zdravím vás, po spuštění booku se po určité době vypne wifina a při pohybu myší se zasekává nebo spadne systém a hlásí že je chyba v ovladači.
přikládám kontrolní soubory.
Děkuji za reakci
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vypne se wi-fi a seká se notas
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vypne se wi-fi a seká se notas
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vypne se wi-fi a seká se notas
Tak jsem udělal scan a soubor log přidávám.
Díky.
Díky.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vypne se wi-fi a seká se notas
Udělal jste pouze sken a neklikl na >Clean<. ADW proto nemazal. Postup zopakujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vypne se wi-fi a seká se notas
Tak jsem to zkoušel několikrát, ale vyšlo tohle:
# AdwCleaner v5.015 - Logfile created 31/10/2015 at 10:35:47
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Windows 7 Ultimate (x64)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [632 bytes] ##########
# AdwCleaner v5.015 - Logfile created 31/10/2015 at 10:35:47
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Windows 7 Ultimate (x64)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [632 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vypne se wi-fi a seká se notas
Tak teď už je smazáno. Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vypne se wi-fi a seká se notas
Posílám výpis.
Byl jsem nějakou dobou pryč, takže až nyní
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Petr (administrator) on PETR-PC (09-11-2015 16:59:09)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 7 Ultimate (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Programy\EaseUS\Todo Backup\bin\Agent.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Programy\EaseUS\Todo Backup\bin\GuardAgent.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dominik Reichl) F:\Prgrm\KeeP\KeePass.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(F.J. Wechselberger) F:\Programy\MyPhoneExplorer\MyPhoneExplorer.exe
() F:\Programy\MyPhoneExplorer\DLL\adb.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) F:\Programy\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) F:\Programy\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) F:\Programy\Evernote\EvernoteClipper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSTORDB.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-08] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [14061216 2014-02-04] (Gadwin Systems)
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {320656cf-c86f-11e3-8c88-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {62a504b5-d6c2-11e3-b307-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {641591a7-b1b9-11e3-a01a-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {641591b5-b1b9-11e3-a01a-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {9e5bb555-da94-11e3-8d4e-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {a5fb125f-b263-11e3-8811-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {bf5d4414-bc9b-11e3-b64f-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {bf5d441e-bc9b-11e3-b64f-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {c2acc54c-bc21-11e3-a28d-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {c2acc55a-bc21-11e3-a28d-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {d1bb43d7-e237-11e3-a9e4-e0cb4e08ecc4} - H:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-16] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
BootExecute: autocheck autochk *
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 193.138.78.116 193.138.78.117
Tcpip\..\Interfaces\{2E8EE573-BC64-475D-BD7F-928B928D1CDB}: [DhcpNameServer] 193.138.78.116 193.138.78.117
Tcpip\..\Interfaces\{C564284E-BDAC-4203-BC73-7F02E06C09B5}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F0EF4696-3CE2-40D4-8248-311949BC1F25}: [DhcpNameServer] 193.138.78.116 193.138.78.117
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2408723159-1701991956-2330629455-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2408723159-1701991956-2330629455-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-13] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-04] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-13] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> F:\Programy\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-04] (Oracle Corporation)
BHO-x32: No Name -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2408723159-1701991956-2330629455-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-11-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-03-05] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-14] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-14] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-16] [not signed]
FF HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Petr\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Petr\AppData\Roaming\IDM\idmmzcc5 [2015-11-09] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-06]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-06]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-09]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-02]
CHR Extension: (Quasitime Planner) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkcedclncbfkjgoongjcdipmmcaplh [2015-07-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Windowed Calendar for Google Calendar) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\papanocfdnodmiedhkfeeebiljceceel [2015-08-20]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-06]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Ask Search) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2015-08-07]
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-07]
CHR Extension: (Docs) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-07]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-07]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-07]
CHR Extension: (Freemake Video Downloader) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2015-08-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-07]
CHR Extension: (Adobe Acrobat - Vytvořit PDF) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-08-07]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2015-08-07]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-07]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-07]
CHR Extension: (IDM Integration Module) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-08-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-07]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-07]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-05-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-26]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 2GISUpdateService; F:\Programy\2gis\3.0\2GISUpdateService.exe [3820568 2014-07-25] (Double GIS LLC)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-16] (AVAST Software)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4940760 2012-09-04] (CANON INC.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-23] (Dropbox, Inc.)
