Dobrý den,
známá mi přinesla notebook syna, že mu vypadává Internet. Zhruba po patnácti minutách připojení dojde k nečekanému ukončení Služby BFE (Base Filtering Engine), Služby DPS (Diagnostic Policy Service), a Brány Windows Firewall. Bohužel netuším, jak dlouho tento stav trvá. Určitě by se mohlo jednat o nějakého škodíka, tak prosím o kontrolu logu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015
Ran by Daniel (administrator) on PC-DAN (19-11-2015 19:53:18)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Daniel\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-19] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {87039144-852c-11e5-8418-382c4a391083} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {8d27b7f1-b6e6-11e4-8268-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {dae3f4a6-1810-11e5-8272-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-19] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2DBA2CA6-3F73-4F8F-B275-B1BCE57385E3}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{7AB3DDDA-338E-4A18-A721-780638906725}: [DhcpNameServer] 77.237.128.2 77.237.128.1
Internet Explorer:
==================
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-19] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-19] (AVAST Software)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-19]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=C211CZ885D20150613&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Dokumenty Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-19]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-19]
CHR Extension: (Tabulky Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-19] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-19] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-19] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-19 19:53 - 2015-11-19 19:53 - 00014322 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-11-19 19:53 - 2015-11-19 19:53 - 00000000 ____D C:\FRST
2015-11-19 19:50 - 2015-11-19 19:50 - 00112640 _____ (forum.viry.cz) C:\Users\Daniel\Desktop\FRSTLauncher.exe
2015-11-19 19:45 - 2015-11-19 19:45 - 02008576 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-11-19 19:10 - 2015-11-19 19:08 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\asw33C5.tmp
2015-11-19 19:10 - 2015-11-19 19:08 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-19 19:10 - 2015-11-19 19:08 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\asw33D5.tmp
2015-11-19 19:10 - 2015-11-19 19:08 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\asw33D6.tmp
2015-11-19 19:10 - 2015-11-19 19:08 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\asw33C3.tmp
2015-11-19 19:10 - 2015-11-19 19:08 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\asw33B1.tmp
2015-11-19 19:10 - 2015-11-19 19:08 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\asw33C4.tmp
2015-11-19 19:10 - 2015-11-19 19:08 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw33B2.tmp
2015-11-19 19:10 - 2015-11-19 19:07 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw33A0.tmp
2015-11-19 19:08 - 2015-11-19 19:10 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-19 19:08 - 2015-11-19 19:08 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-19 19:08 - 2015-11-19 19:08 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00001940 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-19 19:08 - 2015-11-19 19:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2015-11-19 19:08 - 2015-11-19 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-11-19 19:08 - 2015-11-19 19:07 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-19 19:06 - 2015-11-19 19:06 - 00000000 ____D C:\Program Files\AVAST Software
2015-11-19 19:05 - 2015-11-19 19:05 - 05084256 _____ (AVAST Software) C:\Users\Daniel\Downloads\avast_free_antivirus_setup_online.exe
2015-11-19 19:05 - 2015-11-19 19:05 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-19 18:41 - 2015-11-19 18:56 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-11-19 18:41 - 2015-11-19 18:56 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-11-19 18:41 - 2015-11-19 18:41 - 00003382 _____ C:\Windows\System32\Tasks\Update Checker
2015-11-18 22:49 - 2015-11-18 22:49 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection0D795358-DBFD-4F9A-A67D-308C46F24A5D
2015-11-18 00:15 - 2015-11-18 00:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection496AAAF4-4965-48EC-A350-80048AF06EA7
2015-11-17 22:10 - 2015-11-17 22:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionFAF22315-96FB-4F1F-A832-1262A5FEEC02
2015-11-15 15:11 - 2015-11-15 15:11 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionB0A6302C-4FF4-414A-98B6-13D890A304B3
2015-11-14 23:25 - 2015-11-14 23:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection84C53395-4123-455C-9E54-FA1AD20FFCD1
2015-11-12 15:39 - 2015-11-12 15:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection5C2585FE-459B-47A9-BA43-EA5C991E7CC6
2015-11-11 22:15 - 2015-11-11 22:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionD82E5B3D-8DAC-4E52-A78F-15DBFFD0CEE6
2015-11-11 21:54 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 21:54 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 21:54 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 21:54 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 21:54 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 21:54 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-11 21:54 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-11 15:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 15:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 15:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 15:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 15:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 15:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 15:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 15:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 15:03 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 15:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 15:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 15:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 15:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 15:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 15:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 15:03 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 15:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 15:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 15:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 15:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 15:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 15:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 15:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 15:03 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 15:03 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 15:03 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 15:03 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 