Dobrý den, dnes se mi náhle v prohlížeči chrome neustále přesměrovávají stránky na nějaké reklamy a vyskakují nová okna, prosím o kontrolu logu, nejsem schopen najít příčinu.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17909 BrowserJavaVersion: 10.80.2
Run by David at 22:38:58 on 2016-03-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3954.639 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Fujitsu\PSUtility\PSUService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
C:\KMPlayer\KMPlayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Pomocná služba pro přihlášení k účtu Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: {c7c5384f-d9e9-4db1-8c72-135ecccbc571} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 82.163.142.7 95.211.158.134
TCP: NameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} : DHCPNameServer = 82.163.142.7
TCP: Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} : DHCPNameServer = 82.163.142.7
TCP: Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} : DHCPNameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}\0556E6A796F6E605271636861647963656 : DHCPNameServer = 10.255.255.10 10.255.255.20
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}\642756567596669625164696F6D294D474 : DHCPNameServer = 192.168.20.30 147.231.150.2
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}\D607 : DHCPNameServer = 10.0.0.138
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [LoadFUJ02E3] "C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe"
x64-Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
x64-Run: [LoadFujitsuQuickTouch] "C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe"
x64-Run: [LoadBtnHnd] "C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-16 65736]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-16 272248]
R0 FBIOSDRV;Fujitsu BIOS Driver;C:\Windows\System32\drivers\FBIOSDRV.sys [2012-1-10 21104]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-14 16152]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-3-16 1047320]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-3-16 442264]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-6-22 29168]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-3-16 89944]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-1-4 137288]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-6-13 343336]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2012-1-11 27648]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-3-2 225280]
R2 FUJ02E3Service;FUJ02E3Service;C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [2011-11-24 76104]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-1-18 161560]
R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-1-9 1324104]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-1-9 795208]
R2 PFNService;PFNService;C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2011-12-22 2213376]
R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2012-3-2 63856]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-1-18 363800]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-12-13 747008]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2013-1-18 31216]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-6-18 1268568]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\Windows\System32\drivers\dtlitescsibus.sys [2015-10-21 30264]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\System32\drivers\fuj02e3.sys [2010-10-12 7296]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-14 60416]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-2-8 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-14 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-14 787736]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-3-2 251496]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-27 646248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-10-18 38424]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2015-3-17 58056]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-7-18 114688]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-22 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-22 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-22 30208]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-20 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-03-05 11:49:00 -------- d-----w- C:\ProgramData\e773361e-3357-0
2016-03-05 11:44:12 -------- d-----w- C:\ProgramData\e773361e-3e25-0
2016-03-05 11:44:11 -------- d-----w- C:\ProgramData\ba9d7e16
2016-03-05 11:42:06 -------- d-----w- C:\ProgramData\{16d27376-512c-0}
2016-03-05 11:42:06 -------- d-----w- C:\ProgramData\{0a836d26-112c-0}
2016-03-05 11:42:05 -------- d-----w- C:\ProgramData\{2a6aa01e-212c-1}
2016-03-05 11:42:05 -------- d-----w- C:\ProgramData\{10992f4e-312c-1}
2016-03-04 08:46:19 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\offreg.6740.dll
2016-03-04 08:25:32 -------- d-----w- C:\Users\David\AppData\Roaming\MEGA6_6140226
2016-03-04 08:24:53 -------- d-----w- C:\Users\David\AppData\Roaming\MEGA_Global
2016-03-04 08:24:44 -------- d-----w- C:\Program Files (x86)\MEGA6
2016-03-01 21:59:47 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\offreg.5784.dll
2016-02-28 18:19:36 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\offreg.6236.dll
2016-02-23 19:13:31 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\offreg.4160.dll
2016-02-23 19:08:28 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\mpengine.dll
.
==================== Find3M ====================
.
2016-02-09 20:39:22 796864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-02-09 20:39:22 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-09 20:39:05 8817344 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
.
============= FINISH: 22:40:53,52 ===============
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosba o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 , DDS je už za zenitem.
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 , DDS je už za zenitem.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosba o kontrolu
Dobrý den, přikládám. P.S.: Po vyčištění adwcleanerem a nočním odpočinku ntb už to asi přešlo, ale i tak prosím o kontrolu, vubec netušim jak k tomu vlastně došlo.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by David (administrator) on DAVID-NTB (06-03-2016 11:20:17)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PandoraTV) C:\KMPlayer\KMPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-13] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-06-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-13] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-06-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2835022699-1091635085-3703951640-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-03] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/iq
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> clock
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (IntelÃÂÃÂÃÂî Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (IntelÃÂÃÂÃÂî Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Windows LiveÃÂÃÂÃÂÃÂ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-19]
CHR Extension: (Chrome Currency Converter) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk [2016-02-02]
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2016-02-04]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-02]
CHR Extension: (Manga Viewer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebalkdfejapnfbngpmhchkboajaofen [2016-03-02]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-02-17]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (Vyhledávání Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (Fun Switcher) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2015-02-09]
CHR Extension: (Read Later Fast) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2015-05-14]
CHR Extension: (Timer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2015-02-09]
CHR Extension: (Gmail Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-02-09]
CHR Extension: (Kalendář Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-02-02]
CHR Extension: (Zotero Connector) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-03-26]
