Po startu Windows mi v poslední době vyskočí vytížení disku na 100%. Toto trvá do 3 minut. Poté již počítač funguje normálně. Nejvíce vytěžuje disk "systém" a "Hostitel služby: Místní systém".
# AdwCleaner v5.019 - Logfile created 11/11/2015 at 08:28:28
# Updated 08/11/2015 by Xplode
# Database : 2015-11-09.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Ondra - LENOVO-PC
# Running from : C:\Users\Ondra\Downloads\adwcleaner_5.019.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\Users\Ondra\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Ondra\AppData\Roaming\RHEng
***** [ Files ] *****
[-] File Deleted : C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage
[-] File Deleted : C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage-journal
[-] File Deleted : C:\Users\Ondra\AppData\Local\Temp\task.vbs
[-] File Deleted : C:\windows\SysNative\VisualDiscoveryOff.ini
[-] File Deleted : C:\windows\SysWOW64\VisualDiscovery.ini
[-] File Deleted : C:\windows\SysWOW64\VisualDiscoveryOff.ini
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.WFPCONTROLLER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.WFPCONTROLLER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.READONLYMANAGER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.READONLYMANAGER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.LSPLOGIC.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.LSPLOGIC
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEHOLDER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEHOLDER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEFIELDS.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEFIELDS
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLE.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLE
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTROLLER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTROLLER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTAINER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTAINER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7E113543-A829-4010-9E67-230D1F48F5D4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{54936DF6-3CE0-4598-B93F-16A9BA914C1A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7E113543-A829-4010-9E67-230D1F48F5D4}
[-] Key Deleted : HKCU\Software\SweetLabs App Platform
[-] Key Deleted : HKLM\SOFTWARE\VisualDiscovery
[-] Key Deleted : HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
[-] Key Deleted : HKLM\SOFTWARE\LENOVO\VisualDiscovery
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7708 bytes] ##########
Poté log z FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Ondra (administrator) on LENOVO-PC (14-11-2015 13:19:30)
Running from C:\Users\Ondra\Downloads
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 8.1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(TODO: <公司名>) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
() C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
() C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Pokki) C:\Users\Ondra\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe
() C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-03-25] (Realtek semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [702808 2014-04-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2015-02-11] ()
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-02-11] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-02-11] (Lenovo)
HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [559896 2014-11-05] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Lenovo Recommends] => C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe [119280 2014-01-10] (Lenovo)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-08] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\RunOnce: [Application Restart #3] => C:\Users\Ondra\AppData\Local\Pokki\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-cli (the data entry has 571 more characters).
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\MountPoints2: {2c7aeb92-76f8-11e5-8269-54ee753eeba4} - "E:\setup.exe"
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-26] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-09-26] (Amazon Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-28] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29595E9A-961F-40CF-8357-FBA86814B835}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{473C36EA-4906-48B3-9478-6748CDED08DC}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=16194
HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> DefaultScope {C717B524-A4C0-4801-B38E-66FD80C72BC8} URL =
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {0862F15F-B48B-4E05-81B5-76A45308DEA0} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {34DCFC21-D903-40B8-98CD-C9772EBFF63C} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {526E8015-E951-41E4-BB9C-1A31A652DE31} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {563181E2-FA27-45D5-9EA7-B000FD75365C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {6CB9AF3F-FBC2-4CBC-9068-72D5A5878046} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {7708BAA1-54A9-4F68-9B39-5C8524DE5561} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {7E317C27-EA07-4F0F-937F-6CE9922B1174} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {BCF408D7-8CA3-49C6-9CAE-A1B60DB32713} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_151021__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {C717B524-A4C0-4801-B38E-66FD80C72BC8} URL =