15:03 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 15:03 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 15:03 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 15:03 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 15:03 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 15:03 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 15:03 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 15:03 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 15:03 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 15:03 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 15:03 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 15:03 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 15:03 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 15:03 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 15:03 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 15:03 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 15:03 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 15:03 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 15:03 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 15:03 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 15:03 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 15:03 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 15:03 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 15:03 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 15:03 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 15:03 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 15:03 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 15:03 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 15:03 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 15:03 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 15:03 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 15:03 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 15:02 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 15:02 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 15:02 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 15:02 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 15:02 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 15:02 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 15:02 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-11 14:49 - 2015-11-11 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection4E63D9C3-541D-461B-82EE-2674459CFAB6
2015-11-10 22:04 - 2015-11-10 22:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection056E62A7-C3BE-4CBC-AFB1-6DB1D11F393A
2015-11-10 19:56 - 2015-11-10 19:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionF41FDD33-FE03-4BBA-AA8C-592950BFBF39
2015-11-09 19:24 - 2015-11-09 19:24 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionB1E9682C-D1D3-4F7F-8283-130940138288
2015-11-08 12:41 - 2015-11-08 12:56 - 00000000 ____D C:\Users\Daniel\Desktop\Iphone 4s
2015-11-08 00:25 - 2015-11-08 00:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection232C63C4-A00F-46A4-9998-FC428FEAFA8F
2015-11-07 13:32 - 2015-11-07 13:37 - 00000000 ____D C:\Users\Daniel\Desktop\100MEDIA
2015-11-07 10:15 - 2015-11-07 10:15 - 00011730 _____ C:\Users\Daniel\Downloads\Tisk_20151107101141.txt
2015-11-07 09:48 - 2015-11-07 09:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionBA26558D-B382-46F5-BED7-CE7DD26815E3
2015-11-06 16:58 - 2015-11-06 16:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection56D1C446-C23F-4A60-B6F9-C07A70343101
2015-11-05 12:45 - 2015-11-05 12:45 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionBBCB6256-1CA8-486B-85D7-E3FFB66EFCA5
2015-11-04 18:27 - 2015-11-04 18:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection117912F5-B907-4867-AF38-2492BC937F8C
2015-11-04 13:06 - 2015-11-04 13:06 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection4316DBA7-1F61-4322-9EE8-F4F23A89AE7E
2015-11-04 12:48 - 2015-11-04 12:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionF3B35CE4-9E01-49A6-A2ED-ED968BEEE35F
2015-11-04 11:18 - 2015-11-04 11:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionC84DAA03-65B4-49A8-9DC7-A5AD7F674D94
2015-11-03 21:41 - 2015-11-03 21:41 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection41916081-B0A1-48FB-B110-F90A384B800C
2015-11-03 15:28 - 2015-11-03 15:28 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection2C4AC01E-D0EA-42C5-8F08-6A51A51C0902
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini
2015-11-01 00:19 - 2015-11-01 00:19 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionE512D5E1-7D58-474D-91BF-406AB1F27A22
2015-10-30 21:56 - 2015-10-30 21:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection6378718B-A7AF-4E69-A63D-BF753513A2E8
2015-10-30 20:04 - 2015-10-30 20:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection4194B8AC-2F52-4E03-BDC5-6C9E2CBC8204
2015-10-29 21:33 - 2015-10-29 21:33 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection5A735051-63DA-43FD-8A27-E61ACA198E6D
2015-10-28 10:13 - 2015-10-28 10:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionC76D50F5-1D8A-4565-8D6A-35915DBD3FCB
2015-10-28 09:23 - 2015-10-28 09:23 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection1BF7697F-5836-4836-9AC0-D66F55FDB8D9
2015-10-25 23:25 - 2015-10-25 23:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionB7E4D398-906E-4095-B90C-4254F137A174
2015-10-25 16:14 - 2015-10-25 16:14 - 00104488 _____ C:\Users\Daniel\Downloads\captcha.wav
2015-10-25 12:44 - 2015-10-25 12:44 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection80FF1A27-8E97-4A53-B66B-FF99FE930E30
2015-10-22 18:15 - 2015-10-22 18:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection54CD4089-529E-4D23-8917-56EE9F7F98FF
2015-10-22 10:25 - 2015-10-22 10:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionA9C370BA-5EB9-4149-A179-CB9B4916222C
2015-10-20 14:04 - 2015-10-20 14:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionDC77CF8A-44C7-4FA8-A700-D065F3FB209B
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-19 19:48 - 2015-01-06 17:05 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-19 19:28 - 2014-10-10 03:11 - 01435164 _____ C:\Windows\WindowsUpdate.log
2015-11-19 19:10 - 2014-04-23 08:02 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-11-19 19:10 - 2014-04-23 08:02 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-11-19 19:10 - 2014-03-18 16:25 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-19 19:09 - 2014-10-10 09:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3422045874-1349782759-2688165060-1001
2015-11-19 19:06 - 2015-07-13 09:29 - 00694784 ___SH C:\Users\Daniel\Downloads\Thumbs.db
2015-11-19 19:04 - 2015-01-06 17:05 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-19 19:04 - 2014-10-10 09:02 - 00000093 _____ C:\Users\Daniel\AppData\Roaming\sp_data.sys
2015-11-19 19:04 - 2014-10-10 03:39 - 00000000 ____D C:\ProgramData\McAfee
2015-11-19 19:04 - 2013-08-22 15:46 - 00090603 _____ C:\Windows\setupact.log
2015-11-19 19:04 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-19 19:03 - 2014-03-18 09:13 - 00029806 _____ C:\Windows\PFRO.log
