Dobrý den,
prosím o kontrolu logu.
Děkuji Petra
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-10-2015
Ran by Honza (administrator) on HONZA-PC (17-10-2015 08:34:10)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 7 Home Premium (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1022368 2009-08-22] (Trend Micro Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-02] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [202256 2010-06-01] (RealNetworks, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3508624 2011-12-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6134544 2015-10-15] (AVAST Software)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3778472 2015-10-05] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3882312 2008-12-02] (Microsoft Corporation)
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o.)
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\Run: [KiesHelper] => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [937360 2011-12-28] (Samsung)
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2011-12-28] ()
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {5ea5e2bb-0e81-11df-b0a4-90e6ba1d92a0} - F:\Autorun.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {9046e844-cda5-11e2-9633-90e6ba1d92a0} - G:\AutoRun.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {faf8ed90-373b-11df-aca8-90e6ba1d92a0} - "G:\WD SmartWare.exe" autoplay=true
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-10-15] (AVAST Software)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-15] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-02] ()
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2009-09-09]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2009-09-09]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{618C7D2E-84F3-4EBD-95CB-0B82486FE699}: [NameServer] 160.218.10.200 160.218.43.200
Tcpip\..\Interfaces\{AF2B64A7-67E4-414F-87F6-B5D145E89ADD}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={16A01CB8-2C44-4828-B689-BF0D6F8BF102}&mid=754eef40eae247cdac0d41affcf97b53-6faf8dded4f2452d920a1669f4281325c5099667&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-02-15 08:25:22&v=4.1.6.294&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-10-15] (AVAST Software)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-01] (RealPlayer)
BHO-x32: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-10-15] (AVAST Software)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-11-05] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-11-05] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-11-05] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\z2s7bydk.default
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: ICQ Search
FF Homepage: hxxp://www.seznam.cz/
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll [2015-10-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll [2011-01-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2010-06-01] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=1.0.3.732 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2010-06-01] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2010-06-01] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll [2010-06-01] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2012-04-04] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-06-01] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2010-06-01] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-06-01] (RealNetworks, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml [2012-04-04]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml [2012-04-04]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-06-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2014-08-03]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\z2s7bydk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [not found]
FF Extension: No Name - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [not found]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2010-01-30]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2010-01-30]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2010-01-30]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2010-01-30]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\pdf.dll => No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\gears.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\gcswf32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll => No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => No File
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-02-06]
CHR Extension: (Avast Online Security) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-14]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-07-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-07-01]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-06-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [122608 2011-03-08] (Gemfor s.r.o.)
R2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-14] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-10-15] (AVAST Software)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3642280 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-10-10] ()
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-15] (AVAST Software)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [314800 2015-10-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-17] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-01-31] () [File not signed]
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [203320 2011-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
U3 a2td4ifl; C:\Windows\System32\Drivers\a2td4ifl.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-17 08:34 - 2015-10-17 08:35 - 00025353 _____ C:\Users\Honza\Desktop\FRST.txt
2015-10-17 08:33 - 2015-10-17 08:34 - 00000000 ____D C:\FRST
2015-10-17 08:33 - 2015-10-17 08:33 - 01700352 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2015-10-17 08:31 - 2015-10-17 08:31 - 00001425 _____ C:\Users\Honza\Desktop\iexplore – zástupce.lnk
2015-10-17 08:30 - 2015-10-17 08:30 - 00112640 _____ C:\Users\Honza\Desktop\FRSTLauncher.exe