CHR Extension: (Tabulky Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-02]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-03]
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-14]
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
CHR Extension: (PDF to Word Converter App) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclipofobaadknkadkpgggmjkebddjam [2015-02-09]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2015-02-09]
CHR Extension: (Převod měn) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2015-02-09]
CHR Extension: (Unit Convertor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf [2015-02-09]
CHR Extension: (The Great Suspender) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-05-26]
CHR Extension: (Steambirds: Survival) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2015-02-09]
CHR Extension: (Mapy Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-02]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-02-09]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-02-24]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-02-09]
CHR Extension: (Grass) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2016-03-05]
CHR Extension: (Graph.tk) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2015-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Psykopaint) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-03-26]
CHR Extension: (Connected Mind) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc [2015-02-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-13]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-13] (Avast Software s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-13] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-06 11:20 - 2016-03-06 11:20 - 00026831 _____ C:\Users\David\Desktop\FRST.txt
2016-03-06 11:20 - 2016-03-06 11:20 - 00000000 ____D C:\FRST
2016-03-06 11:18 - 2016-03-06 11:19 - 02374144 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-03-06 10:18 - 2016-03-06 10:18 - 22908888 _____ (Malwarebytes ) C:\Users\David\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-05 23:30 - 2016-03-06 00:49 - 1416899846 _____ C:\Users\David\Desktop\Drákula-Neznámá-legenda-(2014)-CZ--dabing.avi
2016-03-05 22:53 - 2016-03-05 22:53 - 01518592 _____ C:\Users\David\Desktop\adwcleaner_5.037.exe
2016-03-05 22:41 - 2016-03-05 22:41 - 00010470 _____ C:\Users\David\Desktop\attach.txt
2016-03-05 22:41 - 2016-03-05 22:40 - 00020736 _____ C:\Users\David\Desktop\dds.txt
2016-03-05 22:38 - 2016-03-05 22:38 - 00688992 ____R (Swearware) C:\Users\David\Desktop\dds.exe
2016-03-05 21:40 - 2016-03-05 21:40 - 00001076 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-05 21:23 - 2016-03-05 21:23 - 00000832 _____ C:\Users\David\AppData\Local\recently-used.xbel
2016-03-05 21:09 - 2016-03-05 23:06 - 1091749888 _____ C:\Users\David\Desktop\HOBIT-BITVA-PĚTI-ARMÁD-2014-CZ-dabing.avi
2016-03-05 20:55 - 2016-03-05 20:55 - 00023090 _____ C:\Users\David\Desktop\envy_všechny.mas
2016-03-04 12:19 - 2016-03-04 12:20 - 00000000 ____D C:\Users\David\Desktop\Cesta do vesmíru
2016-03-04 10:33 - 2016-03-05 20:55 - 00058261 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.xlsx
2016-03-04 10:25 - 2016-03-04 10:25 - 00007258 _____ C:\Users\David\Desktop\envy_všechny alig.pdf
2016-03-04 10:24 - 2016-03-04 10:24 - 00007835 _____ C:\Users\David\Desktop\envy_všechny alig.pl
2016-03-04 10:10 - 2016-03-04 10:10 - 00042272 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.csv
2016-03-04 09:51 - 2016-03-04 09:51 - 00022517 _____ C:\Users\David\Desktop\envy_všechny_alig.fas
2016-03-04 09:40 - 2016-03-04 09:40 - 00000000 _____ C:\Users\David\Desktop\envy druhej pokus.txt
2016-03-04 09:34 - 2016-03-04 09:44 - 00022863 _____ C:\Users\David\Desktop\envy_všechny.fasta
2016-03-04 09:25 - 2016-03-04 09:25 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA6_6140226
2016-03-04 09:24 - 2016-03-05 21:41 - 00000000 ____D C:\Program Files (x86)\MEGA6
2016-03-04 09:24 - 2016-03-04 09:25 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA_Global
2016-03-04 09:24 - 2016-03-04 09:24 - 00000973 _____ C:\Users\Public\Desktop\MEGA6.lnk
2016-03-04 09:24 - 2016-03-04 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA6
2016-03-04 09:23 - 2016-03-05 20:55 - 00022021 _____ C:\Users\David\Desktop\envy_všechny.txt
2016-03-04 09:23 - 2016-03-04 09:23 - 00000000 ____D C:\Users\David\Desktop\alig-2016-03-04
2016-03-04 09:22 - 2016-03-04 09:23 - 39242512 _____ C:\Users\David\Desktop\alig-2016-03-04.zip
2016-03-04 09:09 - 2016-03-04 11:38 - 1429179106 _____ C:\Users\David\Desktop\Hobit---Neočekaváná-cesta-cz.avi
2016-03-02 23:14 - 2016-03-03 00:54 - 1786076936 _____ C:\Users\David\Desktop\Hobit-Neocekavana-cesta-.2013-BDRip-CZ-Dab.avi
2016-03-02 21:23 - 2016-03-02 23:14 - 1061631414 _____ C:\Users\David\Desktop\Thor-Temný-svět-cz-(2013).avi
2016-03-02 19:53 - 2016-03-02 21:19 - 1534194616 _____ C:\Users\David\Desktop\Captain-America-První-Avenger-2011-CZ.avi
2016-03-02 19:42 - 2016-03-02 19:42 - 00603683 _____ C:\Users\David\Desktop\mcas2.ma4
2016-03-02 10:05 - 2016-03-02 10:05 - 00003928 _____ C:\Users\David\Desktop\13envu.rar
2016-03-02 10:03 - 2016-03-02 10:03 - 00405259 _____ C:\Users\David\Desktop\mcas-doma.ma4
2016-03-02 10:03 - 2016-03-02 10:03 - 00081435 _____ C:\Users\David\Desktop\strainy-doma.ma4
2016-03-01 23:21 - 2016-03-01 23:21 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (2)
2016-03-01 23:20 - 2016-03-01 23:20 - 00370551 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (2).zip
2016-03-01 23:19 - 2016-03-01 23:19 - 00000000 ____D C:\Users\David\Desktop\generálka
2016-03-01 23:15 - 2016-03-01 23:18 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (1)
2016-03-01 23:14 - 2016-03-01 23:14 - 00046835 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (1).zip
2016-03-01 22:58 - 2016-03-01 22:59 - 00024917 _____ C:\Users\David\Desktop\documents-export-2016-03-01.zip
2016-03-01 21:27 - 2016-03-02 00:26 - 1715738624 _____ C:\Users\David\Desktop\Strazci-galaxie-2014-CZ-dabing.avi
2016-03-01 19:27 - 2016-02-28 22:46 - 00000000 ____D C:\Users\David\Desktop\Legie
2016-03-01 19:21 - 2016-02-28 19:08 - 00000000 ____D C:\Users\David\Desktop\LegiePortrety
2016-03-01 19:16 - 2016-03-01 19:24 - 361254313 _____ C:\Users\David\Desktop\LegieNahled.zip
2016-03-01 19:16 - 2016-03-01 19:17 - 79731011 _____ C:\Users\David\Desktop\LegiePortrety.zip
2016-02-22 01:15 - 2016-02-24 00:40 - 00000000 ____D C:\Users\David\Desktop\filmy
2016-02-21 12:33 - 2016-02-21 12:33 - 00000000 ____D C:\Users\David\Desktop\černá zmije
2016-02-07 19:22 - 2016-02-07 19:22 - 00000000 ____D C:\Users\David\Desktop\medival virology
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-06 11:20 - 2013-01-26 18:02 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-03-06 10:58 - 2015-10-25 15:24 - 00146432 ___SH C:\Users\David\Documents\Thumbs.db
2016-03-06 10:54 - 2013-02-03 17:49 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-03-06 10:41 - 2016-02-02 18:16 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2016-03-06 10:39 - 2014-04-29 10:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-06 10:35 - 2015-02-04 02:51 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-06 10:10 - 2016-02-02 18:33 - 00000000 ____D C:\KMPlayer
2016-03-06 09:53 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 09:53 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-06 09:45 - 2012-01-10 20:08 - 00666444 _____ C:\Windows\system32\perfh005.dat
2016-03-06 09:45 - 2012-01-10 20:08 - 00140108 _____ C:\Windows\system32\perfc005.dat
2016-03-06 09:45 - 2009-07-14 06:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-06 09:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-06 09:40 - 2013-01-18 20:33 - 00000000 ___HD C:\Users\David\Documents\Youcam
2016-03-06 09:38 - 2015-02-04 02:51 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-06 09:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-05 23:12 - 2014-04-24 02:17 - 00000000 ____D C:\AdwCleaner
2016-03-05 22:59 - 2015-10-21 22:04 - 00000000 ____D C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2016-03-05 22:59 - 2013-02-01 22:12 - 00000000 ____D C:\Users\David\AppData\Roaming\Winamp