2015-11-19 19:00 - 2015-07-06 11:49 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2015-11-19 19:00 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-19 19:00 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-11-19 18:41 - 2014-04-23 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-11-19 18:41 - 2014-04-23 09:53 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-11-19 18:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-11-19 13:57 - 2014-12-29 17:42 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB70FC21-A691-4C09-8381-8169255F0179}
2015-11-18 13:31 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-16 15:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-12 16:05 - 2013-08-22 15:44 - 00482280 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 16:00 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-12 15:59 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-12 11:06 - 2015-01-06 20:11 - 00000000 ____D C:\Windows\system32\MRT
2015-11-12 10:57 - 2015-01-06 20:11 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-08 00:25 - 2015-03-31 14:28 - 02838016 ___SH C:\Users\Daniel\Desktop\Thumbs.db
2015-11-07 13:31 - 2015-01-02 19:59 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-11-03 15:55 - 2015-10-19 19:45 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-03 15:52 - 2015-10-19 19:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-03 01:23 - 2015-05-15 20:16 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-05-15 20:16 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-28 10:16 - 2015-01-07 13:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-28 09:31 - 2015-01-07 13:35 - 00003094 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3422045874-1349782759-2688165060-1001
2015-10-28 09:31 - 2015-01-07 13:35 - 00000000 ___RD C:\Users\Daniel\OneDrive
==================== Files in the root of some directories =======
2014-10-10 09:02 - 2015-11-19 19:04 - 0000093 _____ () C:\Users\Daniel\AppData\Roaming\sp_data.sys
2014-10-10 03:25 - 2014-10-10 03:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-23 09:53 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-04-23 09:53 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-04-23 09:53 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\0248451447955819mcinst.exe
C:\Users\Daniel\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Daniel\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Daniel\AppData\Local\Temp\TouchURL.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-08 03:49
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:121.14 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:258.22 GB) NTFS
Available physical RAM: 2515.24 MB
Total physical RAM: 3982.53 MB
Percentage of memory in use: 36%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6781DDB5)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Daniel\Desktop" je 6710 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Služba BFE (Base Filtering Engine) byla nečekaně ukončena
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Služba BFE (Base Filtering Engine) byla nečekaně ukončena
- Přílohy
-
- Addition.zip
- Addition.zip
- (6.07 KiB) Staženo 106 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
Log z AdwCleaner:
# AdwCleaner v5.021 - Logfile created 19/11/2015 at 21:20:37
# Updated 14/11/2015 by Xplode
# Database : 2015-11-19.3 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : Daniel - PC-DAN
# Running from : C:\Users\Daniel\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[-] File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [935 bytes] ##########
# AdwCleaner v5.021 - Logfile created 19/11/2015 at 21:20:37
# Updated 14/11/2015 by Xplode
# Database : 2015-11-19.3 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : Daniel - PC-DAN
# Running from : C:\Users\Daniel\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[-] File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [935 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015
Ran by Daniel (administrator) on PC-DAN (19-11-2015 21:34:33)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(forum.viry.cz) C:\Users\Daniel\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-19] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {87039144-852c-11e5-8418-382c4a391083} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {8d27b7f1-b6e6-11e4-8268-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {dae3f4a6-1810-11e5-8272-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-19] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2DBA2CA6-3F73-4F8F-B275-B1BCE57385E3}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{7AB3DDDA-338E-4A18-A721-780638906725}: [DhcpNameServer] 77.237.128.2 77.237.128.1
Internet Explorer:
==================
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-19] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-19] (AVAST Software)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-19]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=C211CZ885D20150613&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Dokumenty Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-19]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-19]
CHR Extension: (Tabulky Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-19] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-19] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-19 21:34 - 2015-11-19 21:35 - 00014157 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-11-19 21:33 - 2015-11-19 21:33 - 00112640 _____ (forum.viry.cz) C:\Users\Daniel\Desktop\FRSTLauncher.exe
2015-11-19 21:22 - 2015-11-19 21:22 - 516701228 _____ C:\Windows\MEMORY.DMP
2015-11-19 21:22 - 2015-11-19 21:22 - 00284296 _____ C:\Windows\Minidump\111915-41687-01.dmp
2015-11-19 21:22 - 2015-11-19 21:22 - 00000000 ____D C:\Windows\Minidump
2015-11-19 21:17 - 2015-11-19 21:20 - 00000000 ____D C:\AdwCleaner
2015-11-19 21:16 - 2015-11-19 21:16 - 01732096 _____ C:\Users\Daniel\Desktop\adwcleaner_5.021.exe
2015-11-19 20:23 - 2015-11-19 20:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-19 20:23 - 2015-11-19 20:23 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-19 20:23 - 2015-11-19 20:23 - 00001049 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-19 20:23 - 2015-11-19 20:23 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TeamViewer
2015-11-19 20:14 - 2015-11-19 20:14 - 08206600 _____ (TeamViewer GmbH) C:\Users\Daniel\Downloads\TeamViewer_Setup_cs.exe
2015-11-19 19:53 - 2015-11-19 21:34 - 00000000 ____D C:\FRST
2015-11-19 19:45 - 2015-11-19 19:45 - 02008576 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-11-19 19:10 - 2015-11-19 19:08 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-19 19:08 - 2015-11-19 19:10 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-19 19:08 - 2015-11-19 19:08 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-19 19:08 - 2015-11-19 19:08 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00001940 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-19 19:08 - 2015-11-19 19:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2015-11-19 19:08 - 2015-11-19 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-11-19 19:08 - 2015-11-19 19:07 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-19 19:06 - 2015-11-19 19:06 - 00000000 ____D C:\Program Files\AVAST Software