R2 EaseUS Agent; C:\Programy\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Guard Agent; C:\Programy\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 MSSQL$MAXIMIZER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAXIMIZER\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S3 MSSQLFDLauncher$MAXIMIZER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAXIMIZER\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation)
S3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 ReportServer$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2180960 2011-06-17] (Microsoft Corporation)
S4 SQLAgent$MAXIMIZER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAXIMIZER\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-16] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-07-15] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-16] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-27] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [61000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] () [File not signed]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-11-11] (Glarysoft Ltd)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 {1e3cbb53-e197-4e2a-92c5-00bc91f79189}Gw64; system32\drivers\{1e3cbb53-e197-4e2a-92c5-00bc91f79189}Gw64.sys [X]
S1 {1e3cbb53-e197-4e2a-92c5-00bc91f79189}w64; system32\drivers\{1e3cbb53-e197-4e2a-92c5-00bc91f79189}w64.sys [X]
S1 {847c2db9-6f00-49b6-896c-0d969fee7b00}w64; system32\drivers\{847c2db9-6f00-49b6-896c-0d969fee7b00}w64.sys [X]
S1 {ab53d71f-2c3d-48d9-a758-51265fe59ee6}Gw64; system32\drivers\{ab53d71f-2c3d-48d9-a758-51265fe59ee6}Gw64.sys [X]
S1 {b082a895-f2bc-40a0-9735-d7592e9e422c}w64; system32\drivers\{b082a895-f2bc-40a0-9735-d7592e9e422c}w64.sys [X]
S1 {b0aa2e34-2206-4d3d-8f9b-da4d3c817ee7}Gw64; system32\drivers\{b0aa2e34-2206-4d3d-8f9b-da4d3c817ee7}Gw64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-09 16:57 - 2015-11-09 16:57 - 00000000 ____D C:\Users\Petr\Desktop\FRST-OlderVersion
2015-11-09 14:50 - 2015-11-09 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-11-04 22:15 - 2015-11-09 16:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-04 22:15 - 2015-11-08 17:51 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-04 21:12 - 2015-11-04 21:12 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-04 21:12 - 2015-11-04 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-04 20:57 - 2015-11-04 21:15 - 00000000 ____D C:\Users\Petr\AppData\Roaming\.minecraft
2015-11-04 20:57 - 2015-11-04 20:57 - 00000000 ____D C:\Users\Petr\AppData\Roaming\java
2015-11-03 08:46 - 2015-11-09 10:01 - 00002740 _____ C:\Windows\System32\Tasks\AutoKMSDaily
2015-11-02 16:23 - 2015-11-02 16:23 - 00277256 _____ C:\Windows\Minidump\110215-21403-01.dmp
2015-11-01 12:19 - 2015-11-01 12:19 - 00277256 _____ C:\Windows\Minidump\110115-21106-01.dmp
2015-10-30 19:00 - 2015-10-30 19:00 - 00277256 _____ C:\Windows\Minidump\103015-25880-01.dmp
2015-10-29 18:57 - 2015-10-29 18:57 - 00000520 _____ C:\Windows\PFRO.log
2015-10-29 18:07 - 2015-10-29 18:07 - 00277256 _____ C:\Windows\Minidump\102915-21216-01.dmp
2015-10-28 11:51 - 2015-10-28 11:51 - 00003288 _____ C:\Users\Petr\Desktop\AdwCleaner[S2]_log.zip
2015-10-28 11:24 - 2015-10-31 10:52 - 00000000 ____D C:\AdwCleaner
2015-10-28 11:24 - 2015-10-28 11:23 - 01694208 _____ C:\Users\Petr\Desktop\adwcleaner_5.015.exe
2015-10-26 13:55 - 2015-10-26 13:55 - 00023169 _____ C:\Users\Petr\Desktop\FRST&Addition.zip
2015-10-26 13:42 - 2015-10-26 13:43 - 00050456 _____ C:\Users\Petr\Desktop\Addition.txt
2015-10-26 13:41 - 2015-11-09 16:59 - 00032230 _____ C:\Users\Petr\Desktop\FRST.txt
2015-10-26 13:41 - 2015-11-09 16:59 - 00000000 ____D C:\FRST
2015-10-26 13:40 - 2015-11-09 16:57 - 02198528 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-10-25 13:03 - 2015-10-25 13:03 - 00277296 _____ C:\Windows\Minidump\102515-20560-01.dmp
2015-10-25 12:12 - 2015-10-25 12:12 - 00277256 _____ C:\Windows\Minidump\102515-19780-01.dmp