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {D29DBF4F-6F22-46A7-96BB-BD4C48768200} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-11-11] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-28] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-11-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-28] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Loot Find -> {b99604a6-a864-4b48-a1e0-63048b520129} -> C:\Program Files (x86)\Loot Find\Extensions\b99604a6-a864-4b48-a1e0-63048b520129.dll => No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-01] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-11-11] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-11-11] (Microsoft Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2011-11-28] (ParallelGraphics)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-21] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-28] [not signed]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-21]
CHR Extension: (Dokumenty Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-21]
CHR Extension: (Disk Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast SafePrice) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-01]
CHR Extension: (Tabulky Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-21]
CHR Extension: (Avast Online Security) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Loot Find) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc [2015-10-21] [UpdateUrl: hxxp://cdn.lootfind.net/update] <==== ATTENTION
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-21]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-28]
Opera:
=======
OPR Extension: (Loot Find) - C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc [2015-10-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2014-04-11] (Alps Electric Co., Ltd.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-28] (AVAST Software)
R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-08-06] (Lenovo Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [654776 2015-06-01] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2015-09-02] (Dassault Systèmes) [File not signed]
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [194328 2014-10-14] (Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1122744 2015-06-01] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-09] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-15] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-11-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-10-10] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2495768 2014-11-04] (TODO: <公司名>)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2005320 2014-10-13] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [727536 2014-08-06] (Lenovo Corporation)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-02-11] ()
R2 LenovoRecommends.AppService; C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe [19440 2014-01-10] ()
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
R3 LenovoUpdate; C:\Windows\System32\LenovoUpdate.exe [26608 2015-11-12] (Lenovo)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-26] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1871784 2015-09-28] (Maxthon)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19438920 2014-09-09] (NVIDIA Corporation)
R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-05] (Lenovo(beijing) Limited)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [524552 2014-05-28] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-02-11] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-02-11] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-02-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2015-02-11] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-28] (AVAST Software)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-21] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 Fastboot; C:\Windows\System32\Drivers\Fastboot.sys [70168 2014-10-14] (Windows (R) Win 7 DDK provider) [File not signed]
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-17] (GenesysLogic)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-11] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
R3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-11] (Intel Corporation)
R3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-11] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [222664 2014-09-15] (Intel Corporation)
R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-05] ()
R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-05] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3482600 2014-11-06] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9113304 2014-03-25] (Realtek Semiconductor Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-05-15] (TuneUp Software)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [32024 2014-02-12] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 fumodsac; \??\C:\windows\system32\drivers\fumodsac.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-14 13:19 - 2015-11-14 13:20 - 00031875 _____ C:\Users\Ondra\Downloads\FRST.txt
2015-11-14 13:19 - 2015-11-14 13:19 - 00000000 ____D C:\FRST