2015-10-17 08:27 - 2015-10-17 08:28 - 02196480 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2015-10-15 18:25 - 2015-10-15 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-10-15 18:25 - 2015-10-15 18:25 - 00000000 ____D C:\Program Files (x86)\HD Tune
2015-10-15 18:24 - 2015-10-15 18:23 - 08000768 _____ C:\Users\Honza\Desktop\hdtune_255.exe
2015-10-15 18:14 - 2015-10-17 03:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-15 18:13 - 2015-10-15 18:13 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-15 18:13 - 2015-10-15 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-15 18:13 - 2015-10-15 18:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-15 18:13 - 2015-10-15 18:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-15 18:13 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-15 18:13 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-15 18:13 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-15 18:06 - 2015-10-15 18:08 - 00000000 ____D C:\AdwCleaner
2015-10-15 16:45 - 2015-10-15 16:45 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-15 16:45 - 2015-10-15 16:45 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-05 11:14 - 2015-10-05 11:14 - 00314800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-17 08:26 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-17 08:26 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-17 08:22 - 2009-09-09 10:11 - 01322708 _____ C:\Windows\WindowsUpdate.log
2015-10-17 08:22 - 2009-07-14 06:51 - 00574974 _____ C:\Windows\setupact.log
2015-10-17 08:17 - 2010-05-15 11:25 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-17 08:13 - 2010-05-15 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-17 08:13 - 2010-05-15 11:24 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-17 08:06 - 2015-02-15 08:59 - 00000000 ____D C:\ProgramData\MFAData
2015-10-17 07:50 - 2014-12-22 01:01 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-17 06:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-10-16 16:52 - 2010-02-16 18:29 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{415E2236-9292-44B8-A602-C83B70308C62}
2015-10-16 09:17 - 2010-05-15 11:24 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-15 19:22 - 2010-03-20 16:28 - 00000000 ____D C:\Program Files (x86)\Nokia
2015-10-15 19:21 - 2010-03-20 16:34 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Nokia
2015-10-15 19:15 - 2009-09-09 10:40 - 00000000 ____D C:\ProgramData\Adobe
2015-10-15 19:15 - 2009-09-09 10:40 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-15 19:14 - 2010-02-01 21:32 - 00000000 ____D C:\Users\Honza\AppData\Local\Adobe
2015-10-15 18:58 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-15 18:12 - 2009-09-09 10:53 - 00003092 _____ C:\Windows\System32\Tasks\WC3
2015-10-15 18:12 - 2009-09-09 10:53 - 00003070 _____ C:\Windows\System32\Tasks\ACMON
2015-10-15 18:11 - 2010-01-27 18:03 - 00000000 ____D C:\Users\Honza\Tracing
2015-10-15 18:10 - 2012-07-28 22:27 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-10-15 18:10 - 2009-09-09 10:54 - 00000062 _____ C:\Windows\system32\BootTime.ini
2015-10-15 18:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-15 18:07 - 2009-08-03 22:00 - 08109710 _____ C:\Windows\system32\perfh005.dat
2015-10-15 18:07 - 2009-08-03 22:00 - 02734958 _____ C:\Windows\system32\perfc005.dat
2015-10-15 18:07 - 2009-07-14 07:13 - 00004572 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-15 16:49 - 2009-09-09 10:55 - 00233016 _____ C:\Windows\PFRO.log
2015-10-15 16:49 - 2009-09-09 10:54 - 00001589 _____ C:\Windows\system32\ServiceFilter.ini
2015-10-15 16:46 - 2014-08-03 19:31 - 00003926 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-15 16:45 - 2014-08-03 19:36 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-15 16:45 - 2014-08-03 19:36 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-15 16:45 - 2014-08-03 19:31 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-10-15 16:45 - 2014-08-03 19:31 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-15 16:45 - 2014-08-03 19:31 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-15 16:45 - 2014-08-03 19:31 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-15 16:45 - 2010-10-02 11:31 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-10-15 16:45 - 2010-10-02 11:31 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-15 16:17 - 2015-02-15 09:03 - 00000979 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-10-15 16:17 - 2015-02-15 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-14 08:04 - 2014-12-22 01:01 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-14 08:04 - 2014-12-22 01:01 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-14 08:04 - 2011-12-24 16:11 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-10 19:01 - 2015-02-15 09:25 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-09-30 13:14 - 2011-12-04 00:56 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-09-30 09:24 - 2009-09-09 10:54 - 00000080 _____ C:\Windows\system32\Defrag.ini
2015-09-18 10:37 - 2009-09-09 10:54 - 00002656 _____ C:\Windows\system32\AutoRunFilter.ini
2015-09-18 09:12 - 2010-05-15 11:25 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 09:12 - 2010-05-15 11:24 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2010-03-21 14:19 - 2010-03-21 14:20 - 0006656 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-09-09 10:37 - 2009-09-09 10:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-09-09 10:37 - 2009-09-09 10:37 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\atl80.dll
C:\Users\Honza\AppData\Local\Temp\ckcs0jdh.dll
C:\Users\Honza\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Honza\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Honza\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Honza\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_ufxq8.dll
C:\Users\Honza\AppData\Local\Temp\lowproc.exe
C:\Users\Honza\AppData\Local\Temp\mfc80.dll
C:\Users\Honza\AppData\Local\Temp\mfc80u.dll
C:\Users\Honza\AppData\Local\Temp\mfcm80.dll
C:\Users\Honza\AppData\Local\Temp\mfcm80u.dll
C:\Users\Honza\AppData\Local\Temp\msvcm80.dll
C:\Users\Honza\AppData\Local\Temp\msvcp80.dll
C:\Users\Honza\AppData\Local\Temp\msvcr80.dll
C:\Users\Honza\AppData\Local\Temp\NEventMessages.dll
C:\Users\Honza\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Honza\AppData\Local\Temp\ResetDevice.exe