2015-10-24 15:34 - 2015-10-24 15:35 - 00277296 _____ C:\Windows\Minidump\102415-20888-01.dmp
2015-10-24 14:19 - 2015-10-24 14:19 - 00277288 _____ C:\Windows\Minidump\102415-21918-01.dmp
2015-10-24 13:58 - 2015-10-24 13:58 - 00277288 _____ C:\Windows\Minidump\102415-21933-01.dmp
2015-10-23 19:51 - 2015-10-23 19:51 - 00277256 _____ C:\Windows\Minidump\102315-22479-01.dmp
2015-10-23 11:30 - 2015-11-09 10:01 - 00000000 ___RD C:\Users\Petr\Dropbox
2015-10-23 11:30 - 2015-10-23 11:30 - 00001230 _____ C:\Users\Petr\Desktop\Dropbox.lnk
2015-10-23 11:19 - 2015-10-23 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-23 11:17 - 2015-10-23 11:17 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Dropbox
2015-10-23 11:13 - 2015-11-09 16:18 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-23 11:13 - 2015-11-09 12:21 - 00000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-23 11:13 - 2015-11-09 10:01 - 00000000 ____D C:\Users\Petr\AppData\Local\Dropbox
2015-10-23 11:13 - 2015-10-23 11:19 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-23 11:13 - 2015-10-23 11:13 - 00003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-10-23 11:13 - 2015-10-23 11:13 - 00003648 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-10-23 11:13 - 2015-10-23 11:13 - 00000000 ____D C:\ProgramData\Dropbox
2015-10-21 18:33 - 2015-10-21 18:33 - 00277256 _____ C:\Windows\Minidump\102115-38033-01.dmp
2015-10-21 07:46 - 2015-11-09 10:01 - 00016979 _____ C:\Windows\AutoKMS.log
2015-10-21 07:44 - 2015-11-09 09:58 - 00003024 _____ C:\Windows\setupact.log
2015-10-21 07:44 - 2015-10-21 07:44 - 00000000 _____ C:\Windows\setuperr.log
2015-10-20 21:46 - 2015-10-20 21:46 - 00000000 ____D C:\Windows\pss
2015-10-20 17:14 - 2015-10-22 16:20 - 00012172 _____ C:\Users\Petr\Documents\SportDirect.xlsx
2015-10-16 12:58 - 2015-10-16 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NN eKalkulačka NN CZ
2015-10-16 08:28 - 2015-10-16 08:28 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-16 08:28 - 2015-10-16 08:28 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-15 10:54 - 2015-10-15 10:54 - 00000000 ____D C:\Users\Petr\AppData\Local\FastStone
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-09 16:52 - 2014-03-05 14:50 - 00000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2015-11-09 16:09 - 2014-01-17 19:50 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-09 13:09 - 2009-07-26 19:41 - 00807390 _____ C:\Windows\system32\perfh005.dat
2015-11-09 13:09 - 2009-07-26 19:41 - 00193164 _____ C:\Windows\system32\perfc005.dat
2015-11-09 13:09 - 2009-07-14 06:13 - 01973474 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-09 10:05 - 2009-07-14 05:45 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-09 10:05 - 2009-07-14 05:45 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-09 10:01 - 2014-03-05 12:47 - 00000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
2015-11-09 10:01 - 2014-03-05 12:47 - 00000198 _____ C:\Windows\Tasks\AutoKMS.job
2015-11-09 10:01 - 2014-03-05 12:42 - 00078848 _____ C:\Windows\KMSEmulator.exe
2015-11-09 09:59 - 2014-01-17 19:50 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-09 09:58 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-09 00:13 - 2014-01-17 17:44 - 01776751 _____ C:\Windows\WindowsUpdate.log
2015-11-08 20:46 - 2014-06-29 22:26 - 00000000 ____D C:\Users\Petr\AppData\Roaming\KeePass
2015-11-08 17:51 - 2014-01-21 14:49 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-08 17:51 - 2014-01-21 14:49 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-08 11:17 - 2014-01-17 21:57 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-08 11:17 - 2014-01-17 21:57 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-04 22:15 - 2014-01-21 14:49 - 00000000 ____D C:\Users\Petr\AppData\Local\Adobe
2015-11-04 22:07 - 2015-06-20 19:02 - 00000000 ____D C:\Users\Petr\AppData\Local\Battle.net