2015-11-14 13:18 - 2015-11-14 13:18 - 02198528 _____ (Farbar) C:\Users\Ondra\Downloads\FRST64.exe
2015-11-14 13:12 - 2015-11-14 13:12 - 00062931 _____ C:\Users\Ondra\Desktop\neodvetr_strecha.jpeg
2015-11-14 13:11 - 2015-11-14 13:11 - 00127373 _____ C:\Users\Ondra\Desktop\travnatestrechy.jpeg
2015-11-13 19:07 - 2015-11-13 19:07 - 00000000 ____D C:\Users\Ondra\Desktop\Nová složka
2015-11-13 18:42 - 2015-11-13 18:42 - 00002709 _____ C:\Users\Ondra\AppData\Local\recently-used.xbel
2015-11-13 16:32 - 2015-11-14 13:17 - 00011508 _____ C:\Users\Ondra\Desktop\Společenskovědní text.odt
2015-11-13 16:31 - 2015-11-13 16:31 - 00000000 ____D C:\Users\Ondra\Documents\Vlastní šablony Office
2015-11-11 12:52 - 2015-11-11 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 12:51 - 2015-11-11 12:51 - 01104576 _____ (Microsoft Corporation) C:\Users\Ondra\Downloads\Setup.X86.cs-CZ_O365ProPlusRetail_6b186216-ff3c-4388-a222-6ea4204c6be4_TX_PR_b_3_.exe
2015-11-11 12:51 - 2015-11-11 12:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-11 08:53 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2015-11-11 08:53 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
2015-11-11 08:53 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2015-11-11 08:53 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-11-11 08:53 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-11-11 08:53 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2015-11-11 08:53 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2015-11-11 08:46 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-11-11 08:46 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-11-11 08:46 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2015-11-11 08:46 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2015-11-11 08:46 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2015-11-11 08:46 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-11-11 08:46 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:46 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:46 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:46 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-11-11 08:46 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-11-11 08:46 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-11-11 08:46 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-11-11 08:46 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-11-11 08:46 - 2015-09-12 14:47 - 00414559 _____ C:\windows\system32\ApnDatabase.xml
2015-11-11 08:45 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-11-11 08:45 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-11-11 08:45 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-11-11 08:45 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-11-11 08:45 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-11-11 08:45 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-11-11 08:45 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-11-11 08:45 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-11-11 08:45 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-11-11 08:45 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-11-11 08:45 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-11-11 08:45 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-11-11 08:45 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-11-11 08:45 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-11-11 08:45 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-11-11 08:45 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-11-11 08:45 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-11-11 08:45 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-11-11 08:45 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-11-11 08:45 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-11-11 08:45 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-11-11 08:45 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-11-11 08:45 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-11-11 08:45 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-11-11 08:45 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-11-11 08:45 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-11-11 08:45 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-11-11 08:45 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-11-11 08:45 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-11-11 08:45 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-11-11 08:45 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-11-11 08:45 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-11-11 08:45 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-11-11 08:45 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-11-11 08:45 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-11-11 08:45 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-11-11 08:45 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-11-11 08:45 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-11-11 08:45 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-11-11 08:45 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-11-11 08:45 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-11-11 08:45 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2015-11-11 08:45 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2015-11-11 08:45 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2015-11-11 08:45 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2015-11-11 08:45 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2015-11-11 08:45 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2015-11-11 08:45 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2015-11-11 08:45 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 08:45 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2015-11-11 08:45 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2015-11-11 08:39 - 2015-11-11 08:39 - 00002249 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