C:\Users\Honza\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Honza\AppData\Local\Temp\sqlite3.dll
C:\Users\Honza\AppData\Local\Temp\stubhelper.dll
C:\Users\Honza\AppData\Local\Temp\TmDbg32.dll
C:\Users\Honza\AppData\Local\Temp\TmDbg64.dll
C:\Users\Honza\AppData\Local\Temp\{7065CB1C-CD03-4216-8503-12300055FEA2}-chrome_installer.exe
C:\Users\Honza\AppData\Local\Temp\{77BA537D-3332-4CB9-AC39-FAC5F86AC7BA}-chrome_installer.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-12 18:13
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-10-2015
Ran by Honza (2015-10-17 08:35:40)
Running from C:\Users\Honza\Desktop
Windows 7 Home Premium (X64) (2010-01-26 15:10:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-907684110-3001501751-2617048890-500 - Administrator - Disabled)
Guest (S-1-5-21-907684110-3001501751-2617048890-501 - Limited - Disabled)
Honza (S-1-5-21-907684110-3001501751-2617048890-1000 - Administrator - Enabled) => C:\Users\Honza
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Trend Micro Internet Security (Disabled - Up to date) {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Trend Micro Internet Security (Disabled - Up to date) {F3F37C18-5C68-ACC1-B9E1-FFA9963AD6ED}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: AVG Internet Security 2015 (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}) (Version: 5.000.818.6 - Microsoft Corporation)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0013 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.17 - asus)
Asus_Camera_ScreenSaver (HKLM-x32\...\Asus_Camera_ScreenSaver) (Version: 2.0.0009 - ASUS)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6172 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4447 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.6172 - AVG Technologies CZ, s.r.o.) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.8.599 - AVG Technologies)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.1 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version: - )
Fast Boot (HKLM\...\{E1CB8AB2-6469-44C4-8701-00278A0BCE9D}) (Version: 1.0.2 - ASUS)
FireAnt RC1 (HKLM-x32\...\{D1BBCB76-5F8B-4BC6-AA5D-EF89D860DAD1}) (Version: 1.1.3 - Mycelia Networks)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60129.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox (3.6.25) (HKLM-x32\...\Mozilla Firefox (3.6.25)) (Version: 3.6.25 (cs) - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{AF88496B-4BBA-4922-97E9-2582D3A28358}) (Version: 7.1.48.0 - Nokia)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}) (Version: 11.5.13.0 - Nokia)
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
RealUpgrade 1.0 (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SRS Premium Sound Control Panel (HKLM\...\{D42F84B6-3709-4A50-8502-6719D16AE6C8}) (Version: 1.07.0100 - SRS Labs, Inc.)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (Version: 17.50 - Trend Micro Inc.) Hidden
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web'n'walk Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2011-03-08 - Gemfor s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.26.0 - ASUS)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2059.0.12 - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
30-09-2015 15:57:36 Naplánovaný kontrolní bod
12-10-2015 18:20:45 Naplánovaný kontrolní bod
15-10-2015 16:43:43 avast! antivirus system restore point
15-10-2015 18:28:44 Removed FIFA 10
15-10-2015 18:47:00 Removed Burnout(TM) Paradise The Ultimate Box
15-10-2015 18:58:09 Removed Burnout(TM) Paradise The Ultimate Box
15-10-2015 19:14:01 Removed Adobe Reader 9.1 MUI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-10-15 19:13 - 00377847 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 13017 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {047BC5C4-8A9D-4F8B-A266-3EB22B6F1BCC} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {0CA42ECB-A712-4637-8AEF-39DD8BD6DF36} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {62DEBF3F-E1D6-48C5-B20A-2200F8A40C65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {658D8171-1EE5-49AA-9826-78082BCF59A6} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-10-15] (AVAST Software)
Task: {8F65760D-B127-43FA-A834-F844EDDD06AF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-907684110-3001501751-2617048890-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {9AC992AF-7EB5-4724-9228-68B2B097CC63} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-07-24] ()
Task: {B0362131-18CE-4AA6-A28A-2D7735D9A72D} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {BE9D59FE-E258-4091-B595-98219AA05895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {D1931CAA-7DED-4969-B5B1-B22CC4759496} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-07-29] (ATK)
Task: {D6B30700-501E-42F5-B9F2-C9C0551C30AD} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {D8E180EC-7A57-41C6-B0FF-E61440681DD8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-907684110-3001501751-2617048890-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {EEECE204-A1EE-45B9-BFE0-BB78C78E0D2E} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-07-23] ()
Task: {F15DB96A-538F-4F99-84FF-AA97FC54ACA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-14] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-03 20:20 - 2015-10-10 18:59 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2009-09-09 10:54 - 2009-09-02 05:16 - 00274560 _____ () C:\Windows\system32\GetBootTime.dll
2008-08-14 05:59 - 2008-08-14 05:59 - 00100920 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
2009-09-09 10:46 - 2007-08-08 09:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2009-09-09 10:54 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2009-05-05 19:00 - 2009-05-05 19:00 - 00041472 _____ () C:\Program Files\P4G\DevMng.dll
2009-07-27 19:12 - 2009-07-27 19:12 - 00026624 _____ () C:\Program Files\P4G\OvrClk.dll