2015-11-04 21:12 - 2014-10-22 18:56 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-02 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-02 16:23 - 2014-02-10 22:19 - 00000000 ____D C:\Windows\Minidump
2015-10-31 10:39 - 2014-01-17 21:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-30 10:56 - 2015-01-09 11:36 - 00000000 ____D C:\Users\Petr\Documents\HypoKalk
2015-10-30 10:48 - 2014-01-23 10:10 - 00000000 ____D C:\Users\Petr\Desktop\Programky
2015-10-29 18:57 - 2009-07-14 06:08 - 00032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-29 17:31 - 2014-01-17 19:49 - 00000000 ____D C:\Users\Petr\AppData\Local\Deployment
2015-10-29 15:35 - 2014-10-07 10:34 - 00000000 ___RD C:\Users\Petr\Desktop\Fondy
2015-10-23 11:30 - 2014-01-17 18:01 - 00000000 ____D C:\Users\Petr
2015-10-23 10:44 - 2014-05-18 16:14 - 00000000 ____D C:\Users\Petr\Desktop\AFC
2015-10-23 10:41 - 2015-04-02 12:53 - 00796672 _____ (Qsc) C:\Windows\GPInstall.exe
2015-10-20 23:42 - 2014-01-19 00:33 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Audacity
2015-10-20 21:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windoooows.old
2015-10-20 21:37 - 2014-06-15 18:19 - 00000000 ____D C:\ProgramData\Oracle
2015-10-20 21:10 - 2015-08-29 15:26 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-10-20 21:04 - 2015-08-25 13:39 - 00000000 ____D C:\Users\Petr\.oracle_jre_usage
2015-10-20 16:11 - 2015-05-21 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-16 08:28 - 2014-05-11 16:30 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-15 10:54 - 2015-01-29 11:59 - 00000000 ____D C:\Users\Petr\AppData\Roaming\FastStone
==================== Files in the root of some directories =======
2015-08-16 17:43 - 2015-08-16 17:43 - 0001757 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel
2015-08-16 16:47 - 2015-08-26 13:35 - 0000088 __RSH () C:\ProgramData\4806F6D995.sys
2014-03-05 12:53 - 2014-03-05 13:03 - 0001262 _____ () C:\ProgramData\hpzinstall.log
2015-08-16 16:47 - 2015-08-26 13:36 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\CRMUpdater.exe
C:\Users\Petr\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt4tmpg.dll
C:\Users\Petr\AppData\Local\Temp\Ionic.Zip.dll
C:\Users\Petr\AppData\Local\Temp\jre-8u65-windows-au.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-01 14:13
==================== End of FRST.txt ============================
Byl jsem nějakou dobou pryč, takže až nyní
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Petr (administrator) on PETR-PC (09-11-2015 16:59:09)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 7 Ultimate (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Programy\EaseUS\Todo Backup\bin\Agent.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Programy\EaseUS\Todo Backup\bin\GuardAgent.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dominik Reichl) F:\Prgrm\KeeP\KeePass.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(F.J. Wechselberger) F:\Programy\MyPhoneExplorer\MyPhoneExplorer.exe
() F:\Programy\MyPhoneExplorer\DLL\adb.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) F:\Programy\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) F:\Programy\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) F:\Programy\Evernote\EvernoteClipper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSTORDB.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-08] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [14061216 2014-02-04] (Gadwin Systems)
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {320656cf-c86f-11e3-8c88-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {62a504b5-d6c2-11e3-b307-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {641591a7-b1b9-11e3-a01a-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {641591b5-b1b9-11e3-a01a-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {9e5bb555-da94-11e3-8d4e-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {a5fb125f-b263-11e3-8811-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {bf5d4414-bc9b-11e3-b64f-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {bf5d441e-bc9b-11e3-b64f-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {c2acc54c-bc21-11e3-a28d-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {c2acc55a-bc21-11e3-a28d-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {d1bb43d7-e237-11e3-a9e4-e0cb4e08ecc4} - H:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-16] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