2016-03-05 22:58 - 2012-01-10 02:44 - 00000000 ____D C:\Windows\Panther
2016-03-05 21:34 - 2013-01-22 21:05 - 00000000 ____D C:\Users\David\.gimp-2.8
2016-03-05 20:59 - 2013-03-16 11:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-03-05 20:55 - 2014-01-25 20:41 - 00000000 ____D C:\VNTI Database
2016-03-04 09:36 - 2014-01-25 20:46 - 00000029 _____ C:\Windows\Vnti40.ini
2016-02-22 01:16 - 2015-10-21 21:55 - 00000000 ____D C:\Users\David\Desktop\Star-Wars-Galactic-Battlegrounds
2016-02-20 00:03 - 2013-01-18 20:39 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 22:58 - 2015-11-09 23:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 22:19 - 2015-09-06 09:18 - 00000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2016-02-14 21:33 - 2013-01-26 18:01 - 00000000 ____D C:\ProgramData\Skype
2016-02-09 21:39 - 2016-01-19 19:23 - 08817344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 21:39 - 2013-11-04 21:56 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 07:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2015-05-09 01:34 - 2015-05-11 17:25 - 0005120 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 21:45 - 2014-04-09 21:48 - 0029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE
2016-03-05 21:23 - 2016-03-05 21:23 - 0000832 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2016-01-30 02:15 - 2016-01-30 02:15 - 0000000 _____ () C:\Users\David\AppData\Local\{DEBAF0B2-1C55-4D61-AB88-CE190AB94FFC}
2013-01-22 20:26 - 2013-01-22 20:59 - 0002778 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-01 16:12
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by David (administrator) on DAVID-NTB (06-03-2016 11:20:17)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PandoraTV) C:\KMPlayer\KMPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-13] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-06-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-13] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-06-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2835022699-1091635085-3703951640-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-03] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/iq
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> clock
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (IntelÃÂÃÂÃÂî Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (IntelÃÂÃÂÃÂî Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Windows LiveÃÂÃÂÃÂÃÂ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-19]
CHR Extension: (Chrome Currency Converter) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk [2016-02-02]
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2016-02-04]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-02]
CHR Extension: (Manga Viewer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebalkdfejapnfbngpmhchkboajaofen [2016-03-02]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-02-17]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (Vyhledávání Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (Fun Switcher) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2015-02-09]
CHR Extension: (Read Later Fast) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2015-05-14]
CHR Extension: (Timer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2015-02-09]
CHR Extension: (Gmail Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-02-09]
CHR Extension: (Kalendář Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-02-02]
CHR Extension: (Zotero Connector) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-03-26]
CHR Extension: (Tabulky Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-02]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-03]
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-14]
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
CHR Extension: (PDF to Word Converter App) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclipofobaadknkadkpgggmjkebddjam [2015-02-09]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2015-02-09]
CHR Extension: (Převod měn) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2015-02-09]
CHR Extension: (Unit Convertor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf [2015-02-09]
CHR Extension: (The Great Suspender) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-05-26]
CHR Extension: (Steambirds: Survival) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2015-02-09]
CHR Extension: (Mapy Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-02]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-02-09]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-02-24]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-02-09]
CHR Extension: (Grass) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2016-03-05]
CHR Extension: (Graph.tk) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2015-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Psykopaint) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-03-26]
CHR Extension: (Connected Mind) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc [2015-02-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-13]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-13] (Avast Software s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-13] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-06 11:20 - 2016-03-06 11:20 - 00026831 _____ C:\Users\David\Desktop\FRST.txt
2016-03-06 11:20 - 2016-03-06 11:20 - 00000000 ____D C:\FRST
2016-03-06 11:18 - 2016-03-06 11:19 - 02374144 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-03-06 10:18 - 2016-03-06 10:18 - 22908888 _____ (Malwarebytes ) C:\Users\David\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-05 23:30 - 2016-03-06 00:49 - 1416899846 _____ C:\Users\David\Desktop\Drákula-Neznámá-legenda-(2014)-CZ--dabing.avi
2016-03-05 22:53 - 2016-03-05 22:53 - 01518592 _____ C:\Users\David\Desktop\adwcleaner_5.037.exe
2016-03-05 22:41 - 2016-03-05 22:41 - 00010470 _____ C:\Users\David\Desktop\attach.txt
2016-03-05 22:41 - 2016-03-05 22:40 - 00020736 _____ C:\Users\David\Desktop\dds.txt
2016-03-05 22:38 - 2016-03-05 22:38 - 00688992 ____R (Swearware) C:\Users\David\Desktop\dds.exe
2016-03-05 21:40 - 2016-03-05 21:40 - 00001076 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-05 21:23 - 2016-03-05 21:23 - 00000832 _____ C:\Users\David\AppData\Local\recently-used.xbel
2016-03-05 21:09 - 2016-03-05 23:06 - 1091749888 _____ C:\Users\David\Desktop\HOBIT-BITVA-PĚTI-ARMÁD-2014-CZ-dabing.avi
2016-03-05 20:55 - 2016-03-05 20:55 - 00023090 _____ C:\Users\David\Desktop\envy_všechny.mas
2016-03-04 12:19 - 2016-03-04 12:20 - 00000000 ____D C:\Users\David\Desktop\Cesta do vesmíru
2016-03-04 10:33 - 2016-03-05 20:55 - 00058261 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.xlsx
2016-03-04 10:25 - 2016-03-04 10:25 - 00007258 _____ C:\Users\David\Desktop\envy_všechny alig.pdf
2016-03-04 10:24 - 2016-03-04 10:24 - 00007835 _____ C:\Users\David\Desktop\envy_všechny alig.pl
2016-03-04 10:10 - 2016-03-04 10:10 - 00042272 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.csv
2016-03-04 09:51 - 2016-03-04 09:51 - 00022517 _____ C:\Users\David\Desktop\envy_všechny_alig.fas
2016-03-04 09:40 - 2016-03-04 09:40 - 00000000 _____ C:\Users\David\Desktop\envy druhej pokus.txt
2016-03-04 09:34 - 2016-03-04 09:44 - 00022863 _____ C:\Users\David\Desktop\envy_všechny.fasta
2016-03-04 09:25 - 2016-03-04 09:25 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA6_6140226
2016-03-04 09:24 - 2016-03-05 21:41 - 00000000 ____D C:\Program Files (x86)\MEGA6
2016-03-04 09:24 - 2016-03-04 09:25 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA_Global
2016-03-04 09:24 - 2016-03-04 09:24 - 00000973 _____ C:\Users\Public\Desktop\MEGA6.lnk
2016-03-04 09:24 - 2016-03-04 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA6
2016-03-04 09:23 - 2016-03-05 20:55 - 00022021 _____ C:\Users\David\Desktop\envy_všechny.txt
2016-03-04 09:23 - 2016-03-04 09:23 - 00000000 ____D C:\Users\David\Desktop\alig-2016-03-04
2016-03-04 09:22 - 2016-03-04 09:23 - 39242512 _____ C:\Users\David\Desktop\alig-2016-03-04.zip
2016-03-04 09:09 - 2016-03-04 11:38 - 1429179106 _____ C:\Users\David\Desktop\Hobit---Neočekaváná-cesta-cz.avi