2009-09-09 10:46 - 2007-03-10 03:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2009-07-23 02:58 - 2009-07-23 02:58 - 00017976 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2007-06-15 19:28 - 2007-06-15 19:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-02 01:52 - 2007-06-02 01:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2010-02-26 17:34 - 2010-02-10 19:10 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2008-08-14 05:59 - 2008-08-14 05:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2011-12-28 00:21 - 2011-12-28 00:21 - 00021392 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-07-24 19:32 - 2009-07-24 19:32 - 01593344 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2015-10-15 16:45 - 2015-10-15 16:45 - 00103376 _____ () C:\Program Files\Alwil Software\Avast5\log.dll
2015-10-15 16:45 - 2015-10-15 16:45 - 00123976 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
2015-10-15 16:10 - 2015-10-15 16:10 - 02994032 _____ () C:\Program Files\Alwil Software\Avast5\defs\15101502\algo.dll
2015-10-16 22:14 - 2015-10-16 22:14 - 02994032 _____ () C:\Program Files\Alwil Software\Avast5\defs\15101601\algo.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00493992 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\FirmwareUpdateAgent.Common.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00625576 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
2012-01-30 19:22 - 2012-01-30 19:22 - 00115137 _____ () C:\Users\Honza\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00007168 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\IPCServer.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00003584 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ISharedIPCInterface.dll
2015-10-15 16:45 - 2015-10-15 16:45 - 40539648 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2008-08-28 01:32 - 2008-08-28 01:32 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 18:55 - 2008-06-09 18:55 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2007-06-15 19:28 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 02:08 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 13433 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: ASUS Camera ScreenSaver => C:\Windows\AsScrProlog.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4E9F9CB3-6DE1-4E7C-A417-BD28A3234C89}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{842D174F-EE85-4ABC-ADC0-B9704C4BB275}] => (Allow) svchost.exe
FirewallRules: [{E9FEDF9F-9ED6-41FE-A184-1556C6E073A7}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{BB1DF809-4D95-478D-9F0D-AA3A17D1BB50}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{61615129-A66D-445B-97F9-3EFF8E17EA5B}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{ACB7EA73-ED31-40D6-8748-E614F228FB07}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{70DF5F94-E2EA-4A4D-8046-706270B6D473}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{1FAE9B60-C162-4494-810B-D55138808867}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3F9B8DE4-A48C-48BA-A8B9-9AFBC924C937}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{452EC174-6C7D-4C53-9F26-9A2081ED5FBE}C:\program files (x86)\real\realplayer\realplay.exe] => (Block) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{740CF579-CC7E-42B3-9F83-0E849BCE0FBB}C:\program files (x86)\real\realplayer\realplay.exe] => (Block) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{85256251-BB00-4886-A918-5976408F043E}C:\users\honza\documents\tennis critters\tenniscritters.exe] => (Allow) C:\users\honza\documents\tennis critters\tenniscritters.exe
FirewallRules: [UDP Query User{25E9DD92-9076-4102-98E5-9794048C8F22}C:\users\honza\documents\tennis critters\tenniscritters.exe] => (Allow) C:\users\honza\documents\tennis critters\tenniscritters.exe
FirewallRules: [TCP Query User{76C01B06-2FA5-4010-9437-41747282CE78}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{86255FAF-C1C6-4A38-BB0A-D81AC5D9B4BD}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [{AADD4B42-B950-4E38-8575-CDD219955B8E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DF530BA0-818F-4451-9EE3-FCE8BF02DF0A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{33E9BD92-5128-40AB-BFB4-280315872D43}] => (Allow) C:\Users\Honza\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C30B22F3-301A-40F0-91EF-B68822797D8D}] => (Allow) C:\Users\Honza\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5269C6E5-23D9-48B6-A9DC-F9DB1FA33BF1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{5AAB9BEC-97ED-4AC0-BD8B-28EE64606FBF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{928E2220-812F-47E7-86EE-8371B5C61AA3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{37FBD1FF-AF15-4D68-B0F7-9DDE1E827E43}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{E7924953-D5DD-468C-B2D3-7079B4F13A46}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{BECCF59B-488E-434E-B956-8428469CB198}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{60C9A9A8-D599-45B4-91AF-ED5E6F940CBB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{8867233B-A1FB-416D-9D52-985C2044FD41}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/17/2015 08:20:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://www.download.windowsupdate.com/m ... 4C2AFD.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (10/17/2015 08:17:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 1.9.2.4363, časové razítko: 0x4ee68c41
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x7736f5e1
ID chybujícího procesu: 0x12a0
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3
Error: (10/17/2015 08:13:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16912, časové razítko: 0x4eb4a5ea
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x7736f5e1
ID chybujícího procesu: 0x101c
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Error: (10/17/2015 08:13:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 46.0.2490.71, časové razítko: 0x5616f11f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x7736f5e1
ID chybujícího procesu: 0x1638
Čas spuštění chybující aplikace: 0xchrome.exe0
Cesta k chybující aplikaci: chrome.exe1
Cesta k chybujícímu modulu: chrome.exe2
ID zprávy: chrome.exe3
Error: (10/17/2015 08:12:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 1.9.2.4363, časové razítko: 0x4ee68c41
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x7736f5e1
ID chybujícího procesu: 0x1650
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3
Error: (10/17/2015 12:34:52 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro 1 se nezdařilo. Chyba v souboru manifestu nebo zásady 2 na řádku 3.