2015-11-11 08:27 - 2015-11-11 08:28 - 00000000 ____D C:\AdwCleaner
2015-11-11 08:26 - 2015-11-11 08:26 - 01712128 _____ C:\Users\Ondra\Downloads\adwcleaner_5.019.exe
2015-11-08 11:25 - 2015-11-08 14:41 - 1570154496 _____ C:\Users\Ondra\Downloads\Hotel-Transylvania-2011-CZ-Dabing.avi
2015-11-01 23:56 - 2015-11-01 23:56 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Sun
2015-11-01 23:56 - 2015-11-01 23:56 - 00000000 ____D C:\Users\Ondra\.oracle_jre_usage
2015-11-01 23:54 - 2015-11-01 23:54 - 00002747 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-01 23:54 - 2015-11-01 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-01 18:34 - 2015-11-01 20:52 - 1518808686 _____ C:\Users\Ondra\Downloads\V-hlavě-(2015)-CZdabing.avi
2015-10-31 11:16 - 2015-11-13 18:42 - 00000000 ____D C:\Users\Ondra\AppData\Local\gtk-2.0
2015-10-31 11:16 - 2015-10-31 11:16 - 00000000 ____D C:\Users\Ondra\.thumbnails
2015-10-31 10:57 - 2015-10-31 10:57 - 01300936 _____ C:\Users\Ondra\Downloads\Nádraží Ondra.rar
2015-10-31 10:55 - 2015-11-11 08:35 - 00003308 _____ C:\windows\System32\Tasks\SweetLabs App Platform
2015-10-29 00:32 - 2015-10-29 00:32 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-10-28 22:29 - 2015-10-28 22:36 - 1027080672 _____ C:\Users\Ondra\Downloads\Photoshop_12_LS1.zip
2015-10-28 14:25 - 2015-10-28 14:25 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Wargaming.net
2015-10-28 12:46 - 2015-10-28 12:46 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-10-28 12:46 - 2015-10-28 12:46 - 00000000 ____D C:\Games
2015-10-28 12:45 - 2015-10-28 12:45 - 04999352 _____ (Wargaming.net ) C:\Users\Ondra\Downloads\WoT_internet_install_eu.exe
2015-10-27 21:39 - 2015-10-31 13:32 - 00000000 ____D C:\Users\Ondra\Documents\Harry Potter
2015-10-27 21:38 - 2015-10-27 21:38 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\WinRAR
2015-10-27 21:37 - 2015-10-27 21:37 - 02129208 _____ C:\Users\Ondra\Downloads\winrar-x64-521cz.exe
2015-10-27 21:37 - 2015-10-27 21:37 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-27 21:37 - 2015-10-27 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-27 21:37 - 2015-10-27 21:37 - 00000000 ____D C:\Program Files\WinRAR
2015-10-27 21:13 - 2015-10-27 21:38 - 287960053 _____ C:\Users\Ondra\Downloads\Harry-Potter-a-Kámen-mudrců-hra-cz-tit...rar
2015-10-26 21:36 - 2015-10-26 21:41 - 692558582 _____ C:\Users\Ondra\Downloads\zasilka-GPLVZADWTCFCC649.zip
2015-10-23 17:41 - 2015-10-23 17:41 - 05339440 _____ C:\Users\Ondra\Documents\severni pohled2.pln
2015-10-23 15:41 - 2015-10-23 17:04 - 05293264 _____ C:\Users\Ondra\Documents\západní pohled.pln
2015-10-23 15:41 - 2015-10-23 17:03 - 05293264 _____ C:\Users\Ondra\Documents\západní pohled.bpn
2015-10-22 15:43 - 2015-10-23 17:00 - 05262448 _____ C:\Users\Ondra\Documents\východní pohled.pln
2015-10-22 15:43 - 2015-10-23 16:53 - 05260656 _____ C:\Users\Ondra\Documents\východní pohled.bpn
2015-10-22 11:44 - 2015-10-23 17:52 - 05339968 _____ C:\Users\Ondra\Documents\severni pohled.pln
2015-10-22 11:44 - 2015-10-23 17:52 - 05339968 _____ C:\Users\Ondra\Documents\severni pohled.bpn
2015-10-22 11:25 - 2015-10-23 17:53 - 05287920 _____ C:\Users\Ondra\Documents\jižní pohled.pln
2015-10-22 11:25 - 2015-10-23 16:49 - 05277216 _____ C:\Users\Ondra\Documents\jižní pohled.bpn
2015-10-21 12:47 - 2015-10-21 13:02 - 05286400 _____ C:\Users\Ondra\Documents\Pohledy2.pln
2015-10-21 12:47 - 2015-10-21 13:02 - 05286128 _____ C:\Users\Ondra\Documents\Pohledy2.bpn
2015-10-21 10:55 - 2015-11-14 13:00 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-21 10:55 - 2015-11-14 12:00 - 00000966 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-21 10:55 - 2015-11-11 09:01 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-21 10:55 - 2015-10-21 11:33 - 00000000 ____D C:\Users\Ondra\AppData\Local\Google
2015-10-21 10:55 - 2015-10-21 10:55 - 00003942 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-21 10:55 - 2015-10-21 10:55 - 00003706 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-21 10:55 - 2015-10-21 10:55 - 00000000 ____D C:\Users\Ondra\AppData\Local\Deployment
2015-10-21 10:55 - 2015-10-21 10:55 - 00000000 ____D C:\Users\Ondra\AppData\Local\Apps\2.0
2015-10-21 10:55 - 2015-10-21 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-21 10:55 - 2015-10-21 10:55 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-21 09:57 - 2015-10-21 10:43 - 00331316 _____ C:\windows\msxml4-KB973688-enu.LOG
2015-10-21 09:56 - 2015-10-21 09:56 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-10-21 09:55 - 2015-10-21 10:43 - 00334572 _____ C:\windows\msxml4-KB954430-enu.LOG
2015-10-21 09:47 - 2015-10-21 10:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Studios
