C:\Users\Ajka4\AppData\Local\Temp\installer_minecraft_English.exe
C:\Users\Ajka4\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Ajka4\AppData\Local\Temp\NSISPromotionEx.dll
C:\Users\Ajka4\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Ajka4\AppData\Local\Temp\sqlite3.dll
C:\Users\Ajka4\AppData\Local\Temp\SRLDetectionLibrary3510591322360735803.dll
C:\Users\Ajka4\AppData\Local\Temp\_isA04C.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-30 12:52
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (24.01 KiB) Staženo 52 x
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: hijackthis pomalé stahování
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
C:\Program Files (x86)\GUT1E3.tmp
C:\Program Files (x86)\GUM1E2.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Ajka4\AppData\Local\Temp
AlternateDataStreams: C:\Users\Ajka4\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Michaela\OneDrive:ms-properties
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: hijackthis pomalé stahování
Fix result of Farbar Recovery Scan Tool (x64) Version:30-08-2015
Ran by Ajka4 (2015-08-30 22:55:21) Run:1
Running from C:\Users\Ajka4\Desktop
Loaded Profiles: Ajka4 (Available Profiles: Ajka4 & Michaela)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
C:\Program Files (x86)\GUT1E3.tmp
C:\Program Files (x86)\GUM1E2.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Ajka4\AppData\Local\Temp
AlternateDataStreams: C:\Users\Ajka4\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Michaela\OneDrive:ms-properties
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
C:\Program Files (x86)\GUT1E3.tmp => moved successfully
C:\Program Files (x86)\GUM1E2.tmp => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
"C:\Users\Ajka4\AppData\Local\Temp" folder move:
Could not move "C:\Users\Ajka4\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Users\Ajka4\OneDrive => ":ms-properties" ADS removed successfully.
"C:\Users\Michaela\OneDrive" => ":ms-properties" ADS not found.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-30 22:59:03)<=
C:\Users\Ajka4\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:59:04 ====
Ran by Ajka4 (2015-08-30 22:55:21) Run:1
Running from C:\Users\Ajka4\Desktop
Loaded Profiles: Ajka4 (Available Profiles: Ajka4 & Michaela)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
C:\Program Files (x86)\GUT1E3.tmp
C:\Program Files (x86)\GUM1E2.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Ajka4\AppData\Local\Temp
AlternateDataStreams: C:\Users\Ajka4\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Michaela\OneDrive:ms-properties
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2240536896-2200728666-304725237-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
C:\Program Files (x86)\GUT1E3.tmp => moved successfully
C:\Program Files (x86)\GUM1E2.tmp => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
"C:\Users\Ajka4\AppData\Local\Temp" folder move:
Could not move "C:\Users\Ajka4\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Users\Ajka4\OneDrive => ":ms-properties" ADS removed successfully.
"C:\Users\Michaela\OneDrive" => ":ms-properties" ADS not found.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-30 22:59:03)<=
C:\Users\Ajka4\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:59:04 ====
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: hijackthis pomalé stahování
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: hijackthis pomalé stahování
ne je to pořád stejně pomalý
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: hijackthis pomalé stahování
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: hijackthis pomalé stahování
A nevadí, že už mám nainstalovaný avast?
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: hijackthis pomalé stahování
Nevadí. MBAM v této verzi je skener (nemá razidentní štít).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: hijackthis pomalé stahování
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 6. 9. 2015
Čas skenování: 13:30
Protokol: MBAM.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.06.03
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ajka4
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 439673
Uplynulý čas: 43 min, 59 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 7
PUP.Optional.OpenCandy, C:\Users\Ajka4\Downloads\directx-1.0.exe, , [b6f534f80e7d39fd44e61a6f85809d63],
PUP.Optional.InstallRex, C:\Users\Ajka4\Downloads\converted file(1).exe, , [109bc9636724fc3abe43496ef20f7e82],
PUP.Optional.InstallRex, C:\Users\Ajka4\Downloads\converted file.exe, , [a407c26a1a7144f2739d1a9dd42de11f],
PUP.Optional.InstallCore, C:\Users\Ajka4\Downloads\installer_minecraft_English.exe, , [406bd953b0db80b637e292402fd54db3],
PUP.Optional.InstallRex, C:\Users\Ajka4\Downloads\lost-girl-destinys-child-cze-5496911.exe, , [852654d84f3c6ec8f51b566155acb34d],
PUP.Optional.OpenCandy, C:\Users\Ajka4\Downloads\GOMPLAYERENSETUP.EXE, , [bdeed557d8b3d0665cce206913f2ac54],
PUP.Proxy.BCM, C:\Users\Public\Windows\mining_proxy.exe, , [02a9f6365734ff3747e334e2b14fa15f],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 6. 9. 2015
Čas skenování: 13:30
Protokol: MBAM.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.06.03
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ajka4
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 439673
Uplynulý čas: 43 min, 59 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 7
PUP.Optional.OpenCandy, C:\Users\Ajka4\Downloads\directx-1.0.exe, , [b6f534f80e7d39fd44e61a6f85809d63],
PUP.Optional.InstallRex, C:\Users\Ajka4\Downloads\converted file(1).exe, , [109bc9636724fc3abe43496ef20f7e82],
PUP.Optional.InstallRex, C:\Users\Ajka4\Downloads\converted file.exe, , [a407c26a1a7144f2739d1a9dd42de11f],
PUP.Optional.InstallCore, C:\Users\Ajka4\Downloads\installer_minecraft_English.exe, , [406bd953b0db80b637e292402fd54db3],
PUP.Optional.InstallRex, C:\Users\Ajka4\Downloads\lost-girl-destinys-child-cze-5496911.exe, , [852654d84f3c6ec8f51b566155acb34d],
PUP.Optional.OpenCandy, C:\Users\Ajka4\Downloads\GOMPLAYERENSETUP.EXE, , [bdeed557d8b3d0665cce206913f2ac54],
PUP.Proxy.BCM, C:\Users\Public\Windows\mining_proxy.exe, , [02a9f6365734ff3747e334e2b14fa15f],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Přispějete na provoz fóra?