2015-11-19 19:05 - 2015-11-19 19:05 - 05084256 _____ (AVAST Software) C:\Users\Daniel\Downloads\avast_free_antivirus_setup_online.exe
2015-11-19 19:05 - 2015-11-19 19:05 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-19 18:41 - 2015-11-19 18:56 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-11-19 18:41 - 2015-11-19 18:56 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-11-19 18:41 - 2015-11-19 18:41 - 00003382 _____ C:\Windows\System32\Tasks\Update Checker
2015-11-18 22:49 - 2015-11-18 22:49 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection0D795358-DBFD-4F9A-A67D-308C46F24A5D
2015-11-18 00:15 - 2015-11-18 00:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection496AAAF4-4965-48EC-A350-80048AF06EA7
2015-11-17 22:10 - 2015-11-17 22:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionFAF22315-96FB-4F1F-A832-1262A5FEEC02
2015-11-15 15:11 - 2015-11-15 15:11 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionB0A6302C-4FF4-414A-98B6-13D890A304B3
2015-11-14 23:25 - 2015-11-14 23:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection84C53395-4123-455C-9E54-FA1AD20FFCD1
2015-11-12 15:39 - 2015-11-12 15:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection5C2585FE-459B-47A9-BA43-EA5C991E7CC6
2015-11-11 22:15 - 2015-11-11 22:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionD82E5B3D-8DAC-4E52-A78F-15DBFFD0CEE6
2015-11-11 21:54 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 21:54 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 21:54 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 21:54 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 21:54 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 21:54 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-11 21:54 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-11 15:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 15:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 15:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 15:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 15:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 15:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 15:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 15:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 15:03 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 15:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 15:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 15:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 15:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 15:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 15:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 15:03 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 15:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 15:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 15:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 15:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 15:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 15:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 15:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 15:03 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 15:03 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 15:03 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 15:03 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 15:03 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 15:03 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 15:03 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 15:03 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 15:03 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 15:03 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 15:03 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 15:03 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 15:03 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 15:03 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 15:03 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 15:03 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 15:03 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 15:03 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 15:03 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 15:03 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 15:03 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 15:03 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 15:03 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 15:03 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 15:03 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 15:03 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 15:03 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 15:03 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 15:03 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 15:03 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 15:03 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 15:03 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 15:03 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 15:03 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 15:03 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 15:03 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 15:02 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 15:02 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 15:02 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 15:02 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 15:02 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 15:02 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 15:02 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-11 14:49 - 2015-11-11 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection4E63D9C3-541D-461B-82EE-2674459CFAB6
2015-11-10 22:04 - 2015-11-10 22:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection056E62A7-C3BE-4CBC-AFB1-6DB1D11F393A
2015-11-10 19:56 - 2015-11-10 19:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionF41FDD33-FE03-4BBA-AA8C-592950BFBF39
2015-11-09 19:24 - 2015-11-09 19:24 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionB1E9682C-D1D3-4F7F-8283-130940138288
2015-11-08 12:41 - 2015-11-08 12:56 - 00000000 ____D C:\Users\Daniel\Desktop\Iphone 4s
2015-11-08 00:25 - 2015-11-08 00:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection232C63C4-A00F-46A4-9998-FC428FEAFA8F
2015-11-07 13:32 - 2015-11-07 13:37 - 00000000 ____D C:\Users\Daniel\Desktop\100MEDIA
2015-11-07 10:15 - 2015-11-07 10:15 - 00011730 _____ C:\Users\Daniel\Downloads\Tisk_20151107101141.txt
2015-11-07 09:48 - 2015-11-07 09:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionBA26558D-B382-46F5-BED7-CE7DD26815E3