2015-10-21 09:47 - 2015-10-21 09:47 - 00000278 _____ C:\prefs.js
2015-10-21 09:47 - 2015-10-21 09:47 - 00000000 ____D C:\searchplugins
2015-10-21 09:46 - 2015-10-21 09:47 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
2015-10-21 09:46 - 2015-10-21 09:46 - 00425744 _____ (Lavasoft Limited) C:\windows\system32\LavasoftTcpService64.dll
2015-10-21 09:46 - 2015-10-21 09:46 - 00345360 _____ (Lavasoft Limited) C:\windows\SysWOW64\LavasoftTcpService.dll
2015-10-21 09:46 - 2015-10-21 09:46 - 00030264 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtlitescsibus.sys
2015-10-21 09:46 - 2015-10-21 09:46 - 00002864 _____ C:\windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-10-21 09:46 - 2015-10-21 09:46 - 00002864 _____ C:\windows\system32\LavasoftTcpServiceOff.ini
2015-10-21 09:46 - 2015-10-21 09:46 - 00000000 ____D C:\Users\Ondra\AppData\Local\Disc_Soft_Ltd
2015-10-21 09:46 - 2015-10-21 09:46 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-10-21 09:44 - 2015-10-21 09:44 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Ondra\Downloads\DTLiteInstaller (2).exe
2015-10-21 09:43 - 2015-10-21 09:43 - 00008192 _____ C:\Users\Ondra\Downloads\DTLiteInstaller (1).exe.qhx1nc9.partial
2015-10-21 09:40 - 2015-11-14 11:36 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Seznam.cz
2015-10-21 09:40 - 2015-10-21 09:40 - 01219808 _____ C:\Users\Ondra\Downloads\DAEMON Tools Lite 10 Serial Key__15022_i1718968210_il88138.exe
2015-10-21 09:40 - 2015-10-21 09:40 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-10-21 09:37 - 2015-10-21 09:46 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-10-21 09:36 - 2015-10-21 09:36 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Ondra\Downloads\DTLiteInstaller.exe
2015-10-20 21:23 - 2015-10-20 22:17 - 1815812096 _____ C:\Users\Ondra\Downloads\_Oceanofgames.com_Age_of_Empires3.iso
2015-10-15 22:27 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-15 22:27 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-15 12:32 - 2015-10-21 11:28 - 05271104 _____ C:\Users\Ondra\Documents\Pohledy.pln
2015-10-15 12:32 - 2015-10-15 12:57 - 05276752 _____ C:\Users\Ondra\Documents\Pohledy.bpn
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-14 13:02 - 2015-09-28 13:40 - 00002884 _____ C:\windows\lupdate.log
2015-11-14 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\sru
2015-11-14 12:40 - 2015-09-28 13:37 - 01372900 _____ C:\windows\WindowsUpdate.log
2015-11-14 11:34 - 2015-09-25 06:49 - 00003930 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{06C60D7B-17CC-425E-9AA8-4CA4936E1744}
2015-11-14 11:32 - 2015-09-25 06:34 - 00000000 ____D C:\Users\Ondra\AppData\Local\SweetLabs App Platform
2015-11-13 18:48 - 2015-09-28 13:17 - 00000000 ____D C:\Users\Ondra\.gimp-2.8
2015-11-13 11:35 - 2015-09-28 20:45 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-12 19:17 - 2015-02-11 21:47 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2015-11-12 19:17 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2015-11-12 19:16 - 2015-02-11 21:18 - 00740946 _____ C:\windows\system32\perfh005.dat
2015-11-12 19:16 - 2015-02-11 21:18 - 00152150 _____ C:\windows\system32\perfc005.dat
2015-11-12 19:16 - 2014-03-18 10:53 - 01749406 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-12 19:13 - 2015-02-11 21:20 - 00032744 _____ C:\windows\SysWOW64\Gms.log
2015-11-12 19:10 - 2015-09-28 13:12 - 00006563 _____ C:\windows\setupact.log
2015-11-12 19:10 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-12 19:09 - 2015-02-11 21:48 - 00002560 _____ C:\windows\system32\VfService.trf
2015-11-12 19:09 - 2015-02-11 20:22 - 00153336 _____ C:\windows\system32\wpbbin.exe
2015-11-12 19:09 - 2015-02-11 20:22 - 00111088 _____ (Lenovo (Beijing) Limited) C:\windows\system32\LenovoCheck.exe
2015-11-12 19:09 - 2015-02-11 20:22 - 00026608 _____ (Lenovo) C:\windows\system32\LenovoUpdate.exe
2015-11-12 19:08 - 2013-08-22 16:36 - 00000000 ___RD C:\windows\ToastData
2015-11-12 16:47 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2015-11-11 21:55 - 2015-09-28 13:36 - 00012360 _____ C:\windows\PFRO.log
2015-11-11 21:55 - 2013-08-22 15:44 - 00552792 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-11 14:33 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-11-11 14:31 - 2015-09-30 00:12 - 00000000 ____D C:\windows\system32\MRT
2015-11-11 14:28 - 2015-09-30 00:12 - 145617392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-11-11 13:15 - 2015-09-25 06:41 - 00003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-157143914-34706309-1526443958-1001
2015-11-11 12:51 - 2015-09-25 06:35 - 00000000 ____D C:\Users\Ondra\AppData\Local\VirtualStore
2015-11-11 11:23 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2015-11-11 08:40 - 2015-09-26 22:57 - 00002403 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-11-09 00:11 - 2015-10-12 19:23 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Skype
2015-11-08 08:50 - 2015-09-28 14:08 - 01059656 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-11-08 08:50 - 2015-09-28 14:08 - 00449992 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2015-11-06 03:53 - 2015-09-26 10:05 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-11-05 22:44 - 2015-09-28 20:45 - 00003832 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1443469534