2016-03-02 23:14 - 2016-03-03 00:54 - 1786076936 _____ C:\Users\David\Desktop\Hobit-Neocekavana-cesta-.2013-BDRip-CZ-Dab.avi
2016-03-02 21:23 - 2016-03-02 23:14 - 1061631414 _____ C:\Users\David\Desktop\Thor-Temný-svět-cz-(2013).avi
2016-03-02 19:53 - 2016-03-02 21:19 - 1534194616 _____ C:\Users\David\Desktop\Captain-America-První-Avenger-2011-CZ.avi
2016-03-02 19:42 - 2016-03-02 19:42 - 00603683 _____ C:\Users\David\Desktop\mcas2.ma4
2016-03-02 10:05 - 2016-03-02 10:05 - 00003928 _____ C:\Users\David\Desktop\13envu.rar
2016-03-02 10:03 - 2016-03-02 10:03 - 00405259 _____ C:\Users\David\Desktop\mcas-doma.ma4
2016-03-02 10:03 - 2016-03-02 10:03 - 00081435 _____ C:\Users\David\Desktop\strainy-doma.ma4
2016-03-01 23:21 - 2016-03-01 23:21 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (2)
2016-03-01 23:20 - 2016-03-01 23:20 - 00370551 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (2).zip
2016-03-01 23:19 - 2016-03-01 23:19 - 00000000 ____D C:\Users\David\Desktop\generálka
2016-03-01 23:15 - 2016-03-01 23:18 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (1)
2016-03-01 23:14 - 2016-03-01 23:14 - 00046835 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (1).zip
2016-03-01 22:58 - 2016-03-01 22:59 - 00024917 _____ C:\Users\David\Desktop\documents-export-2016-03-01.zip
2016-03-01 21:27 - 2016-03-02 00:26 - 1715738624 _____ C:\Users\David\Desktop\Strazci-galaxie-2014-CZ-dabing.avi
2016-03-01 19:27 - 2016-02-28 22:46 - 00000000 ____D C:\Users\David\Desktop\Legie
2016-03-01 19:21 - 2016-02-28 19:08 - 00000000 ____D C:\Users\David\Desktop\LegiePortrety
2016-03-01 19:16 - 2016-03-01 19:24 - 361254313 _____ C:\Users\David\Desktop\LegieNahled.zip
2016-03-01 19:16 - 2016-03-01 19:17 - 79731011 _____ C:\Users\David\Desktop\LegiePortrety.zip
2016-02-22 01:15 - 2016-02-24 00:40 - 00000000 ____D C:\Users\David\Desktop\filmy
2016-02-21 12:33 - 2016-02-21 12:33 - 00000000 ____D C:\Users\David\Desktop\černá zmije
2016-02-07 19:22 - 2016-02-07 19:22 - 00000000 ____D C:\Users\David\Desktop\medival virology
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-06 11:20 - 2013-01-26 18:02 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-03-06 10:58 - 2015-10-25 15:24 - 00146432 ___SH C:\Users\David\Documents\Thumbs.db
2016-03-06 10:54 - 2013-02-03 17:49 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-03-06 10:41 - 2016-02-02 18:16 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2016-03-06 10:39 - 2014-04-29 10:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-06 10:35 - 2015-02-04 02:51 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-06 10:10 - 2016-02-02 18:33 - 00000000 ____D C:\KMPlayer
2016-03-06 09:53 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 09:53 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-06 09:45 - 2012-01-10 20:08 - 00666444 _____ C:\Windows\system32\perfh005.dat
2016-03-06 09:45 - 2012-01-10 20:08 - 00140108 _____ C:\Windows\system32\perfc005.dat
2016-03-06 09:45 - 2009-07-14 06:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-06 09:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-06 09:40 - 2013-01-18 20:33 - 00000000 ___HD C:\Users\David\Documents\Youcam
2016-03-06 09:38 - 2015-02-04 02:51 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-06 09:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-05 23:12 - 2014-04-24 02:17 - 00000000 ____D C:\AdwCleaner
2016-03-05 22:59 - 2015-10-21 22:04 - 00000000 ____D C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2016-03-05 22:59 - 2013-02-01 22:12 - 00000000 ____D C:\Users\David\AppData\Roaming\Winamp
2016-03-05 22:58 - 2012-01-10 02:44 - 00000000 ____D C:\Windows\Panther
2016-03-05 21:34 - 2013-01-22 21:05 - 00000000 ____D C:\Users\David\.gimp-2.8
2016-03-05 20:59 - 2013-03-16 11:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-03-05 20:55 - 2014-01-25 20:41 - 00000000 ____D C:\VNTI Database
2016-03-04 09:36 - 2014-01-25 20:46 - 00000029 _____ C:\Windows\Vnti40.ini
2016-02-22 01:16 - 2015-10-21 21:55 - 00000000 ____D C:\Users\David\Desktop\Star-Wars-Galactic-Battlegrounds
2016-02-20 00:03 - 2013-01-18 20:39 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 22:58 - 2015-11-09 23:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 22:19 - 2015-09-06 09:18 - 00000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2016-02-14 21:33 - 2013-01-26 18:01 - 00000000 ____D C:\ProgramData\Skype
2016-02-09 21:39 - 2016-01-19 19:23 - 08817344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 21:39 - 2013-11-04 21:56 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 07:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2015-05-09 01:34 - 2015-05-11 17:25 - 0005120 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 21:45 - 2014-04-09 21:48 - 0029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE
2016-03-05 21:23 - 2016-03-05 21:23 - 0000832 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2016-01-30 02:15 - 2016-01-30 02:15 - 0000000 _____ () C:\Users\David\AppData\Local\{DEBAF0B2-1C55-4D61-AB88-CE190AB94FFC}
2013-01-22 20:26 - 2013-01-22 20:59 - 0002778 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-01 16:12
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosba o kontrolu
Přikládám dnešní a poté i včerejší log.
Dnešní:
# AdwCleaner v5.037 - Logfile created 06/03/2016 at 13:09:49
# Updated 28/02/2016 by Xplode
# Database : 2016-03-06.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : David - DAVID-NTB
# Running from : C:\Users\David\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lfmhcpmkbdkbgbmkjoiopeeegenkdikp
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [9652 bytes] - [05/03/2016 23:12:05]
C:\AdwCleaner\AdwCleaner[C2].txt - [924 bytes] - [06/03/2016 13:09:49]
C:\AdwCleaner\AdwCleaner[R1].txt - [1461 bytes] - [24/04/2014 02:17:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [11582 bytes] - [24/04/2014 05:46:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [1127 bytes] - [06/03/2016 12:57:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1216 bytes] ##########
Včerejší:
# AdwCleaner v5.037 - Logfile created 05/03/2016 at 23:12:05
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : David - DAVID-NTB
# Running from : C:\Users\David\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\Browser Stabilizer
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\ba9d7e16
[-] Folder Deleted : C:\ProgramData\d3b11a26-2693-0
[-] Folder Deleted : C:\ProgramData\d3b11a26-42f5-1
[-] Folder Deleted : C:\ProgramData\e773361e-3357-0
[-] Folder Deleted : C:\ProgramData\e773361e-3e25-0
[-] Folder Deleted : C:\ProgramData\fc61cc3bb39b4e6f
[-] Folder Deleted : C:\ProgramData\FUUn2Save
[-] Folder Deleted : C:\ProgramData\RemoveTheADApp
[-] Folder Deleted : C:\ProgramData\RoBoSaVier
[-] Folder Deleted : C:\ProgramData\{0a836d26-112c-0}
[-] Folder Deleted : C:\ProgramData\{10992f4e-312c-1}
[-] Folder Deleted : C:\ProgramData\{16d27376-512c-0}
[-] Folder Deleted : C:\ProgramData\{2a6aa01e-212c-1}
[-] Folder Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
[-] Folder Deleted : C:\Users\David\AppData\Roaming\RHEng
[-] Folder Deleted : C:\Users\David\AppData\Roaming\Opera Software\Opera Stable\Extensions\ioljdahhggdmagekkhffojlpgngehdcf
***** [ Files ] *****
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage-journal
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
[-] File Deleted : C:\Users\David\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ioljdahhggdmagekkhffojlpgngehdcf_0.localstorage
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : {A789F657-5CB2-4D7A-1E36-73E77EFD116C}
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ba9d7e16}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} [NameServer]
***** [ Web browsers ] *****
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lfmhcpmkbdkbgbmkjoiopeeegenkdikp
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [9321 bytes] - [05/03/2016 23:12:05]
C:\AdwCleaner\AdwCleaner[R1].txt - [1461 bytes] - [24/04/2014 02:17:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [11582 bytes] - [24/04/2014 05:46:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9541 bytes] ##########
Dnešní:
# AdwCleaner v5.037 - Logfile created 06/03/2016 at 13:09:49
# Updated 28/02/2016 by Xplode
# Database : 2016-03-06.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : David - DAVID-NTB
# Running from : C:\Users\David\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lfmhcpmkbdkbgbmkjoiopeeegenkdikp
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [9652 bytes] - [05/03/2016 23:12:05]
C:\AdwCleaner\AdwCleaner[C2].txt - [924 bytes] - [06/03/2016 13:09:49]
C:\AdwCleaner\AdwCleaner[R1].txt - [1461 bytes] - [24/04/2014 02:17:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [11582 bytes] - [24/04/2014 05:46:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [1127 bytes] - [06/03/2016 12:57:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1216 bytes] ##########
Včerejší:
# AdwCleaner v5.037 - Logfile created 05/03/2016 at 23:12:05
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : David - DAVID-NTB
# Running from : C:\Users\David\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\Browser Stabilizer
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\ba9d7e16
[-] Folder Deleted : C:\ProgramData\d3b11a26-2693-0
[-] Folder Deleted : C:\ProgramData\d3b11a26-42f5-1
[-] Folder Deleted : C:\ProgramData\e773361e-3357-0
[-] Folder Deleted : C:\ProgramData\e773361e-3e25-0
[-] Folder Deleted : C:\ProgramData\fc61cc3bb39b4e6f
[-] Folder Deleted : C:\ProgramData\FUUn2Save
[-] Folder Deleted : C:\ProgramData\RemoveTheADApp
[-] Folder Deleted : C:\ProgramData\RoBoSaVier
[-] Folder Deleted : C:\ProgramData\{0a836d26-112c-0}
[-] Folder Deleted : C:\ProgramData\{10992f4e-312c-1}
[-] Folder Deleted : C:\ProgramData\{16d27376-512c-0}
[-] Folder Deleted : C:\ProgramData\{2a6aa01e-212c-1}
[-] Folder Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
[-] Folder Deleted : C:\Users\David\AppData\Roaming\RHEng
[-] Folder Deleted : C:\Users\David\AppData\Roaming\Opera Software\Opera Stable\Extensions\ioljdahhggdmagekkhffojlpgngehdcf
***** [ Files ] *****
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage-journal
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
[-] File Deleted : C:\Users\David\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ioljdahhggdmagekkhffojlpgngehdcf_0.localstorage
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : {A789F657-5CB2-4D7A-1E36-73E77EFD116C}
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ba9d7e16}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} [NameServer]
***** [ Web browsers ] *****
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lfmhcpmkbdkbgbmkjoiopeeegenkdikp
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [9321 bytes] - [05/03/2016 23:12:05]
C:\AdwCleaner\AdwCleaner[R1].txt - [1461 bytes] - [24/04/2014 02:17:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [11582 bytes] - [24/04/2014 05:46:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9541 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosba o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by David (administrator) on DAVID-NTB (06-03-2016 18:32:08)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(PandoraTV) C:\KMPlayer\KMPlayer.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\Vector NTI 7.exe
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\VectorNTIExplorer.exe
() C:\Program Files (x86)\MEGA6\MEGA6.exe
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\Alignment.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\Alignment.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-13] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-06-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-13] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-06-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2835022699-1091635085-3703951640-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-03] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/iq
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> clock
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (IntelÃÂÃÂÃÂî Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (IntelÃÂÃÂÃÂî Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Windows LiveÃÂÃÂÃÂÃÂ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-19]
CHR Extension: (Chrome Currency Converter) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk [2016-02-02]
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2016-02-04]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-02]
CHR Extension: (Manga Viewer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebalkdfejapnfbngpmhchkboajaofen [2016-03-02]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-02-17]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (Vyhledávání Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (Fun Switcher) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2015-02-09]
CHR Extension: (Read Later Fast) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2015-05-14]
CHR Extension: (Timer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2015-02-09]
CHR Extension: (Gmail Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-02-09]
CHR Extension: (Kalendář Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-02-02]
CHR Extension: (Zotero Connector) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-03-26]
CHR Extension: (Tabulky Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-02]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-03]
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-14]
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
CHR Extension: (PDF to Word Converter App) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclipofobaadknkadkpgggmjkebddjam [2015-02-09]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2015-02-09]
CHR Extension: (Převod měn) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2015-02-09]
CHR Extension: (Unit Convertor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf [2015-02-09]
CHR Extension: (The Great Suspender) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-05-26]
CHR Extension: (Steambirds: Survival) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2015-02-09]
CHR Extension: (Mapy Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-02]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-02-09]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-02-24]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-02-09]
CHR Extension: (Grass) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2016-03-05]
CHR Extension: (Graph.tk) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2015-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Psykopaint) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-03-26]
CHR Extension: (Connected Mind) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc [2015-02-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-13]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-13] (Avast Software s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-13] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-06 18:28 - 2016-03-06 18:29 - 00007018 _____ C:\Users\David\Desktop\_exdata.gb
2016-03-06 15:29 - 2016-03-06 15:29 - 00018304 _____ C:\Users\David\Desktop\sample.tab
2016-03-06 15:02 - 2016-03-06 15:06 - 00018763 _____ C:\Users\David\Desktop\envy_všechny_bez_ehrs_alig.fas
2016-03-06 14:58 - 2016-03-06 14:58 - 00019052 _____ C:\Users\David\Desktop\envy_všechny_bez_ehrs.fasta
2016-03-06 14:51 - 2016-03-06 14:58 - 00018350 _____ C:\Users\David\Desktop\envy_všechny_bez_ehrs.txt
2016-03-06 14:22 - 2016-03-06 14:22 - 00332953 _____ C:\Users\David\Desktop\REL results.pdf
2016-03-06 14:09 - 2016-03-06 14:09 - 00007589 _____ C:\Users\David\Desktop\123.fas
2016-03-06 13:53 - 2016-03-06 13:53 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA6_6140226
2016-03-06 13:53 - 2016-03-06 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageMagick 6.7.5 Q16
2016-03-06 13:52 - 2016-03-06 13:52 - 39197788 _____ (Center for Evolutionary Medicine and Informatics ) C:\Users\David\Desktop\MEGA6.06_setup.exe
2016-03-06 13:40 - 2016-03-06 13:40 - 04463589 _____ C:\Users\David\Desktop\seminář.pptx
2016-03-06 13:40 - 2016-03-06 13:40 - 00000165 ____H C:\Users\David\Desktop\~$seminář.pptx
2016-03-06 13:38 - 2016-03-06 13:38 - 03830050 _____ C:\Users\David\Desktop\ehr.pptx