BootExecute: autocheck autochk *
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 193.138.78.116 193.138.78.117
Tcpip\..\Interfaces\{2E8EE573-BC64-475D-BD7F-928B928D1CDB}: [DhcpNameServer] 193.138.78.116 193.138.78.117
Tcpip\..\Interfaces\{C564284E-BDAC-4203-BC73-7F02E06C09B5}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F0EF4696-3CE2-40D4-8248-311949BC1F25}: [DhcpNameServer] 193.138.78.116 193.138.78.117
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2408723159-1701991956-2330629455-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2408723159-1701991956-2330629455-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-13] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-04] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-13] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> F:\Programy\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-04] (Oracle Corporation)
BHO-x32: No Name -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2408723159-1701991956-2330629455-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-11-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-03-05] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-14] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-14] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-16] [not signed]
FF HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Petr\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Petr\AppData\Roaming\IDM\idmmzcc5 [2015-11-09] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-06]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-06]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-09]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-02]
CHR Extension: (Quasitime Planner) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkcedclncbfkjgoongjcdipmmcaplh [2015-07-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Windowed Calendar for Google Calendar) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\papanocfdnodmiedhkfeeebiljceceel [2015-08-20]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-06]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Ask Search) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2015-08-07]
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-07]
CHR Extension: (Docs) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-07]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-07]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-07]
CHR Extension: (Freemake Video Downloader) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2015-08-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-07]
CHR Extension: (Adobe Acrobat - Vytvořit PDF) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-08-07]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2015-08-07]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-07]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-07]
CHR Extension: (IDM Integration Module) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-08-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-07]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-07]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-05-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-26]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 2GISUpdateService; F:\Programy\2gis\3.0\2GISUpdateService.exe [3820568 2014-07-25] (Double GIS LLC)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-16] (AVAST Software)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4940760 2012-09-04] (CANON INC.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-23] (Dropbox, Inc.)