2015-11-05 22:44 - 2015-09-28 20:45 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-04 23:39 - 2015-02-11 21:08 - 00003722 _____ C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-11-04 23:39 - 2015-02-11 21:08 - 00003476 _____ C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-11-03 22:53 - 2015-09-26 11:35 - 00000000 ____D C:\Users\Ondra\Desktop\Games
2015-11-03 19:27 - 2015-02-11 21:57 - 00000000 ____D C:\ProgramData\CyberLink
2015-11-03 16:38 - 2015-10-12 20:02 - 00000000 ____D C:\Users\Ondra\Graphisoft
2015-11-03 16:32 - 2015-09-28 11:43 - 00000000 ____D C:\Users\Ondra\AppData\Local\Popcorn-Time
2015-11-03 16:14 - 2015-10-12 20:03 - 00000000 ____D C:\Users\Ondra\Documents\BIMx
2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-01 23:56 - 2015-10-11 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-01 23:56 - 2015-09-25 06:34 - 00000000 ____D C:\Users\Ondra
2015-11-01 23:55 - 2015-10-11 20:35 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-01 23:55 - 2015-10-11 20:34 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-01 23:54 - 2015-10-12 19:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-01 23:54 - 2015-10-12 19:22 - 00000000 ____D C:\ProgramData\Skype
2015-10-31 10:55 - 2015-09-25 06:42 - 00002673 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk
2015-10-30 14:36 - 2015-09-28 14:08 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-10-27 21:57 - 2013-08-22 16:36 - 00000000 ____D C:\windows\LiveKernelReports
2015-10-27 21:38 - 2015-09-26 11:35 - 00000000 ____D C:\Users\Ondra\Desktop\Programy
2015-10-27 09:25 - 2015-02-11 21:27 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-10-21 09:42 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\GroupPolicy
2015-10-16 10:09 - 2015-10-01 12:07 - 00000000 ____D C:\windows\system32\appraiser
2015-10-16 10:09 - 2015-02-11 21:02 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-15 23:32 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
==================== Files in the root of some directories =======
2015-11-13 18:42 - 2015-11-13 18:42 - 0002709 _____ () C:\Users\Ondra\AppData\Local\recently-used.xbel
2015-02-11 21:13 - 2015-02-11 21:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-25 06:40 - 2015-09-25 21:45 - 0000021 _____ () C:\ProgramData\settings.cfg
Some files in TEMP:
====================
C:\Users\Ondra\AppData\Local\Temp\avg-d15bbc6e-f353-4051-85ee-346ef001d146.exe
C:\Users\Ondra\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Ondra\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Ondra\AppData\Local\Temp\oct499A.tmp.exe
C:\Users\Ondra\AppData\Local\Temp\oct990D.tmp.exe
C:\Users\Ondra\AppData\Local\Temp\octEB0E.tmp.exe
C:\Users\Ondra\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Ondra\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Ondra\AppData\Local\Temp\sfareca00001.dll
C:\Users\Ondra\AppData\Local\Temp\sfareca00002.dll
C:\Users\Ondra\AppData\Local\Temp\{47331A1D-CE4C-4A26-B2FF-8F9D9CD6FBCE}.dll
C:\Users\Ondra\AppData\Local\Temp\{AA20BB13-430C-47AE-8984-38AD6CC7B09B}.dll
C:\Users\Ondra\AppData\Local\Temp\{D3873399-D0F9-422F-A4D8-DD4E68BBE1C9}.dll
C:\Users\Ondra\AppData\Local\Temp\{F8B61319-3D3F-43E7-8D6F-06656427974F}.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-08 09:42
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu - Využití disku 100%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Kontrola logu - Využití disku 100%
- Přílohy
-
- Addition.zip
- (11.08 KiB) Staženo 35 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu - Využití disku 100%
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Ondra\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\MountPoints2: {2c7aeb92-76f8-11e5-8269-54ee753eeba4} - "E:\setup.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
CHR Extension: (Loot Find) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc [2015-10-21] [UpdateUrl: hxxp://cdn.lootfind.net/update] <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S1 fumodsac; \??\C:\windows\system32\drivers\fumodsac.sys [X]
C:\windows\system32\ApnDatabase.xml
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Ondra\AppData\Local\Temp
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\webcompanion.com -> hxxp://webcompanion.com
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu - Využití disku 100%
Fix result of Farbar Recovery Scan Tool (x64) Version:19-11-2015
Ran by Ondra (2015-11-20 14:24:35) Run:1
Running from C:\Users\Ondra\Downloads
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\MountPoints2: {2c7aeb92-76f8-11e5-8269-54ee753eeba4} - "E:\setup.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
CHR Extension: (Loot Find) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc [2015-10-21] [UpdateUrl: hxxp://cdn.lootfind.net/update] <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S1 fumodsac; \??\C:\windows\system32\drivers\fumodsac.sys [X]
C:\windows\system32\ApnDatabase.xml
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Ondra\AppData\Local\Temp
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\webcompanion.com -> hxxp://webcompanion.com
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c7aeb92-76f8-11e5-8269-54ee753eeba4}" => key removed successfully
HKCR\CLSID\{2c7aeb92-76f8-11e5-8269-54ee753eeba4} => key not found.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc <==== ATTENTION => not found
