Prosím o kontrolu. Hlásí, že připojení není soukromé. Díky.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Julie at 2016-01-26 04:24:55
Microsoft Windows 10 Home
System drive C: has 417 MB (1%) free of 51 GB
Total RAM: 1933 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:24:59, on 26. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Program Files\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Users\Julie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Julie\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Julie.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [WebStorage] C:\Program Files\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
O4 - HKLM\..\Run: [RtkNGUI] "C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Julie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Julie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Julie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS HID Access Service (AsHidService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem48.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: @oem14.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem14.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem14.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 8741 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-26 664184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-15 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-15 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DptfPolicyLpmServiceHelper"=C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [2014-03-18 81360]
"ASUSPRP"=C:\Program Files\ASUS\APRP\APRP.EXE [2014-05-12 1080992]
"WebStorage"=C:\Program Files\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [2014-02-25 63296]
"RtkNGUI"=C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2014-01-17 2912256]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-15 7021880]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2015-06-17 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-12-09 157456]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Julie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-01-26 551112]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2016-01-15 23499656]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Julie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202"=C:\WINDOWS\system32\cmd.exe [2015-07-10 200704]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-26 04:24:55 ----D---- C:\rsit
2016-01-26 04:22:20 ----HD---- C:\OneDriveTemp
2016-01-23 05:29:45 ----D---- C:\Program Files\GUM5704.tmp
2016-01-23 05:29:45 ----A---- C:\Program Files\GUT5715.tmp
2016-01-23 04:52:34 ----ASH---- C:\pagefile.sys
2016-01-23 04:51:17 ----D---- C:\WINDOWS\Panther
2016-01-23 04:51:10 ----HD---- C:\$WINDOWS.~BT
2016-01-16 10:01:02 ----D---- C:\Program Files\iPod
2016-01-16 10:00:55 ----D---- C:\Program Files\iTunes
======List of files/folders modified in the last 1 month======
2016-02-02 23:47:29 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-01-26 08:33:10 ----D---- C:\WINDOWS\system32\catroot2
2016-01-26 08:29:11 ----D---- C:\WINDOWS\system32\Tasks
2016-01-26 05:07:31 ----D---- C:\AdwCleaner
2016-01-26 05:06:19 ----D---- C:\Users\Julie\AppData\Roaming\vlc
2016-01-26 05:04:32 ----D---- C:\WINDOWS\system32\SleepStudy
2016-01-26 04:32:41 ----D---- C:\WINDOWS\Microsoft.NET
2016-01-26 04:31:52 ----RD---- C:\WINDOWS\assembly
2016-01-26 04:31:44 ----HD---- C:\ProgramData
2016-01-26 04:27:07 ----D---- C:\WINDOWS\system32\config
2016-01-26 04:25:28 ----D---- C:\WINDOWS\system32\MRT
2016-01-26 04:25:24 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-26 04:25:06 ----D---- C:\WINDOWS\WinSxS
2016-01-26 04:25:06 ----D---- C:\WINDOWS\System32
2016-01-26 04:25:00 ----D---- C:\WINDOWS\CbsTemp
2016-01-26 04:24:59 ----D---- C:\WINDOWS\INF
2016-01-26 04:24:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-26 04:24:57 ----D---- C:\Program Files\trend micro
2016-01-26 04:24:56 ----D---- C:\WINDOWS\Prefetch
2016-01-26 04:24:51 ----D---- C:\WINDOWS\AppReadiness
2016-01-26 04:24:38 ----HD---- C:\Program Files\WindowsApps
2016-01-26 04:22:36 ----D---- C:\WINDOWS\system32\sru
2016-01-26 04:20:56 ----D---- C:\ProgramData\ASUS Smart Gesture
2016-01-26 04:20:35 ----D---- C:\WINDOWS\Temp
2016-01-24 18:46:58 ----SHDC---- C:\WINDOWS\Installer
2016-01-24 18:39:59 ----RD---- C:\Program Files
2016-01-24 18:38:23 ----D---- C:\WINDOWS\Tasks
2016-01-23 05:44:12 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-23 05:43:32 ----D---- C:\WINDOWS\Minidump
2016-01-23 04:59:53 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-01-23 04:51:17 ----D---- C:\Windows
2016-01-23 04:51:07 ----D---- C:\WINDOWS\Logs
2016-01-23 04:49:18 ----D---- C:\Program Files\Microsoft Office 15
2016-01-23 04:46:44 ----D---- C:\WINDOWS\system32\drivers
2016-01-16 10:38:15 ----D---- C:\Program Files\Google
2016-01-16 10:00:56 ----D---- C:\Program Files\Common Files\Apple
2016-01-16 09:44:35 ----D---- C:\WINDOWS\rescache
2016-01-16 09:41:57 ----D---- C:\WINDOWS\apppatch
2016-01-05 03:30:46 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-05 03:30:28 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-05 03:30:27 ----A---- C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-05 03:30:23 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-01-05 03:30:23 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-05 03:30:21 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-05 03:30:19 ----A---- C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-05 03:30:14 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-05 03:30:06 ----A---- C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-05 03:29:53 ----A---- C:\WINDOWS\system32\mftranscode.dll
2016-01-05 03:28:56 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-05 03:28:45 ----A---- C:\WINDOWS\system32\mfvdsp.dll
2016-01-05 03:28:31 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-05 03:28:19 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-05 03:28:19 ----A---- C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-05 03:28:18 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-05 03:28:17 ----A---- C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-05 03:28:13 ----A---- C:\WINDOWS\system32\WMADMOE.DLL
2016-01-05 03:28:13 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-05 03:28:08 ----A---- C:\WINDOWS\system32\invagent.dll