R2 EaseUS Agent; C:\Programy\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Guard Agent; C:\Programy\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 MSSQL$MAXIMIZER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAXIMIZER\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S3 MSSQLFDLauncher$MAXIMIZER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAXIMIZER\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation)
S3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 ReportServer$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2180960 2011-06-17] (Microsoft Corporation)
S4 SQLAgent$MAXIMIZER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAXIMIZER\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-16] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-07-15] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-16] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-27] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [61000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] () [File not signed]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-11-11] (Glarysoft Ltd)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 {1e3cbb53-e197-4e2a-92c5-00bc91f79189}Gw64; system32\drivers\{1e3cbb53-e197-4e2a-92c5-00bc91f79189}Gw64.sys [X]
S1 {1e3cbb53-e197-4e2a-92c5-00bc91f79189}w64; system32\drivers\{1e3cbb53-e197-4e2a-92c5-00bc91f79189}w64.sys [X]
S1 {847c2db9-6f00-49b6-896c-0d969fee7b00}w64; system32\drivers\{847c2db9-6f00-49b6-896c-0d969fee7b00}w64.sys [X]
S1 {ab53d71f-2c3d-48d9-a758-51265fe59ee6}Gw64; system32\drivers\{ab53d71f-2c3d-48d9-a758-51265fe59ee6}Gw64.sys [X]
S1 {b082a895-f2bc-40a0-9735-d7592e9e422c}w64; system32\drivers\{b082a895-f2bc-40a0-9735-d7592e9e422c}w64.sys [X]
S1 {b0aa2e34-2206-4d3d-8f9b-da4d3c817ee7}Gw64; system32\drivers\{b0aa2e34-2206-4d3d-8f9b-da4d3c817ee7}Gw64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-09 16:57 - 2015-11-09 16:57 - 00000000 ____D C:\Users\Petr\Desktop\FRST-OlderVersion
2015-11-09 14:50 - 2015-11-09 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-11-04 22:15 - 2015-11-09 16:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-04 22:15 - 2015-11-08 17:51 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-04 21:12 - 2015-11-04 21:12 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-04 21:12 - 2015-11-04 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-04 20:57 - 2015-11-04 21:15 - 00000000 ____D C:\Users\Petr\AppData\Roaming\.minecraft
2015-11-04 20:57 - 2015-11-04 20:57 - 00000000 ____D C:\Users\Petr\AppData\Roaming\java
2015-11-03 08:46 - 2015-11-09 10:01 - 00002740 _____ C:\Windows\System32\Tasks\AutoKMSDaily
2015-11-02 16:23 - 2015-11-02 16:23 - 00277256 _____ C:\Windows\Minidump\110215-21403-01.dmp
2015-11-01 12:19 - 2015-11-01 12:19 - 00277256 _____ C:\Windows\Minidump\110115-21106-01.dmp
2015-10-30 19:00 - 2015-10-30 19:00 - 00277256 _____ C:\Windows\Minidump\103015-25880-01.dmp
2015-10-29 18:57 - 2015-10-29 18:57 - 00000520 _____ C:\Windows\PFRO.log
2015-10-29 18:07 - 2015-10-29 18:07 - 00277256 _____ C:\Windows\Minidump\102915-21216-01.dmp
2015-10-28 11:51 - 2015-10-28 11:51 - 00003288 _____ C:\Users\Petr\Desktop\AdwCleaner[S2]_log.zip
2015-10-28 11:24 - 2015-10-31 10:52 - 00000000 ____D C:\AdwCleaner
2015-10-28 11:24 - 2015-10-28 11:23 - 01694208 _____ C:\Users\Petr\Desktop\adwcleaner_5.015.exe
2015-10-26 13:55 - 2015-10-26 13:55 - 00023169 _____ C:\Users\Petr\Desktop\FRST&Addition.zip
2015-10-26 13:42 - 2015-10-26 13:43 - 00050456 _____ C:\Users\Petr\Desktop\Addition.txt
2015-10-26 13:41 - 2015-11-09 16:59 - 00032230 _____ C:\Users\Petr\Desktop\FRST.txt
2015-10-26 13:41 - 2015-11-09 16:59 - 00000000 ____D C:\FRST
2015-10-26 13:40 - 2015-11-09 16:57 - 02198528 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-10-25 13:03 - 2015-10-25 13:03 - 00277296 _____ C:\Windows\Minidump\102515-20560-01.dmp
2015-10-25 12:12 - 2015-10-25 12:12 - 00277256 _____ C:\Windows\Minidump\102515-19780-01.dmp