2015-11-06 16:58 - 2015-11-06 16:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection56D1C446-C23F-4A60-B6F9-C07A70343101
2015-11-05 12:45 - 2015-11-05 12:45 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionBBCB6256-1CA8-486B-85D7-E3FFB66EFCA5
2015-11-04 18:27 - 2015-11-04 18:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection117912F5-B907-4867-AF38-2492BC937F8C
2015-11-04 13:06 - 2015-11-04 13:06 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection4316DBA7-1F61-4322-9EE8-F4F23A89AE7E
2015-11-04 12:48 - 2015-11-04 12:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionF3B35CE4-9E01-49A6-A2ED-ED968BEEE35F
2015-11-04 11:18 - 2015-11-04 11:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionC84DAA03-65B4-49A8-9DC7-A5AD7F674D94
2015-11-03 21:41 - 2015-11-03 21:41 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection41916081-B0A1-48FB-B110-F90A384B800C
2015-11-03 15:28 - 2015-11-03 15:28 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection2C4AC01E-D0EA-42C5-8F08-6A51A51C0902
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini
2015-11-01 00:19 - 2015-11-01 00:19 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionE512D5E1-7D58-474D-91BF-406AB1F27A22
2015-10-30 21:56 - 2015-10-30 21:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection6378718B-A7AF-4E69-A63D-BF753513A2E8
2015-10-30 20:04 - 2015-10-30 20:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection4194B8AC-2F52-4E03-BDC5-6C9E2CBC8204
2015-10-29 21:33 - 2015-10-29 21:33 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection5A735051-63DA-43FD-8A27-E61ACA198E6D
2015-10-28 10:13 - 2015-10-28 10:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionC76D50F5-1D8A-4565-8D6A-35915DBD3FCB
2015-10-28 09:23 - 2015-10-28 09:23 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection1BF7697F-5836-4836-9AC0-D66F55FDB8D9
2015-10-25 23:25 - 2015-10-25 23:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionB7E4D398-906E-4095-B90C-4254F137A174
2015-10-25 16:14 - 2015-10-25 16:14 - 00104488 _____ C:\Users\Daniel\Downloads\captcha.wav
2015-10-25 12:44 - 2015-10-25 12:44 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection80FF1A27-8E97-4A53-B66B-FF99FE930E30
2015-10-22 18:15 - 2015-10-22 18:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection54CD4089-529E-4D23-8917-56EE9F7F98FF
2015-10-22 10:25 - 2015-10-22 10:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionA9C370BA-5EB9-4149-A179-CB9B4916222C
2015-10-20 14:04 - 2015-10-20 14:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionDC77CF8A-44C7-4FA8-A700-D065F3FB209B
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-19 21:29 - 2014-04-23 08:02 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-11-19 21:29 - 2014-04-23 08:02 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-11-19 21:29 - 2014-03-18 16:25 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-19 21:28 - 2014-10-10 09:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3422045874-1349782759-2688165060-1001
2015-11-19 21:25 - 2014-10-10 03:11 - 01476257 _____ C:\Windows\WindowsUpdate.log
2015-11-19 21:23 - 2015-01-06 17:05 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-19 21:23 - 2014-10-10 09:02 - 00000093 _____ C:\Users\Daniel\AppData\Roaming\sp_data.sys
2015-11-19 21:22 - 2014-03-18 09:13 - 00030142 _____ C:\Windows\PFRO.log
2015-11-19 21:22 - 2013-08-22 15:46 - 00090719 _____ C:\Windows\setupact.log
2015-11-19 21:22 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-19 21:22 - 2013-08-22 15:44 - 00483024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-19 20:48 - 2015-01-06 17:05 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-19 20:31 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-19 20:02 - 2014-12-29 17:42 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB70FC21-A691-4C09-8381-8169255F0179}
2015-11-19 19:06 - 2015-07-13 09:29 - 00694784 ___SH C:\Users\Daniel\Downloads\Thumbs.db
2015-11-19 19:04 - 2014-10-10 03:39 - 00000000 ____D C:\ProgramData\McAfee
2015-11-19 19:00 - 2015-07-06 11:49 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2015-11-19 19:00 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-19 19:00 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-11-19 18:41 - 2014-04-23 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-11-19 18:41 - 2014-04-23 09:53 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-11-19 18:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-11-18 13:31 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-16 15:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-12 16:00 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-12 15:59 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-12 11:06 - 2015-01-06 20:11 - 00000000 ____D C:\Windows\system32\MRT
2015-11-12 10:57 - 2015-01-06 20:11 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-08 00:25 - 2015-03-31 14:28 - 02838016 ___SH C:\Users\Daniel\Desktop\Thumbs.db
2015-11-07 13:31 - 2015-01-02 19:59 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-11-03 15:55 - 2015-10-19 19:45 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-03 15:52 - 2015-10-19 19:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-03 01:23 - 2015-05-15 20:16 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-05-15 20:16 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-28 10:16 - 2015-01-07 13:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-28 09:31 - 2015-01-07 13:35 - 00003094 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3422045874-1349782759-2688165060-1001
2015-10-28 09:31 - 2015-01-07 13:35 - 00000000 ___RD C:\Users\Daniel\OneDrive
==================== Files in the root of some directories =======
2014-10-10 09:02 - 2015-11-19 21:23 - 0000093 _____ () C:\Users\Daniel\AppData\Roaming\sp_data.sys
2014-10-10 03:25 - 2014-10-10 03:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-23 09:53 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-04-23 09:53 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-04-23 09:53 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Daniel\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll
C:\Users\Daniel\AppData\Local\Temp\TouchURL.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-19 20:13
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:119.46 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:257.9 GB) NTFS
Available physical RAM: 2866.73 MB
Total physical RAM: 3982.53 MB
Percentage of memory in use: 28%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6781DDB5)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Daniel\Desktop" je 6712 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015
Ran by Daniel (administrator) on PC-DAN (19-11-2015 21:34:33)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(forum.viry.cz) C:\Users\Daniel\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-19] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {87039144-852c-11e5-8418-382c4a391083} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {8d27b7f1-b6e6-11e4-8268-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {dae3f4a6-1810-11e5-8272-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-19] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2DBA2CA6-3F73-4F8F-B275-B1BCE57385E3}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{7AB3DDDA-338E-4A18-A721-780638906725}: [DhcpNameServer] 77.237.128.2 77.237.128.1