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
fumodsac => service removed successfully
C:\windows\system32\ApnDatabase.xml => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Users\Ondra\AppData\Local\Temp => moved successfully
"HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => key removed successfully
"HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-20 14:27:01)
"C:\ProgramData\DP45977C.lfl" => Could not move
==== End of Fixlog 14:27:01 ====
Ran by Ondra (2015-11-20 14:24:35) Run:1
Running from C:\Users\Ondra\Downloads
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\MountPoints2: {2c7aeb92-76f8-11e5-8269-54ee753eeba4} - "E:\setup.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
CHR Extension: (Loot Find) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc [2015-10-21] [UpdateUrl: hxxp://cdn.lootfind.net/update] <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S1 fumodsac; \??\C:\windows\system32\drivers\fumodsac.sys [X]
C:\windows\system32\ApnDatabase.xml
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Ondra\AppData\Local\Temp
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\webcompanion.com -> hxxp://webcompanion.com
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c7aeb92-76f8-11e5-8269-54ee753eeba4}" => key removed successfully
HKCR\CLSID\{2c7aeb92-76f8-11e5-8269-54ee753eeba4} => key not found.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc <==== ATTENTION => not found
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
fumodsac => service removed successfully
C:\windows\system32\ApnDatabase.xml => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Users\Ondra\AppData\Local\Temp => moved successfully
"HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => key removed successfully
"HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-20 14:27:01)
"C:\ProgramData\DP45977C.lfl" => Could not move
==== End of Fixlog 14:27:01 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu - Využití disku 100%
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu - Využití disku 100%
Problém se zatím nijak nezlepšil.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu - Využití disku 100%
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu - Využití disku 100%
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 22. 11. 2015
Čas skenování: 22:46
Protokol: Malwerw.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.11.22.05
Databáze rootkitů: v2015.11.22.02
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ondra
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 338338
Uplynulý čas: 12 min, 36 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 12
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\APPID\{40cddb56-1b5f-4b69-b80d-17bff56f6ff5}, , [c24b0b768308290d13df57eeb34fd42c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{40CDDB56-1B5F-4B69-B80D-17BFF56F6FF5}, , [c24b0b768308290d13df57eeb34fd42c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{40CDDB56-1B5F-4B69-B80D-17BFF56F6FF5}, , [c24b0b768308290d13df57eeb34fd42c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\APPID\{cea3f5dc-2beb-4769-a82d-db95eda174d8}, , [020b8af76d1e3bfb8f64ff4650b2fa06],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{CEA3F5DC-2BEB-4769-A82D-DB95EDA174D8}, , [020b8af76d1e3bfb8f64ff4650b2fa06],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{CEA3F5DC-2BEB-4769-A82D-DB95EDA174D8}, , [020b8af76d1e3bfb8f64ff4650b2fa06],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b99604a6-a864-4b48-a1e0-63048b520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.YahooVNM, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, , [ea23c7ba6b201a1c70b110989c6703fd],
Hodnoty registru: 1
PUP.Optional.YahooVNM, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, https://search.yahoo.com/search?fr=vmn& ... earchTerms}, , [ea23c7ba6b201a1c70b110989c6703fd]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 6
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0, , [5ab3fb860c7fa5917a8505859072fd03],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc, , [9f6ee69b870437ff25993e4d659f51af],
Soubory: 22
PUP.Optional.Amonetize, C:\Users\Ondra\Downloads\DAEMON Tools Lite 10 Serial Key__15022_i1718968210_il88138.exe, , [7895f58ca3e8fb3b60fcafb851b0da26],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscovery.log, , [f71684fdd4b79d991d69f6ae36cda65a],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscoveryr.log, , [f31aadd4315ab086d3b45a4a847f9a66],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage, , [27e6bec32e5d4de93209952d07fc52ae],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage-journal, , [14f94d34612aaa8caa91fac85aa9a15f],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_lootfind-a.akamaihd.net_0.localstorage, , [6f9e1071cac1a6904c1ba030986b1ce4],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_lootfind-a.akamaihd.net_0.localstorage-journal, , [19f4e1a01873b086e3846a669b68a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0\1, , [5ab3fb860c7fa5917a8505859072fd03],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\000003.log, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\CURRENT, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOCK, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG.old, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\MANIFEST-000001, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\manifest.json, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\background.js, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\content.js, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\icon.png, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\manifest.json, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\background.js, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\content.js, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\icon.png, , [9f6ee69b870437ff25993e4d659f51af],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 22. 11. 2015