2016-01-05 03:28:08 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-05 03:28:07 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-05 03:28:07 ----A---- C:\WINDOWS\system32\devenum.dll
2016-01-05 03:28:02 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-05 03:28:01 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-05 03:21:40 ----A---- C:\WINDOWS\system32\mfds.dll
2016-01-05 03:14:06 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-05 03:12:39 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-05 03:10:48 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-05 03:10:26 ----A---- C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-05 03:10:25 ----A---- C:\WINDOWS\system32\MP43DECD.DLL
2016-01-05 03:10:25 ----A---- C:\WINDOWS\system32\COLORCNV.DLL
2016-01-05 02:44:54 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-05 02:44:37 ----A---- C:\WINDOWS\system32\usermgrcli.dll
2016-01-05 02:43:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-01-05 02:42:16 ----A---- C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-05 02:39:34 ----A---- C:\WINDOWS\system32\aepic.dll
2016-01-05 02:39:24 ----A---- C:\WINDOWS\system32\aitstatic.exe
2016-01-05 02:38:09 ----A---- C:\WINDOWS\system32\mfh264enc.dll
2016-01-05 02:32:29 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-05 02:32:01 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-05 02:31:52 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-05 02:30:54 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-01-05 02:29:25 ----A---- C:\WINDOWS\system32\jscript.dll
2016-01-05 02:29:13 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-05 02:26:48 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-05 02:26:47 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-01-05 02:26:33 ----A---- C:\WINDOWS\system32\usermgr.dll
2016-01-05 02:24:15 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-01-05 02:20:06 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-05 02:19:55 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-05 02:19:55 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-05 02:19:42 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-05 02:19:41 ----A---- C:\WINDOWS\system32\MFWMAAEC.DLL
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-12-15 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-12-15 209432]
R0 MBI;@oem27.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2014-03-18 21456]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-12-15 81728]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-01-23 812208]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-01-23 449384]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [2013-07-02 17720]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 74240]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-01 7680]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [2009-07-02 13880]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-12-15 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-12-15 81168]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-12-15 117712]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 37376]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 52736]
R3 AsusSGDrv;@oem32.inf,%AsusSGDrv.SvcDesc%;ASUS Touch Service; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [2015-08-27 116032]
R3 BCMSDH43XX;@oem35.inf,%BCMSDH43XX_Service_DispName%;Broadcom 802.11 SDIO Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmdhd63.sys [2014-04-07 305368]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 86528]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 193536]
R3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\Drivers\BTHMINI.sys [2015-07-10 23040]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 102912]
R3 BtwSerialBus;@oem48.inf,%Bus.SVCDESC%;Broadcom Serial Bus Driver over UART Bus Enumerator; C:\WINDOWS\System32\drivers\BtwSerialBus.sys [2015-04-09 139520]
R3 camera;@oem28.inf,%camera.DeviceDesc%;Intel(R) Imaging Signal Processor 2400; C:\WINDOWS\system32\DRIVERS\camera.sys [2013-12-02 345088]
R3 CM3218x;@oem46.inf,%CM3218xDisplayName%;CM3218x SPB Driver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2015-07-10 161792]
R3 CPLMACPI;@oem46.inf,%CPLMACPI.SvcDesc%;Capella Micro CPLMACPI Sensor Filter; C:\WINDOWS\system32\DRIVERS\CPLMACPI.sys [2015-07-08 25040]
R3 DptfDevDBPT;DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [2014-03-18 25552]
R3 DptfDevDisplay;DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [2014-03-18 28112]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [2014-03-18 36304]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [2014-03-18 80848]
R3 DptfManager;DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [2014-03-18 181712]
R3 GPIO;@oem31.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2014-03-18 23552]
R3 GpioVirtual;@oem9.inf,%Driver_Service.Desc%;GPED Virtual GPIO controller driver; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [2014-03-18 16896]
R3 HIDSwitch;@oem47.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch.sys [2015-05-13 17416]
R3 iaioi2c;@oem29.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2014-03-18 58368]
R3 iaiouart;@oem25.inf,%iaiouart.SVCDESC%;UART Controller; C:\WINDOWS\System32\drivers\iaiouart.sys [2014-03-18 87552]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2015-10-15 3035568]
R3 IntelSST;@oem19.inf,%IntelSST_Audio.SvcDesc%;Intel SST Audio Device (WDM); C:\WINDOWS\system32\drivers\isstrtc.sys [2014-04-03 259584]
R3 INVN_MotionApps;@oem45.inf,%INVN_MotionAppsDisplayName%;InvenSense MotionApps Driver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2015-07-10 161792]
R3 iwdbus;@oem42.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 35392]
R3 MT9M114;@oem16.inf,%MT9M114.SVCDESC%;Camera Sensor MT9M114; C:\WINDOWS\System32\drivers\MT9M114.sys [2013-12-02 38912]
R3 PMIC;@oem33.inf,%Driver_Service.Desc%;Intel(R) Power Management IC Device Service; C:\WINDOWS\System32\drivers\PMIC.sys [2014-03-18 48128]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 129536]
R3 rtii2sac;@oem51.inf,%CodecDevice.SVCDESC%;Realtek I2S Audio Codec Device Driver; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [2015-05-20 263936]
R3 TXEI;@oem13.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEI.sys [2014-03-18 75792]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 83296]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 51040]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 33632]