Internet Explorer:
==================
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-19] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-19] (AVAST Software)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-19]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=C211CZ885D20150613&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Dokumenty Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-19]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-19]
CHR Extension: (Tabulky Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-19] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-19] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-19 21:34 - 2015-11-19 21:35 - 00014157 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-11-19 21:33 - 2015-11-19 21:33 - 00112640 _____ (forum.viry.cz) C:\Users\Daniel\Desktop\FRSTLauncher.exe
2015-11-19 21:22 - 2015-11-19 21:22 - 516701228 _____ C:\Windows\MEMORY.DMP
2015-11-19 21:22 - 2015-11-19 21:22 - 00284296 _____ C:\Windows\Minidump\111915-41687-01.dmp
2015-11-19 21:22 - 2015-11-19 21:22 - 00000000 ____D C:\Windows\Minidump
2015-11-19 21:17 - 2015-11-19 21:20 - 00000000 ____D C:\AdwCleaner
2015-11-19 21:16 - 2015-11-19 21:16 - 01732096 _____ C:\Users\Daniel\Desktop\adwcleaner_5.021.exe
2015-11-19 20:23 - 2015-11-19 20:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-19 20:23 - 2015-11-19 20:23 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-19 20:23 - 2015-11-19 20:23 - 00001049 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-19 20:23 - 2015-11-19 20:23 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TeamViewer
2015-11-19 20:14 - 2015-11-19 20:14 - 08206600 _____ (TeamViewer GmbH) C:\Users\Daniel\Downloads\TeamViewer_Setup_cs.exe
2015-11-19 19:53 - 2015-11-19 21:34 - 00000000 ____D C:\FRST
2015-11-19 19:45 - 2015-11-19 19:45 - 02008576 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-11-19 19:10 - 2015-11-19 19:08 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-19 19:08 - 2015-11-19 19:10 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-19 19:08 - 2015-11-19 19:08 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-19 19:08 - 2015-11-19 19:08 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-19 19:08 - 2015-11-19 19:08 - 00001940 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-19 19:08 - 2015-11-19 19:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2015-11-19 19:08 - 2015-11-19 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-11-19 19:08 - 2015-11-19 19:07 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-19 19:06 - 2015-11-19 19:06 - 00000000 ____D C:\Program Files\AVAST Software
2015-11-19 19:05 - 2015-11-19 19:05 - 05084256 _____ (AVAST Software) C:\Users\Daniel\Downloads\avast_free_antivirus_setup_online.exe
2015-11-19 19:05 - 2015-11-19 19:05 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-19 18:41 - 2015-11-19 18:56 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-11-19 18:41 - 2015-11-19 18:56 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-11-19 18:41 - 2015-11-19 18:41 - 00003382 _____ C:\Windows\System32\Tasks\Update Checker
2015-11-18 22:49 - 2015-11-18 22:49 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection0D795358-DBFD-4F9A-A67D-308C46F24A5D
2015-11-18 00:15 - 2015-11-18 00:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection496AAAF4-4965-48EC-A350-80048AF06EA7
2015-11-17 22:10 - 2015-11-17 22:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionFAF22315-96FB-4F1F-A832-1262A5FEEC02
2015-11-15 15:11 - 2015-11-15 15:11 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionB0A6302C-4FF4-414A-98B6-13D890A304B3
2015-11-14 23:25 - 2015-11-14 23:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection84C53395-4123-455C-9E54-FA1AD20FFCD1
2015-11-12 15:39 - 2015-11-12 15:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection5C2585FE-459B-47A9-BA43-EA5C991E7CC6
2015-11-11 22:15 - 2015-11-11 22:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionD82E5B3D-8DAC-4E52-A78F-15DBFFD0CEE6
2015-11-11 21:54 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 21:54 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 21:54 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 21:54 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 21:54 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 21:54 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-11 21:54 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-11 15:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 15:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 15:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 15:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 15:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 15:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 15:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 15:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 15:03 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 15:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 15:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 15:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 15:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 15:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 15:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 15:03 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 15:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 15:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 15:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 15:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 15:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 15:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 15:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 15:03 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 15:03 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 15:03 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 15:03 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 15:03 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 15:03 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 15:03 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 15:03 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 15:03 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 15:03 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 15:03 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 15:03 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 15:03 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 15:03 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 15:03 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 15:03 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 15:03 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 15:03 