Neplatná syntaxe XML.
Error: (10/17/2015 12:34:37 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.
Error: (10/17/2015 12:32:02 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.
Error: (10/15/2015 08:00:30 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro 1 se nezdařilo. Chyba v souboru manifestu nebo zásady 2 na řádku 3.
Neplatná syntaxe XML.
Error: (10/15/2015 08:00:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.
System errors:
=============
Error: (10/15/2015 06:09:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (10/15/2015 06:09:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E175B68-F52A-11D8-B9A5-505054503030}
Error: (10/15/2015 06:08:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ADSM Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/15/2015 06:08:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ServiceLayer byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (10/15/2015 06:08:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Web'n'walk Manager mobile equipment installation service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba vToolbarUpdater40.1.8 byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SeaPort byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 60%
Total physical RAM: 4095.27 MB
Available physical RAM: 1616.29 MB
Total Virtual: 8188.68 MB
Available Virtual: 5355 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:232.88 GB) (Free:136.22 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:218.23 GB) (Free:217.87 GB) NTFS
Drive g: (KINGSTON) (Removable) (Total:7.36 GB) (Free:6.48 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.2 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.4 GB) - (Type=0C)
==================== End of Addition.txt ============================
Ran by Honza (2015-10-17 08:35:40)
Running from C:\Users\Honza\Desktop
Windows 7 Home Premium (X64) (2010-01-26 15:10:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-907684110-3001501751-2617048890-500 - Administrator - Disabled)
Guest (S-1-5-21-907684110-3001501751-2617048890-501 - Limited - Disabled)
Honza (S-1-5-21-907684110-3001501751-2617048890-1000 - Administrator - Enabled) => C:\Users\Honza
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Trend Micro Internet Security (Disabled - Up to date) {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Trend Micro Internet Security (Disabled - Up to date) {F3F37C18-5C68-ACC1-B9E1-FFA9963AD6ED}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: AVG Internet Security 2015 (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}) (Version: 5.000.818.6 - Microsoft Corporation)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0013 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.17 - asus)
Asus_Camera_ScreenSaver (HKLM-x32\...\Asus_Camera_ScreenSaver) (Version: 2.0.0009 - ASUS)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6172 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4447 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.6172 - AVG Technologies CZ, s.r.o.) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.8.599 - AVG Technologies)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.1 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version: - )
Fast Boot (HKLM\...\{E1CB8AB2-6469-44C4-8701-00278A0BCE9D}) (Version: 1.0.2 - ASUS)
FireAnt RC1 (HKLM-x32\...\{D1BBCB76-5F8B-4BC6-AA5D-EF89D860DAD1}) (Version: 1.1.3 - Mycelia Networks)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60129.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox (3.6.25) (HKLM-x32\...\Mozilla Firefox (3.6.25)) (Version: 3.6.25 (cs) - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{AF88496B-4BBA-4922-97E9-2582D3A28358}) (Version: 7.1.48.0 - Nokia)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}) (Version: 11.5.13.0 - Nokia)
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
RealUpgrade 1.0 (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SRS Premium Sound Control Panel (HKLM\...\{D42F84B6-3709-4A50-8502-6719D16AE6C8}) (Version: 1.07.0100 - SRS Labs, Inc.)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (Version: 17.50 - Trend Micro Inc.) Hidden
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web'n'walk Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2011-03-08 - Gemfor s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.26.0 - ASUS)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2059.0.12 - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907684110-3001501751-2617048890-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Honza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
30-09-2015 15:57:36 Naplánovaný kontrolní bod
12-10-2015 18:20:45 Naplánovaný kontrolní bod
15-10-2015 16:43:43 avast! antivirus system restore point