Čas skenování: 22:46
Protokol: Malwerw.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.11.22.05
Databáze rootkitů: v2015.11.22.02
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ondra
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 338338
Uplynulý čas: 12 min, 36 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 12
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\APPID\{40cddb56-1b5f-4b69-b80d-17bff56f6ff5}, , [c24b0b768308290d13df57eeb34fd42c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{40CDDB56-1B5F-4B69-B80D-17BFF56F6FF5}, , [c24b0b768308290d13df57eeb34fd42c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{40CDDB56-1B5F-4B69-B80D-17BFF56F6FF5}, , [c24b0b768308290d13df57eeb34fd42c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\APPID\{cea3f5dc-2beb-4769-a82d-db95eda174d8}, , [020b8af76d1e3bfb8f64ff4650b2fa06],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{CEA3F5DC-2BEB-4769-A82D-DB95EDA174D8}, , [020b8af76d1e3bfb8f64ff4650b2fa06],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{CEA3F5DC-2BEB-4769-A82D-DB95EDA174D8}, , [020b8af76d1e3bfb8f64ff4650b2fa06],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b99604a6-a864-4b48-a1e0-63048b520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.YahooVNM, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, , [ea23c7ba6b201a1c70b110989c6703fd],
Hodnoty registru: 1
PUP.Optional.YahooVNM, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, https://search.yahoo.com/search?fr=vmn& ... earchTerms}, , [ea23c7ba6b201a1c70b110989c6703fd]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 6
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0, , [5ab3fb860c7fa5917a8505859072fd03],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc, , [9f6ee69b870437ff25993e4d659f51af],
Soubory: 22
PUP.Optional.Amonetize, C:\Users\Ondra\Downloads\DAEMON Tools Lite 10 Serial Key__15022_i1718968210_il88138.exe, , [7895f58ca3e8fb3b60fcafb851b0da26],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscovery.log, , [f71684fdd4b79d991d69f6ae36cda65a],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscoveryr.log, , [f31aadd4315ab086d3b45a4a847f9a66],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage, , [27e6bec32e5d4de93209952d07fc52ae],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage-journal, , [14f94d34612aaa8caa91fac85aa9a15f],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_lootfind-a.akamaihd.net_0.localstorage, , [6f9e1071cac1a6904c1ba030986b1ce4],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_lootfind-a.akamaihd.net_0.localstorage-journal, , [19f4e1a01873b086e3846a669b68a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0\1, , [5ab3fb860c7fa5917a8505859072fd03],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\000003.log, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\CURRENT, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOCK, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG.old, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\MANIFEST-000001, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\manifest.json, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\background.js, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\content.js, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\icon.png, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\manifest.json, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\background.js, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\content.js, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\icon.png, , [9f6ee69b870437ff25993e4d659f51af],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu - Využití disku 100%
Všechny nálezy smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu - Využití disku 100%
Všechny nálezy smazány, problém s využitím disku a zamrzáním přetrvává.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu - Využití disku 100%
Podívejte se do správce úloh, který proces nejvíce zatěžuje systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu - Využití disku 100%
Nejvíce vytěžuje disk "Systém" a "Hostitel služby: Místní systém".
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu - Využití disku 100%
Na zkoušku vypněte aut. aktualizace systému a přeinstalujte antivir.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu - Využití disku 100%
Zkusil jsem vypnout aktualizace Windows a přeinstalovat antivirový program Avast.
Nepozoruji žádné zlepšení.
Nepozoruji žádné zlepšení.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu - Využití disku 100%
Co jste instaloval těsně před tím, než se problém objevil?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?