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 15:03 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 15:03 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 15:03 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 15:03 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 15:03 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 15:03 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 15:03 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 15:03 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 15:03 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 15:03 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 15:03 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 15:03 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 15:03 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 15:03 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 15:03 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 15:03 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 15:03 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 15:03 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 15:03 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 15:02 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 15:02 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 15:02 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 15:02 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 15:02 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 15:02 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 15:02 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-11 14:49 - 2015-11-11 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection4E63D9C3-541D-461B-82EE-2674459CFAB6
2015-11-10 22:04 - 2015-11-10 22:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection056E62A7-C3BE-4CBC-AFB1-6DB1D11F393A
2015-11-10 19:56 - 2015-11-10 19:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionF41FDD33-FE03-4BBA-AA8C-592950BFBF39
2015-11-09 19:24 - 2015-11-09 19:24 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionB1E9682C-D1D3-4F7F-8283-130940138288
2015-11-08 12:41 - 2015-11-08 12:56 - 00000000 ____D C:\Users\Daniel\Desktop\Iphone 4s
2015-11-08 00:25 - 2015-11-08 00:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection232C63C4-A00F-46A4-9998-FC428FEAFA8F
2015-11-07 13:32 - 2015-11-07 13:37 - 00000000 ____D C:\Users\Daniel\Desktop\100MEDIA
2015-11-07 10:15 - 2015-11-07 10:15 - 00011730 _____ C:\Users\Daniel\Downloads\Tisk_20151107101141.txt
2015-11-07 09:48 - 2015-11-07 09:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionBA26558D-B382-46F5-BED7-CE7DD26815E3
2015-11-06 16:58 - 2015-11-06 16:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection56D1C446-C23F-4A60-B6F9-C07A70343101
2015-11-05 12:45 - 2015-11-05 12:45 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionBBCB6256-1CA8-486B-85D7-E3FFB66EFCA5
2015-11-04 18:27 - 2015-11-04 18:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection117912F5-B907-4867-AF38-2492BC937F8C
2015-11-04 13:06 - 2015-11-04 13:06 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection4316DBA7-1F61-4322-9EE8-F4F23A89AE7E
2015-11-04 12:48 - 2015-11-04 12:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionF3B35CE4-9E01-49A6-A2ED-ED968BEEE35F
2015-11-04 11:18 - 2015-11-04 11:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionC84DAA03-65B4-49A8-9DC7-A5AD7F674D94
2015-11-03 21:41 - 2015-11-03 21:41 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection41916081-B0A1-48FB-B110-F90A384B800C
2015-11-03 15:28 - 2015-11-03 15:28 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection2C4AC01E-D0EA-42C5-8F08-6A51A51C0902
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini
2015-11-01 00:19 - 2015-11-01 00:19 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionE512D5E1-7D58-474D-91BF-406AB1F27A22
2015-10-30 21:56 - 2015-10-30 21:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection6378718B-A7AF-4E69-A63D-BF753513A2E8
2015-10-30 20:04 - 2015-10-30 20:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection4194B8AC-2F52-4E03-BDC5-6C9E2CBC8204
2015-10-29 21:33 - 2015-10-29 21:33 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection5A735051-63DA-43FD-8A27-E61ACA198E6D
2015-10-28 10:13 - 2015-10-28 10:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionC76D50F5-1D8A-4565-8D6A-35915DBD3FCB
2015-10-28 09:23 - 2015-10-28 09:23 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection1BF7697F-5836-4836-9AC0-D66F55FDB8D9
2015-10-25 23:25 - 2015-10-25 23:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionB7E4D398-906E-4095-B90C-4254F137A174
2015-10-25 16:14 - 2015-10-25 16:14 - 00104488 _____ C:\Users\Daniel\Downloads\captcha.wav
2015-10-25 12:44 - 2015-10-25 12:44 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection80FF1A27-8E97-4A53-B66B-FF99FE930E30
2015-10-22 18:15 - 2015-10-22 18:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetection54CD4089-529E-4D23-8917-56EE9F7F98FF
2015-10-22 10:25 - 2015-10-22 10:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionA9C370BA-5EB9-4149-A179-CB9B4916222C
2015-10-20 14:04 - 2015-10-20 14:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\TempTaskUpdateDetectionDC77CF8A-44C7-4FA8-A700-D065F3FB209B
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-19 21:29 - 2014-04-23 08:02 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-11-19 21:29 - 2014-04-23 08:02 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-11-19 21:29 - 2014-03-18 16:25 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-19 21:28 - 2014-10-10 09:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3422045874-1349782759-2688165060-1001
2015-11-19 21:25 - 2014-10-10 03:11 - 01476257 _____ C:\Windows\WindowsUpdate.log
2015-11-19 21:23 - 2015-01-06 17:05 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-19 21:23 - 2014-10-10 09:02 - 00000093 _____ C:\Users\Daniel\AppData\Roaming\sp_data.sys
2015-11-19 21:22 - 2014-03-18 09:13 - 00030142 _____ C:\Windows\PFRO.log
2015-11-19 21:22 - 2013-08-22 15:46 - 00090719 _____ C:\Windows\setupact.log
2015-11-19 21:22 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-19 21:22 - 2013-08-22 15:44 - 00483024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-19 20:48 - 2015-01-06 17:05 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-19 20:31 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-19 20:02 - 2014-12-29 17:42 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB70FC21-A691-4C09-8381-8169255F0179}
2015-11-19 19:06 - 2015-07-13 09:29 - 00694784 ___SH C:\Users\Daniel\Downloads\Thumbs.db
2015-11-19 19:04 - 2014-10-10 03:39 - 00000000 ____D C:\ProgramData\McAfee
2015-11-19 19:00 - 2015-07-06 11:49 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2015-11-19 19:00 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-19 19:00 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-11-19 18:41 - 2014-04-23 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-11-19 18:41 - 2014-04-23 09:53 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-11-19 18:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-11-18 13:31 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-16 15:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-12 16:00 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-12 15:59 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-12 11:06 - 2015-01-06 20:11 - 00000000 ____D C:\Windows\system32\MRT