2016-03-06 12:13 - 2016-03-06 13:07 - 979516740 _____ C:\Users\David\Desktop\Capitan-Amerika-2-Zimny-vojak-2015-Cz-dabing.avi
2016-03-06 11:21 - 2016-03-06 11:24 - 00037064 _____ C:\Users\David\Desktop\Addition.txt
2016-03-06 11:20 - 2016-03-06 18:32 - 00026816 _____ C:\Users\David\Desktop\FRST.txt
2016-03-06 11:20 - 2016-03-06 18:32 - 00000000 ____D C:\FRST
2016-03-06 11:18 - 2016-03-06 11:19 - 02374144 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-03-06 10:18 - 2016-03-06 10:18 - 22908888 _____ (Malwarebytes ) C:\Users\David\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-05 23:30 - 2016-03-06 00:49 - 1416899846 _____ C:\Users\David\Desktop\Drákula-Neznámá-legenda-(2014)-CZ--dabing.avi
2016-03-05 22:53 - 2016-03-05 22:53 - 01518592 _____ C:\Users\David\Desktop\adwcleaner_5.037.exe
2016-03-05 22:41 - 2016-03-05 22:41 - 00010470 _____ C:\Users\David\Desktop\attach.txt
2016-03-05 22:41 - 2016-03-05 22:40 - 00020736 _____ C:\Users\David\Desktop\dds.txt
2016-03-05 22:38 - 2016-03-05 22:38 - 00688992 ____R (Swearware) C:\Users\David\Desktop\dds.exe
2016-03-05 21:40 - 2016-03-05 21:40 - 00001076 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-05 21:23 - 2016-03-05 21:23 - 00000832 _____ C:\Users\David\AppData\Local\recently-used.xbel
2016-03-05 21:09 - 2016-03-05 23:06 - 1091749888 _____ C:\Users\David\Desktop\HOBIT-BITVA-PĚTI-ARMÁD-2014-CZ-dabing.avi
2016-03-05 20:55 - 2016-03-05 20:55 - 00023090 _____ C:\Users\David\Desktop\envy_všechny.mas
2016-03-04 12:19 - 2016-03-04 12:20 - 00000000 ____D C:\Users\David\Desktop\Cesta do vesmíru
2016-03-04 10:33 - 2016-03-05 20:55 - 00058261 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.xlsx
2016-03-04 10:25 - 2016-03-04 10:25 - 00007258 _____ C:\Users\David\Desktop\envy_všechny alig.pdf
2016-03-04 10:24 - 2016-03-04 10:24 - 00007835 _____ C:\Users\David\Desktop\envy_všechny alig.pl
2016-03-04 10:10 - 2016-03-04 10:10 - 00042272 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.csv
2016-03-04 09:51 - 2016-03-04 09:51 - 00022517 _____ C:\Users\David\Desktop\envy_všechny_alig.fas
2016-03-04 09:40 - 2016-03-04 09:40 - 00000000 _____ C:\Users\David\Desktop\envy druhej pokus.txt
2016-03-04 09:34 - 2016-03-04 09:44 - 00022863 _____ C:\Users\David\Desktop\envy_všechny.fasta
2016-03-04 09:24 - 2016-03-06 13:53 - 00000000 ____D C:\Program Files (x86)\MEGA6
2016-03-04 09:24 - 2016-03-06 13:52 - 00000973 _____ C:\Users\Public\Desktop\MEGA6.lnk
2016-03-04 09:24 - 2016-03-06 13:52 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA_Global
2016-03-04 09:24 - 2016-03-06 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA6
2016-03-04 09:23 - 2016-03-05 20:55 - 00022021 _____ C:\Users\David\Desktop\envy_všechny.txt
2016-03-04 09:23 - 2016-03-04 09:23 - 00000000 ____D C:\Users\David\Desktop\alig-2016-03-04
2016-03-04 09:22 - 2016-03-04 09:23 - 39242512 _____ C:\Users\David\Desktop\alig-2016-03-04.zip
2016-03-04 09:09 - 2016-03-04 11:38 - 1429179106 _____ C:\Users\David\Desktop\Hobit---Neočekaváná-cesta-cz.avi
2016-03-02 23:14 - 2016-03-03 00:54 - 1786076936 _____ C:\Users\David\Desktop\Hobit-Neocekavana-cesta-.2013-BDRip-CZ-Dab.avi
2016-03-02 21:23 - 2016-03-02 23:14 - 1061631414 _____ C:\Users\David\Desktop\Thor-Temný-svět-cz-(2013).avi
2016-03-02 19:53 - 2016-03-02 21:19 - 1534194616 _____ C:\Users\David\Desktop\Captain-America-První-Avenger-2011-CZ.avi
2016-03-02 19:42 - 2016-03-02 19:42 - 00603683 _____ C:\Users\David\Desktop\mcas2.ma4
2016-03-02 10:05 - 2016-03-02 10:05 - 00003928 _____ C:\Users\David\Desktop\13envu.rar
2016-03-02 10:03 - 2016-03-02 10:03 - 00405259 _____ C:\Users\David\Desktop\mcas-doma.ma4
2016-03-02 10:03 - 2016-03-02 10:03 - 00081435 _____ C:\Users\David\Desktop\strainy-doma.ma4
2016-03-01 23:21 - 2016-03-01 23:21 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (2)
2016-03-01 23:20 - 2016-03-01 23:20 - 00370551 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (2).zip
2016-03-01 23:19 - 2016-03-01 23:19 - 00000000 ____D C:\Users\David\Desktop\generálka
2016-03-01 23:15 - 2016-03-01 23:18 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (1)
2016-03-01 23:14 - 2016-03-01 23:14 - 00046835 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (1).zip
2016-03-01 22:58 - 2016-03-01 22:59 - 00024917 _____ C:\Users\David\Desktop\documents-export-2016-03-01.zip
2016-03-01 21:27 - 2016-03-02 00:26 - 1715738624 _____ C:\Users\David\Desktop\Strazci-galaxie-2014-CZ-dabing.avi
2016-03-01 19:27 - 2016-02-28 22:46 - 00000000 ____D C:\Users\David\Desktop\Legie
2016-03-01 19:21 - 2016-02-28 19:08 - 00000000 ____D C:\Users\David\Desktop\LegiePortrety
2016-03-01 19:16 - 2016-03-01 19:24 - 361254313 _____ C:\Users\David\Desktop\LegieNahled.zip
2016-03-01 19:16 - 2016-03-01 19:17 - 79731011 _____ C:\Users\David\Desktop\LegiePortrety.zip
2016-02-22 01:15 - 2016-02-24 00:40 - 00000000 ____D C:\Users\David\Desktop\filmy
2016-02-21 12:33 - 2016-02-21 12:33 - 00000000 ____D C:\Users\David\Desktop\černá zmije
2016-02-07 19:22 - 2016-02-07 19:22 - 00000000 ____D C:\Users\David\Desktop\medival virology
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-06 18:29 - 2014-01-25 20:41 - 00000000 ____D C:\VNTI Database
2016-03-06 18:10 - 2013-02-03 17:49 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-03-06 18:09 - 2016-02-02 18:33 - 00000000 ____D C:\KMPlayer
2016-03-06 17:39 - 2014-04-29 10:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-06 17:34 - 2015-02-04 02:51 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-06 13:51 - 2014-01-25 20:46 - 00000029 _____ C:\Windows\Vnti40.ini
2016-03-06 13:21 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 13:21 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-06 13:18 - 2012-01-10 20:08 - 00666444 _____ C:\Windows\system32\perfh005.dat
2016-03-06 13:18 - 2012-01-10 20:08 - 00140108 _____ C:\Windows\system32\perfc005.dat
2016-03-06 13:18 - 2009-07-14 06:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-06 13:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-06 13:13 - 2013-01-18 20:33 - 00000000 ___HD C:\Users\David\Documents\Youcam
2016-03-06 13:11 - 2015-02-04 02:51 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-06 13:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-06 13:09 - 2014-04-24 02:17 - 00000000 ____D C:\AdwCleaner
2016-03-06 12:56 - 2013-01-26 18:02 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-03-06 10:58 - 2015-10-25 15:24 - 00146432 ___SH C:\Users\David\Documents\Thumbs.db
2016-03-06 10:41 - 2016-02-02 18:16 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2016-03-05 22:59 - 2015-10-21 22:04 - 00000000 ____D C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2016-03-05 22:59 - 2013-02-01 22:12 - 00000000 ____D C:\Users\David\AppData\Roaming\Winamp
2016-03-05 22:58 - 2012-01-10 02:44 - 00000000 ____D C:\Windows\Panther
2016-03-05 21:34 - 2013-01-22 21:05 - 00000000 ____D C:\Users\David\.gimp-2.8
2016-03-05 20:59 - 2013-03-16 11:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-22 01:16 - 2015-10-21 21:55 - 00000000 ____D C:\Users\David\Desktop\Star-Wars-Galactic-Battlegrounds
2016-02-20 00:03 - 2013-01-18 20:39 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 22:58 - 2015-11-09 23:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 22:19 - 2015-09-06 09:18 - 00000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2016-02-14 21:33 - 2013-01-26 18:01 - 00000000 ____D C:\ProgramData\Skype
2016-02-09 21:39 - 2016-01-19 19:23 - 08817344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 21:39 - 2013-11-04 21:56 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 07:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2015-05-09 01:34 - 2015-05-11 17:25 - 0005120 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 21:45 - 2014-04-09 21:48 - 0029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE
2016-03-05 21:23 - 2016-03-05 21:23 - 0000832 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2016-01-30 02:15 - 2016-01-30 02:15 - 0000000 _____ () C:\Users\David\AppData\Local\{DEBAF0B2-1C55-4D61-AB88-CE190AB94FFC}
2013-01-22 20:26 - 2013-01-22 20:59 - 0002778 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-01 16:12
==================== End of FRST.txt ============================