15-10-2015 18:28:44 Removed FIFA 10
15-10-2015 18:47:00 Removed Burnout(TM) Paradise The Ultimate Box
15-10-2015 18:58:09 Removed Burnout(TM) Paradise The Ultimate Box
15-10-2015 19:14:01 Removed Adobe Reader 9.1 MUI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-10-15 19:13 - 00377847 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 13017 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {047BC5C4-8A9D-4F8B-A266-3EB22B6F1BCC} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {0CA42ECB-A712-4637-8AEF-39DD8BD6DF36} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {62DEBF3F-E1D6-48C5-B20A-2200F8A40C65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {658D8171-1EE5-49AA-9826-78082BCF59A6} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-10-15] (AVAST Software)
Task: {8F65760D-B127-43FA-A834-F844EDDD06AF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-907684110-3001501751-2617048890-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {9AC992AF-7EB5-4724-9228-68B2B097CC63} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-07-24] ()
Task: {B0362131-18CE-4AA6-A28A-2D7735D9A72D} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {BE9D59FE-E258-4091-B595-98219AA05895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {D1931CAA-7DED-4969-B5B1-B22CC4759496} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-07-29] (ATK)
Task: {D6B30700-501E-42F5-B9F2-C9C0551C30AD} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {D8E180EC-7A57-41C6-B0FF-E61440681DD8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-907684110-3001501751-2617048890-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {EEECE204-A1EE-45B9-BFE0-BB78C78E0D2E} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-07-23] ()
Task: {F15DB96A-538F-4F99-84FF-AA97FC54ACA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-14] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-03 20:20 - 2015-10-10 18:59 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2009-09-09 10:54 - 2009-09-02 05:16 - 00274560 _____ () C:\Windows\system32\GetBootTime.dll
2008-08-14 05:59 - 2008-08-14 05:59 - 00100920 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
2009-09-09 10:46 - 2007-08-08 09:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2009-09-09 10:54 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2009-05-05 19:00 - 2009-05-05 19:00 - 00041472 _____ () C:\Program Files\P4G\DevMng.dll
2009-07-27 19:12 - 2009-07-27 19:12 - 00026624 _____ () C:\Program Files\P4G\OvrClk.dll
2009-09-09 10:46 - 2007-03-10 03:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2009-07-23 02:58 - 2009-07-23 02:58 - 00017976 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2007-06-15 19:28 - 2007-06-15 19:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-02 01:52 - 2007-06-02 01:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2010-02-26 17:34 - 2010-02-10 19:10 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2008-08-14 05:59 - 2008-08-14 05:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2011-12-28 00:21 - 2011-12-28 00:21 - 00021392 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-07-24 19:32 - 2009-07-24 19:32 - 01593344 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2015-10-15 16:45 - 2015-10-15 16:45 - 00103376 _____ () C:\Program Files\Alwil Software\Avast5\log.dll
2015-10-15 16:45 - 2015-10-15 16:45 - 00123976 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
2015-10-15 16:10 - 2015-10-15 16:10 - 02994032 _____ () C:\Program Files\Alwil Software\Avast5\defs\15101502\algo.dll
2015-10-16 22:14 - 2015-10-16 22:14 - 02994032 _____ () C:\Program Files\Alwil Software\Avast5\defs\15101601\algo.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00493992 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\FirmwareUpdateAgent.Common.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00625576 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
2012-01-30 19:22 - 2012-01-30 19:22 - 00115137 _____ () C:\Users\Honza\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00007168 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\IPCServer.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00003584 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ISharedIPCInterface.dll
2015-10-15 16:45 - 2015-10-15 16:45 - 40539648 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2008-08-28 01:32 - 2008-08-28 01:32 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 18:55 - 2008-06-09 18:55 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2007-06-15 19:28 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 02:08 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 13433 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: ASUS Camera ScreenSaver => C:\Windows\AsScrProlog.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4E9F9CB3-6DE1-4E7C-A417-BD28A3234C89}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{842D174F-EE85-4ABC-ADC0-B9704C4BB275}] => (Allow) svchost.exe