2015-10-24 15:34 - 2015-10-24 15:35 - 00277296 _____ C:\Windows\Minidump\102415-20888-01.dmp
2015-10-24 14:19 - 2015-10-24 14:19 - 00277288 _____ C:\Windows\Minidump\102415-21918-01.dmp
2015-10-24 13:58 - 2015-10-24 13:58 - 00277288 _____ C:\Windows\Minidump\102415-21933-01.dmp
2015-10-23 19:51 - 2015-10-23 19:51 - 00277256 _____ C:\Windows\Minidump\102315-22479-01.dmp
2015-10-23 11:30 - 2015-11-09 10:01 - 00000000 ___RD C:\Users\Petr\Dropbox
2015-10-23 11:30 - 2015-10-23 11:30 - 00001230 _____ C:\Users\Petr\Desktop\Dropbox.lnk
2015-10-23 11:19 - 2015-10-23 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-23 11:17 - 2015-10-23 11:17 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Dropbox
2015-10-23 11:13 - 2015-11-09 16:18 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-23 11:13 - 2015-11-09 12:21 - 00000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-23 11:13 - 2015-11-09 10:01 - 00000000 ____D C:\Users\Petr\AppData\Local\Dropbox
2015-10-23 11:13 - 2015-10-23 11:19 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-23 11:13 - 2015-10-23 11:13 - 00003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-10-23 11:13 - 2015-10-23 11:13 - 00003648 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-10-23 11:13 - 2015-10-23 11:13 - 00000000 ____D C:\ProgramData\Dropbox
2015-10-21 18:33 - 2015-10-21 18:33 - 00277256 _____ C:\Windows\Minidump\102115-38033-01.dmp
2015-10-21 07:46 - 2015-11-09 10:01 - 00016979 _____ C:\Windows\AutoKMS.log
2015-10-21 07:44 - 2015-11-09 09:58 - 00003024 _____ C:\Windows\setupact.log
2015-10-21 07:44 - 2015-10-21 07:44 - 00000000 _____ C:\Windows\setuperr.log
2015-10-20 21:46 - 2015-10-20 21:46 - 00000000 ____D C:\Windows\pss
2015-10-20 17:14 - 2015-10-22 16:20 - 00012172 _____ C:\Users\Petr\Documents\SportDirect.xlsx
2015-10-16 12:58 - 2015-10-16 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NN eKalkulačka NN CZ
2015-10-16 08:28 - 2015-10-16 08:28 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-16 08:28 - 2015-10-16 08:28 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-15 10:54 - 2015-10-15 10:54 - 00000000 ____D C:\Users\Petr\AppData\Local\FastStone
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-09 16:52 - 2014-03-05 14:50 - 00000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2015-11-09 16:09 - 2014-01-17 19:50 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-09 13:09 - 2009-07-26 19:41 - 00807390 _____ C:\Windows\system32\perfh005.dat
2015-11-09 13:09 - 2009-07-26 19:41 - 00193164 _____ C:\Windows\system32\perfc005.dat
2015-11-09 13:09 - 2009-07-14 06:13 - 01973474 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-09 10:05 - 2009-07-14 05:45 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-09 10:05 - 2009-07-14 05:45 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-09 10:01 - 2014-03-05 12:47 - 00000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
2015-11-09 10:01 - 2014-03-05 12:47 - 00000198 _____ C:\Windows\Tasks\AutoKMS.job
2015-11-09 10:01 - 2014-03-05 12:42 - 00078848 _____ C:\Windows\KMSEmulator.exe
2015-11-09 09:59 - 2014-01-17 19:50 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-09 09:58 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-09 00:13 - 2014-01-17 17:44 - 01776751 _____ C:\Windows\WindowsUpdate.log
2015-11-08 20:46 - 2014-06-29 22:26 - 00000000 ____D C:\Users\Petr\AppData\Roaming\KeePass
2015-11-08 17:51 - 2014-01-21 14:49 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-08 17:51 - 2014-01-21 14:49 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-08 11:17 - 2014-01-17 21:57 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-08 11:17 - 2014-01-17 21:57 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-04 22:15 - 2014-01-21 14:49 - 00000000 ____D C:\Users\Petr\AppData\Local\Adobe
2015-11-04 22:07 - 2015-06-20 19:02 - 00000000 ____D C:\Users\Petr\AppData\Local\Battle.net