Ran by David (administrator) on DAVID-NTB (06-03-2016 18:32:08)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(PandoraTV) C:\KMPlayer\KMPlayer.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\Vector NTI 7.exe
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\VectorNTIExplorer.exe
() C:\Program Files (x86)\MEGA6\MEGA6.exe
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\Alignment.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\Alignment.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-13] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-06-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-13] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-06-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2835022699-1091635085-3703951640-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-03] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/iq
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> clock
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (IntelÃÂÃÂÃÂî Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (IntelÃÂÃÂÃÂî Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Windows LiveÃÂÃÂÃÂÃÂ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-19]
CHR Extension: (Chrome Currency Converter) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk [2016-02-02]
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2016-02-04]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-02]
CHR Extension: (Manga Viewer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebalkdfejapnfbngpmhchkboajaofen [2016-03-02]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-02-17]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (Vyhledávání Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (Fun Switcher) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2015-02-09]
CHR Extension: (Read Later Fast) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2015-05-14]
CHR Extension: (Timer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2015-02-09]
CHR Extension: (Gmail Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-02-09]
CHR Extension: (Kalendář Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-02-02]
CHR Extension: (Zotero Connector) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-03-26]
CHR Extension: (Tabulky Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-02]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-03]
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-14]
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
CHR Extension: (PDF to Word Converter App) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclipofobaadknkadkpgggmjkebddjam [2015-02-09]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2015-02-09]
CHR Extension: (Převod měn) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2015-02-09]
CHR Extension: (Unit Convertor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf [2015-02-09]
CHR Extension: (The Great Suspender) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-05-26]
CHR Extension: (Steambirds: Survival) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2015-02-09]
CHR Extension: (Mapy Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-02]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-02-09]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-02-24]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-02-09]
CHR Extension: (Grass) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2016-03-05]
CHR Extension: (Graph.tk) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2015-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Psykopaint) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-03-26]
CHR Extension: (Connected Mind) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc [2015-02-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-13]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-13] (Avast Software s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-13] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-06 18:28 - 2016-03-06 18:29 - 00007018 _____ C:\Users\David\Desktop\_exdata.gb
2016-03-06 15:29 - 2016-03-06 15:29 - 00018304 _____ C:\Users\David\Desktop\sample.tab
2016-03-06 15:02 - 2016-03-06 15:06 - 00018763 _____ C:\Users\David\Desktop\envy_všechny_bez_ehrs_alig.fas
2016-03-06 14:58 - 2016-03-06 14:58 - 00019052 _____ C:\Users\David\Desktop\envy_všechny_bez_ehrs.fasta
2016-03-06 14:51 - 2016-03-06 14:58 - 00018350 _____ C:\Users\David\Desktop\envy_všechny_bez_ehrs.txt
2016-03-06 14:22 - 2016-03-06 14:22 - 00332953 _____ C:\Users\David\Desktop\REL results.pdf
2016-03-06 14:09 - 2016-03-06 14:09 - 00007589 _____ C:\Users\David\Desktop\123.fas
2016-03-06 13:53 - 2016-03-06 13:53 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA6_6140226
2016-03-06 13:53 - 2016-03-06 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageMagick 6.7.5 Q16
2016-03-06 13:52 - 2016-03-06 13:52 - 39197788 _____ (Center for Evolutionary Medicine and Informatics ) C:\Users\David\Desktop\MEGA6.06_setup.exe
2016-03-06 13:40 - 2016-03-06 13:40 - 04463589 _____ C:\Users\David\Desktop\seminář.pptx
2016-03-06 13:40 - 2016-03-06 13:40 - 00000165 ____H C:\Users\David\Desktop\~$seminář.pptx
2016-03-06 13:38 - 2016-03-06 13:38 - 03830050 _____ C:\Users\David\Desktop\ehr.pptx
2016-03-06 12:13 - 2016-03-06 13:07 - 979516740 _____ C:\Users\David\Desktop\Capitan-Amerika-2-Zimny-vojak-2015-Cz-dabing.avi
2016-03-06 11:21 - 2016-03-06 11:24 - 00037064 _____ C:\Users\David\Desktop\Addition.txt
2016-03-06 11:20 - 2016-03-06 18:32 - 00026816 _____ C:\Users\David\Desktop\FRST.txt
2016-03-06 11:20 - 2016-03-06 18:32 - 00000000 ____D C:\FRST
2016-03-06 11:18 - 2016-03-06 11:19 - 02374144 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-03-06 10:18 - 2016-03-06 10:18 - 22908888 _____ (Malwarebytes ) C:\Users\David\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-05 23:30 - 2016-03-06 00:49 - 1416899846 _____ C:\Users\David\Desktop\Drákula-Neznámá-legenda-(2014)-CZ--dabing.avi
2016-03-05 22:53 - 2016-03-05 22:53 - 01518592 _____ C:\Users\David\Desktop\adwcleaner_5.037.exe
2016-03-05 22:41 - 2016-03-05 22:41 - 00010470 _____ C:\Users\David\Desktop\attach.txt
2016-03-05 22:41 - 2016-03-05 22:40 - 00020736 _____ C:\Users\David\Desktop\dds.txt
2016-03-05 22:38 - 2016-03-05 22:38 - 00688992 ____R (Swearware) C:\Users\David\Desktop\dds.exe
2016-03-05 21:40 - 2016-03-05 21:40 - 00001076 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-05 21:23 - 2016-03-05 21:23 - 00000832 _____ C:\Users\David\AppData\Local\recently-used.xbel
2016-03-05 21:09 - 2016-03-05 23:06 - 1091749888 _____ C:\Users\David\Desktop\HOBIT-BITVA-PĚTI-ARMÁD-2014-CZ-dabing.avi
2016-03-05 20:55 - 2016-03-05 20:55 - 00023090 _____ C:\Users\David\Desktop\envy_všechny.mas
2016-03-04 12:19 - 2016-03-04 12:20 - 00000000 ____D C:\Users\David\Desktop\Cesta do vesmíru
2016-03-04 10:33 - 2016-03-05 20:55 - 00058261 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.xlsx
2016-03-04 10:25 - 2016-03-04 10:25 - 00007258 _____ C:\Users\David\Desktop\envy_všechny alig.pdf
2016-03-04 10:24 - 2016-03-04 10:24 - 00007835 _____ C:\Users\David\Desktop\envy_všechny alig.pl
2016-03-04 10:10 - 2016-03-04 10:10 - 00042272 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.csv
2016-03-04 09:51 - 2016-03-04 09:51 - 00022517 _____ C:\Users\David\Desktop\envy_všechny_alig.fas
2016-03-04 09:40 - 2016-03-04 09:40 - 00000000 _____ C:\Users\David\Desktop\envy druhej pokus.txt
2016-03-04 09:34 - 2016-03-04 09:44 - 00022863 _____ C:\Users\David\Desktop\envy_všechny.fasta
2016-03-04 09:24 - 2016-03-06 13:53 - 00000000 ____D C:\Program Files (x86)\MEGA6
2016-03-04 09:24 - 2016-03-06 13:52 - 00000973 _____ C:\Users\Public\Desktop\MEGA6.lnk
2016-03-04 09:24 - 2016-03-06 13:52 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA_Global
2016-03-04 09:24 - 2016-03-06 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA6
2016-03-04 09:23 - 2016-03-05 20:55 - 00022021 _____ C:\Users\David\Desktop\envy_všechny.txt
2016-03-04 09:23 - 2016-03-04 09:23 - 00000000 ____D C:\Users\David\Desktop\alig-2016-03-04
2016-03-04 09:22 - 2016-03-04 09:23 - 39242512 _____ C:\Users\David\Desktop\alig-2016-03-04.zip
2016-03-04 09:09 - 2016-03-04 11:38 - 1429179106 _____ C:\Users\David\Desktop\Hobit---Neočekaváná-cesta-cz.avi