FirewallRules: [{E9FEDF9F-9ED6-41FE-A184-1556C6E073A7}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{BB1DF809-4D95-478D-9F0D-AA3A17D1BB50}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{61615129-A66D-445B-97F9-3EFF8E17EA5B}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{ACB7EA73-ED31-40D6-8748-E614F228FB07}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{70DF5F94-E2EA-4A4D-8046-706270B6D473}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{1FAE9B60-C162-4494-810B-D55138808867}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3F9B8DE4-A48C-48BA-A8B9-9AFBC924C937}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{452EC174-6C7D-4C53-9F26-9A2081ED5FBE}C:\program files (x86)\real\realplayer\realplay.exe] => (Block) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{740CF579-CC7E-42B3-9F83-0E849BCE0FBB}C:\program files (x86)\real\realplayer\realplay.exe] => (Block) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{85256251-BB00-4886-A918-5976408F043E}C:\users\honza\documents\tennis critters\tenniscritters.exe] => (Allow) C:\users\honza\documents\tennis critters\tenniscritters.exe
FirewallRules: [UDP Query User{25E9DD92-9076-4102-98E5-9794048C8F22}C:\users\honza\documents\tennis critters\tenniscritters.exe] => (Allow) C:\users\honza\documents\tennis critters\tenniscritters.exe
FirewallRules: [TCP Query User{76C01B06-2FA5-4010-9437-41747282CE78}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{86255FAF-C1C6-4A38-BB0A-D81AC5D9B4BD}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [{AADD4B42-B950-4E38-8575-CDD219955B8E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DF530BA0-818F-4451-9EE3-FCE8BF02DF0A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{33E9BD92-5128-40AB-BFB4-280315872D43}] => (Allow) C:\Users\Honza\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C30B22F3-301A-40F0-91EF-B68822797D8D}] => (Allow) C:\Users\Honza\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5269C6E5-23D9-48B6-A9DC-F9DB1FA33BF1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{5AAB9BEC-97ED-4AC0-BD8B-28EE64606FBF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{928E2220-812F-47E7-86EE-8371B5C61AA3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{37FBD1FF-AF15-4D68-B0F7-9DDE1E827E43}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{E7924953-D5DD-468C-B2D3-7079B4F13A46}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{BECCF59B-488E-434E-B956-8428469CB198}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{60C9A9A8-D599-45B4-91AF-ED5E6F940CBB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{8867233B-A1FB-416D-9D52-985C2044FD41}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/17/2015 08:20:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://www.download.windowsupdate.com/m ... 4C2AFD.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (10/17/2015 08:17:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 1.9.2.4363, časové razítko: 0x4ee68c41
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x7736f5e1
ID chybujícího procesu: 0x12a0
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3
Error: (10/17/2015 08:13:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16912, časové razítko: 0x4eb4a5ea
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x7736f5e1
ID chybujícího procesu: 0x101c
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Error: (10/17/2015 08:13:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 46.0.2490.71, časové razítko: 0x5616f11f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x7736f5e1
ID chybujícího procesu: 0x1638
Čas spuštění chybující aplikace: 0xchrome.exe0
Cesta k chybující aplikaci: chrome.exe1
Cesta k chybujícímu modulu: chrome.exe2
ID zprávy: chrome.exe3
Error: (10/17/2015 08:12:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 1.9.2.4363, časové razítko: 0x4ee68c41
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x7736f5e1
ID chybujícího procesu: 0x1650
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3
Error: (10/17/2015 12:34:52 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro 1 se nezdařilo. Chyba v souboru manifestu nebo zásady 2 na řádku 3.
Neplatná syntaxe XML.
Error: (10/17/2015 12:34:37 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.
Error: (10/17/2015 12:32:02 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.
Error: (10/15/2015 08:00:30 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro 1 se nezdařilo. Chyba v souboru manifestu nebo zásady 2 na řádku 3.
Neplatná syntaxe XML.
Error: (10/15/2015 08:00:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.