2015-11-04 21:12 - 2014-10-22 18:56 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-02 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-02 16:23 - 2014-02-10 22:19 - 00000000 ____D C:\Windows\Minidump
2015-10-31 10:39 - 2014-01-17 21:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-30 10:56 - 2015-01-09 11:36 - 00000000 ____D C:\Users\Petr\Documents\HypoKalk
2015-10-30 10:48 - 2014-01-23 10:10 - 00000000 ____D C:\Users\Petr\Desktop\Programky
2015-10-29 18:57 - 2009-07-14 06:08 - 00032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-29 17:31 - 2014-01-17 19:49 - 00000000 ____D C:\Users\Petr\AppData\Local\Deployment
2015-10-29 15:35 - 2014-10-07 10:34 - 00000000 ___RD C:\Users\Petr\Desktop\Fondy
2015-10-23 11:30 - 2014-01-17 18:01 - 00000000 ____D C:\Users\Petr
2015-10-23 10:44 - 2014-05-18 16:14 - 00000000 ____D C:\Users\Petr\Desktop\AFC
2015-10-23 10:41 - 2015-04-02 12:53 - 00796672 _____ (Qsc) C:\Windows\GPInstall.exe
2015-10-20 23:42 - 2014-01-19 00:33 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Audacity
2015-10-20 21:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windoooows.old
2015-10-20 21:37 - 2014-06-15 18:19 - 00000000 ____D C:\ProgramData\Oracle
2015-10-20 21:10 - 2015-08-29 15:26 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-10-20 21:04 - 2015-08-25 13:39 - 00000000 ____D C:\Users\Petr\.oracle_jre_usage
2015-10-20 16:11 - 2015-05-21 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-16 08:28 - 2014-05-11 16:30 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-16 08:28 - 2014-01-17 21:57 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-15 10:54 - 2015-01-29 11:59 - 00000000 ____D C:\Users\Petr\AppData\Roaming\FastStone
==================== Files in the root of some directories =======
2015-08-16 17:43 - 2015-08-16 17:43 - 0001757 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel
2015-08-16 16:47 - 2015-08-26 13:35 - 0000088 __RSH () C:\ProgramData\4806F6D995.sys
2014-03-05 12:53 - 2014-03-05 13:03 - 0001262 _____ () C:\ProgramData\hpzinstall.log
2015-08-16 16:47 - 2015-08-26 13:36 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\CRMUpdater.exe
C:\Users\Petr\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt4tmpg.dll
C:\Users\Petr\AppData\Local\Temp\Ionic.Zip.dll
C:\Users\Petr\AppData\Local\Temp\jre-8u65-windows-au.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-01 14:13
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vypne se wi-fi a seká se notas
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {320656cf-c86f-11e3-8c88-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {62a504b5-d6c2-11e3-b307-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {641591a7-b1b9-11e3-a01a-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {641591b5-b1b9-11e3-a01a-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {9e5bb555-da94-11e3-8d4e-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {a5fb125f-b263-11e3-8811-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {bf5d4414-bc9b-11e3-b64f-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {bf5d441e-bc9b-11e3-b64f-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {c2acc54c-bc21-11e3-a28d-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {c2acc55a-bc21-11e3-a28d-e0cb4e08ecc4} - E:\Autorun.exe
HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\...\MountPoints2: {d1bb43d7-e237-11e3-a9e4-e0cb4e08ecc4} - H:\Autorun.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2408723159-1701991956-2330629455-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
BHO-x32: No Name -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> No File
Toolbar: HKU\S-1-5-21-2408723159-1701991956-2330629455-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
C:\Windows\System32\Tasks\AutoKMSDaily
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\AutoKMS.job
C:\Windows\Tasks\AutoKMSDaily.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\KMSEmulator.exe
C:\ProgramData\4806F6D995.sys
C:\ProgramData\KGyGaAvL.sys
C:\Users\Petr\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?