2016-03-02 23:14 - 2016-03-03 00:54 - 1786076936 _____ C:\Users\David\Desktop\Hobit-Neocekavana-cesta-.2013-BDRip-CZ-Dab.avi
2016-03-02 21:23 - 2016-03-02 23:14 - 1061631414 _____ C:\Users\David\Desktop\Thor-Temný-svět-cz-(2013).avi
2016-03-02 19:53 - 2016-03-02 21:19 - 1534194616 _____ C:\Users\David\Desktop\Captain-America-První-Avenger-2011-CZ.avi
2016-03-02 19:42 - 2016-03-02 19:42 - 00603683 _____ C:\Users\David\Desktop\mcas2.ma4
2016-03-02 10:05 - 2016-03-02 10:05 - 00003928 _____ C:\Users\David\Desktop\13envu.rar
2016-03-02 10:03 - 2016-03-02 10:03 - 00405259 _____ C:\Users\David\Desktop\mcas-doma.ma4
2016-03-02 10:03 - 2016-03-02 10:03 - 00081435 _____ C:\Users\David\Desktop\strainy-doma.ma4
2016-03-01 23:21 - 2016-03-01 23:21 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (2)
2016-03-01 23:20 - 2016-03-01 23:20 - 00370551 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (2).zip
2016-03-01 23:19 - 2016-03-01 23:19 - 00000000 ____D C:\Users\David\Desktop\generálka
2016-03-01 23:15 - 2016-03-01 23:18 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (1)
2016-03-01 23:14 - 2016-03-01 23:14 - 00046835 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (1).zip
2016-03-01 22:58 - 2016-03-01 22:59 - 00024917 _____ C:\Users\David\Desktop\documents-export-2016-03-01.zip
2016-03-01 21:27 - 2016-03-02 00:26 - 1715738624 _____ C:\Users\David\Desktop\Strazci-galaxie-2014-CZ-dabing.avi
2016-03-01 19:27 - 2016-02-28 22:46 - 00000000 ____D C:\Users\David\Desktop\Legie
2016-03-01 19:21 - 2016-02-28 19:08 - 00000000 ____D C:\Users\David\Desktop\LegiePortrety
2016-03-01 19:16 - 2016-03-01 19:24 - 361254313 _____ C:\Users\David\Desktop\LegieNahled.zip
2016-03-01 19:16 - 2016-03-01 19:17 - 79731011 _____ C:\Users\David\Desktop\LegiePortrety.zip
2016-02-22 01:15 - 2016-02-24 00:40 - 00000000 ____D C:\Users\David\Desktop\filmy
2016-02-21 12:33 - 2016-02-21 12:33 - 00000000 ____D C:\Users\David\Desktop\černá zmije
2016-02-07 19:22 - 2016-02-07 19:22 - 00000000 ____D C:\Users\David\Desktop\medival virology
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-06 18:29 - 2014-01-25 20:41 - 00000000 ____D C:\VNTI Database
2016-03-06 18:10 - 2013-02-03 17:49 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-03-06 18:09 - 2016-02-02 18:33 - 00000000 ____D C:\KMPlayer
2016-03-06 17:39 - 2014-04-29 10:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-06 17:34 - 2015-02-04 02:51 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-06 13:51 - 2014-01-25 20:46 - 00000029 _____ C:\Windows\Vnti40.ini
2016-03-06 13:21 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 13:21 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-06 13:18 - 2012-01-10 20:08 - 00666444 _____ C:\Windows\system32\perfh005.dat
2016-03-06 13:18 - 2012-01-10 20:08 - 00140108 _____ C:\Windows\system32\perfc005.dat
2016-03-06 13:18 - 2009-07-14 06:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-06 13:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-06 13:13 - 2013-01-18 20:33 - 00000000 ___HD C:\Users\David\Documents\Youcam
2016-03-06 13:11 - 2015-02-04 02:51 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-06 13:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-06 13:09 - 2014-04-24 02:17 - 00000000 ____D C:\AdwCleaner
2016-03-06 12:56 - 2013-01-26 18:02 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-03-06 10:58 - 2015-10-25 15:24 - 00146432 ___SH C:\Users\David\Documents\Thumbs.db
2016-03-06 10:41 - 2016-02-02 18:16 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2016-03-05 22:59 - 2015-10-21 22:04 - 00000000 ____D C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2016-03-05 22:59 - 2013-02-01 22:12 - 00000000 ____D C:\Users\David\AppData\Roaming\Winamp
2016-03-05 22:58 - 2012-01-10 02:44 - 00000000 ____D C:\Windows\Panther
2016-03-05 21:34 - 2013-01-22 21:05 - 00000000 ____D C:\Users\David\.gimp-2.8
2016-03-05 20:59 - 2013-03-16 11:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-22 01:16 - 2015-10-21 21:55 - 00000000 ____D C:\Users\David\Desktop\Star-Wars-Galactic-Battlegrounds
2016-02-20 00:03 - 2013-01-18 20:39 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 22:58 - 2015-11-09 23:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 22:19 - 2015-09-06 09:18 - 00000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2016-02-14 21:33 - 2013-01-26 18:01 - 00000000 ____D C:\ProgramData\Skype
2016-02-09 21:39 - 2016-01-19 19:23 - 08817344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 21:39 - 2013-11-04 21:56 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 07:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2015-05-09 01:34 - 2015-05-11 17:25 - 0005120 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 21:45 - 2014-04-09 21:48 - 0029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE
2016-03-05 21:23 - 2016-03-05 21:23 - 0000832 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2016-01-30 02:15 - 2016-01-30 02:15 - 0000000 _____ () C:\Users\David\AppData\Local\{DEBAF0B2-1C55-4D61-AB88-CE190AB94FFC}
2013-01-22 20:26 - 2013-01-22 20:59 - 0002778 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-01 16:12
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Vnti40.ini
C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosba o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by David (2016-03-06 19:41:36) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Vnti40.ini
C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
C:\Program Files (x86)\Google\GoogleToolbarNotifier => moved successfully
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => key removed successfully
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83cb2639-79be-11e5-a181-685d43d7c1f1}" => key removed successfully
HKCR\CLSID\{83cb2639-79be-11e5-a181-685d43d7c1f1} => key not found.
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1}" => key removed successfully
HKCR\CLSID\{d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp" => key removed successfully
HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending" => key removed successfully
HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot" => key removed successfully
HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared" => key removed successfully
HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => not found.
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => not found.
C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => not found.
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Vnti40.ini => moved successfully
C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
==== End of Fixlog 19:41:39 ====
Ran by David (2016-03-06 19:41:36) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Vnti40.ini
C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
C:\Program Files (x86)\Google\GoogleToolbarNotifier => moved successfully
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => key removed successfully
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83cb2639-79be-11e5-a181-685d43d7c1f1}" => key removed successfully
HKCR\CLSID\{83cb2639-79be-11e5-a181-685d43d7c1f1} => key not found.
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1}" => key removed successfully
HKCR\CLSID\{d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp" => key removed successfully
HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending" => key removed successfully
HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot" => key removed successfully
HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared" => key removed successfully
HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => not found.
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => not found.
C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => not found.
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Vnti40.ini => moved successfully
C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
==== End of Fixlog 19:41:39 ====
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosba o kontrolu
Děkuji moc, reklamy už mě neruší!
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
To jsem rád. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?