System errors:
=============
Error: (10/15/2015 06:09:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (10/15/2015 06:09:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E175B68-F52A-11D8-B9A5-505054503030}
Error: (10/15/2015 06:08:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ADSM Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/15/2015 06:08:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ServiceLayer byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (10/15/2015 06:08:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Web'n'walk Manager mobile equipment installation service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba vToolbarUpdater40.1.8 byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SeaPort byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/15/2015 06:08:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 60%
Total physical RAM: 4095.27 MB
Available physical RAM: 1616.29 MB
Total Virtual: 8188.68 MB
Available Virtual: 5355 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:232.88 GB) (Free:136.22 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:218.23 GB) (Free:217.87 GB) NTFS
Drive g: (KINGSTON) (Removable) (Total:7.36 GB) (Free:6.48 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.2 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.4 GB) - (Type=0C)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
# AdwCleaner v5.013 - Logfile created 19/10/2015 at 17:43:53
# Updated 09/10/2015 by Xplode
# Database : 2015-10-18.3 [Server]
# Operating system : Windows 7 Home Premium (x64)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner_5.013.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [639 bytes] ##########
# Updated 09/10/2015 by Xplode
# Database : 2015-10-18.3 [Server]
# Operating system : Windows 7 Home Premium (x64)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner_5.013.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [639 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
Task: {BE9D59FE-E258-4091-B595-98219AA05895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {5ea5e2bb-0e81-11df-b0a4-90e6ba1d92a0} - F:\Autorun.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {9046e844-cda5-11e2-9633-90e6ba1d92a0} - G:\AutoRun.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {faf8ed90-373b-11df-aca8-90e6ba1d92a0} - "G:\WD SmartWare.exe" autoplay=true
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08] (Microsoft Corporation)
FF Extension: No Name - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [not found]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
C:\Windows\system32\acovcnt.exe
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Honza\AppData\Local\Temp
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Fix result of Farbar Recovery Scan Tool (x64) Version:18-10-2015
Ran by Honza (2015-10-19 20:07:08) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
Task: {BE9D59FE-E258-4091-B595-98219AA05895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {5ea5e2bb-0e81-11df-b0a4-90e6ba1d92a0} - F:\Autorun.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {9046e844-cda5-11e2-9633-90e6ba1d92a0} - G:\AutoRun.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {faf8ed90-373b-11df-aca8-90e6ba1d92a0} - "G:\WD SmartWare.exe" autoplay=true
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08] (Microsoft Corporation)
FF Extension: No Name - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [not found]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
C:\Windows\system32\acovcnt.exe
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Honza\AppData\Local\Temp
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
End
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BE9D59FE-E258-4091-B595-98219AA05895}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE9D59FE-E258-4091-B595-98219AA05895}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ea5e2bb-0e81-11df-b0a4-90e6ba1d92a0} => key not found.
HKCR\CLSID\{5ea5e2bb-0e81-11df-b0a4-90e6ba1d92a0} => key not found.
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9046e844-cda5-11e2-9633-90e6ba1d92a0} => key not found.
HKCR\CLSID\{9046e844-cda5-11e2-9633-90e6ba1d92a0} => key not found.
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{faf8ed90-373b-11df-aca8-90e6ba1d92a0} => key not found.
HKCR\CLSID\{faf8ed90-373b-11df-aca8-90e6ba1d92a0} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}" => key removed successfully
C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 => not found.
tmlwf => service removed successfully
tmwfp => service removed successfully
C:\Windows\system32\acovcnt.exe => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.
"C:\Users\Honza\AppData\Local\Temp" folder move:
Could not move "C:\Users\Honza\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-10-19 20:08:50)
C:\Users\Honza\AppData\Local\Temp => moved successfully
==== End of Fixlog 20:08:51 ====
Ran by Honza (2015-10-19 20:07:08) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
Task: {BE9D59FE-E258-4091-B595-98219AA05895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {5ea5e2bb-0e81-11df-b0a4-90e6ba1d92a0} - F:\Autorun.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {9046e844-cda5-11e2-9633-90e6ba1d92a0} - G:\AutoRun.exe
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\...\MountPoints2: {faf8ed90-373b-11df-aca8-90e6ba1d92a0} - "G:\WD SmartWare.exe" autoplay=true
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08] (Microsoft Corporation)
FF Extension: No Name - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [not found]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
C:\Windows\system32\acovcnt.exe
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Honza\AppData\Local\Temp
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
End
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BE9D59FE-E258-4091-B595-98219AA05895}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE9D59FE-E258-4091-B595-98219AA05895}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ea5e2bb-0e81-11df-b0a4-90e6ba1d92a0} => key not found.
HKCR\CLSID\{5ea5e2bb-0e81-11df-b0a4-90e6ba1d92a0} => key not found.
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9046e844-cda5-11e2-9633-90e6ba1d92a0} => key not found.
HKCR\CLSID\{9046e844-cda5-11e2-9633-90e6ba1d92a0} => key not found.
HKU\S-1-5-21-907684110-3001501751-2617048890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{faf8ed90-373b-11df-aca8-90e6ba1d92a0} => key not found.
HKCR\CLSID\{faf8ed90-373b-11df-aca8-90e6ba1d92a0} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}" => key removed successfully
C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 => not found.
tmlwf => service removed successfully
tmwfp => service removed successfully
C:\Windows\system32\acovcnt.exe => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.
"C:\Users\Honza\AppData\Local\Temp" folder move:
Could not move "C:\Users\Honza\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-10-19 20:08:50)
C:\Users\Honza\AppData\Local\Temp => moved successfully
==== End of Fixlog 20:08:51 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Smazáno, PC je již čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Super, jde skvěle. Moc děkuji 
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?