2015-11-12 10:57 - 2015-01-06 20:11 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-08 00:25 - 2015-03-31 14:28 - 02838016 ___SH C:\Users\Daniel\Desktop\Thumbs.db
2015-11-07 13:31 - 2015-01-02 19:59 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-11-03 15:55 - 2015-10-19 19:45 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-03 15:52 - 2015-10-19 19:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-03 01:23 - 2015-05-15 20:16 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-05-15 20:16 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-28 10:16 - 2015-01-07 13:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-28 09:31 - 2015-01-07 13:35 - 00003094 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3422045874-1349782759-2688165060-1001
2015-10-28 09:31 - 2015-01-07 13:35 - 00000000 ___RD C:\Users\Daniel\OneDrive
==================== Files in the root of some directories =======
2014-10-10 09:02 - 2015-11-19 21:23 - 0000093 _____ () C:\Users\Daniel\AppData\Roaming\sp_data.sys
2014-10-10 03:25 - 2014-10-10 03:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-23 09:53 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-04-23 09:53 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-04-23 09:53 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Daniel\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll
C:\Users\Daniel\AppData\Local\Temp\TouchURL.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-19 20:13
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:119.46 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:257.9 GB) NTFS
Available physical RAM: 2866.73 MB
Total physical RAM: 3982.53 MB
Percentage of memory in use: 28%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6781DDB5)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Daniel\Desktop" je 6712 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- Addition.zip
- (5.98 KiB) Staženo 121 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {87039144-852c-11e5-8418-382c4a391083} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {8d27b7f1-b6e6-11e4-8268-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {dae3f4a6-1810-11e5-8272-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
C:\Windows\system32\ApnDatabase.xml
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\DP45977C.lfl
C:\Users\Daniel\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
Log:
Fix result of Farbar Recovery Scan Tool (x64) Version:19-11-2015
Ran by Daniel (2015-11-20 06:26:21) Run:1
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {87039144-852c-11e5-8418-382c4a391083} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {8d27b7f1-b6e6-11e4-8268-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {dae3f4a6-1810-11e5-8272-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
C:\Windows\system32\ApnDatabase.xml
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\DP45977C.lfl
C:\Users\Daniel\AppData\Local\Temp
End
*****************
"HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87039144-852c-11e5-8418-382c4a391083}" => key removed successfully
HKCR\CLSID\{87039144-852c-11e5-8418-382c4a391083} => key not found.
"HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d27b7f1-b6e6-11e4-8268-3010b386debd}" => key removed successfully
HKCR\CLSID\{8d27b7f1-b6e6-11e4-8268-3010b386debd} => key not found.
"HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dae3f4a6-1810-11e5-8272-3010b386debd}" => key removed successfully
HKCR\CLSID\{dae3f4a6-1810-11e5-8272-3010b386debd} => key not found.
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
C:\Windows\system32\ApnDatabase.xml => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Daniel\AppData\Local\Temp => moved successfully
==== End of Fixlog 06:26:23 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:19-11-2015
Ran by Daniel (2015-11-20 06:26:21) Run:1
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {87039144-852c-11e5-8418-382c4a391083} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {8d27b7f1-b6e6-11e4-8268-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\...\MountPoints2: {dae3f4a6-1810-11e5-8272-3010b386debd} - "F:\HTC_Sync_Manager_PC.exe"
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3422045874-1349782759-2688165060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
C:\Windows\system32\ApnDatabase.xml
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\DP45977C.lfl
C:\Users\Daniel\AppData\Local\Temp
End
*****************
"HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87039144-852c-11e5-8418-382c4a391083}" => key removed successfully
HKCR\CLSID\{87039144-852c-11e5-8418-382c4a391083} => key not found.
"HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d27b7f1-b6e6-11e4-8268-3010b386debd}" => key removed successfully
HKCR\CLSID\{8d27b7f1-b6e6-11e4-8268-3010b386debd} => key not found.
"HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dae3f4a6-1810-11e5-8272-3010b386debd}" => key removed successfully
HKCR\CLSID\{dae3f4a6-1810-11e5-8272-3010b386debd} => key not found.
HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3422045874-1349782759-2688165060-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
C:\Windows\system32\ApnDatabase.xml => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Daniel\AppData\Local\Temp => moved successfully
==== End of Fixlog 06:26:23 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
Služby padají stále, ale teď už "jen" po jedné hodině vždy v celou.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
MBAM zde:
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 20. 11. 2015
Čas skenování: 19:48
Protokol: MBAM.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.11.20.05
Databáze rootkitů: v2015.11.14.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Daniel
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 315846
Uplynulý čas: 20 min, 42 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 20. 11. 2015
Čas skenování: 19:48
Protokol: MBAM.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.11.20.05
Databáze rootkitů: v2015.11.14.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Daniel
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 315846
Uplynulý čas: 20 min, 42 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
Virový problém to zřejmě nebude. Zkuste obnobu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
I tak moc děkuji za pomoc, bál jsem se toho, že to bude nabořený systém.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Služba BFE (Base Filtering Engine) byla nečekaně ukončen
I to může být pravda, záleží na tom, zda pomůže ta obnova.Ikvous píše:I tak moc děkuji za pomoc, bál jsem se toho, že to bude nabořený systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?