S3 AsusHID;@oem32.inf,%AsusHID.SvcDesc%;ASUS HID Service; C:\WINDOWS\System32\drivers\AsusHID.sys [2014-04-08 68888]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 725504]
S3 btwampfl;@oem48.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\System32\drivers\btwampfl.sys [2015-04-09 162560]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 26112]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 96768]
S3 DptfDevAmbient;DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [2014-03-18 44496]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 24064]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 26840]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 17408]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 37728]
S3 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-12-16 489832]
S3 intaud_WaveExtensible;@oem38.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 44096]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 23040]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2012-09-25 201104]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2012-09-25 32912]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 45056]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-10 32768]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 31744]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 190816]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 73568]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 100704]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-07-10 42848]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-07-10 21856]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 AsHidService;ASUS HID Access Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [2013-09-09 103224]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [2014-02-25 71680]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-15 226440]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 390416]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2015-12-22 1887928]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
R2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
R2 DptfParticipantProcessorService;@oem14.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2014-03-18 83408]
R2 DptfPolicyCriticalService;@oem14.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [2014-03-18 97232]
R2 DptfPolicyLpmService;@oem14.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application; C:\WINDOWS\system32\DptfPolicyLpmService.exe [2014-03-18 90576]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-10-15 283568]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 586752]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe [2014-01-15 168216]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-05-29 43696]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-09 541456]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
R3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
R3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
S2 BcmBtRSupport;@oem48.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2014-10-18 1677016]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-31 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\system32\IntelCpHeciSvc.exe [2015-10-15 290224]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 23040]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-31 107848]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-05-20 194032]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 637912]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 41864]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-08-01 150600]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-10 669696]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 35176]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu. Díky
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu. Díky
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
emmanaruby
- Návštěvník
- Příspěvky: 114
- Registrován: 18 čer 2010 14:34
Re: Prosím o kontrolu. Díky
Dobrý den, omlouvám se za zdržení, Byla jsem pracovně v zahraničí delší dobu.
# AdwCleaner v5.108 - Log soubor vytvořen 02/03/2016 o 10:50:18
# Aktualizováno 30/03/2016 by Xplode
# Databáze : 2016-03-30.1 [Server]
# Operační systém : Windows 10 Home (x86)
# Jméno uživatele : Julie - JULČA
# Spuštěno z : C:\Users\Julie\Downloads\adwcleaner_5.108.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1039 bytes] - [02/03/2016 10:50:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1066 bytes] - [02/03/2016 10:47:27]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1185 bytes] ##########
# AdwCleaner v5.108 - Log soubor vytvořen 02/03/2016 o 10:50:18
# Aktualizováno 30/03/2016 by Xplode
# Databáze : 2016-03-30.1 [Server]
# Operační systém : Windows 10 Home (x86)
# Jméno uživatele : Julie - JULČA
# Spuštěno z : C:\Users\Julie\Downloads\adwcleaner_5.108.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1039 bytes] - [02/03/2016 10:50:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1066 bytes] - [02/03/2016 10:47:27]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1185 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu. Díky
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
emmanaruby
- Návštěvník
- Příspěvky: 114
- Registrován: 18 čer 2010 14:34
Re: Prosím o kontrolu. Díky
Nevím, zda scan proběhl správně?
LastRegBack: 2016-04-02 15:58
==================== End of FRST.txt ============================
LastRegBack: 2016-04-02 15:58
==================== End of FRST.txt ============================
-
emmanaruby
- Návštěvník
- Příspěvky: 114
- Registrován: 18 čer 2010 14:34
Re: Prosím o kontrolu. Díky
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-04-2016
Ran by Julie (administrator) on JULČA (02-04-2016 15:52:33)
Running from C:\Users\Julie\Desktop
Loaded Profiles: Julie (Available Profiles: Julie)
Platform: Microsoft Windows 10 Home (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS Cloud Corporation) C:\Program Files\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ASUS Cloud Corporation) C:\Program Files\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe
(forum.viry.cz) C:\Users\Julie\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WebStorage] => C:\Program Files\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2912256 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-15] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-09] (Apple Inc.)
HKU\S-1-5-21-2892461949-1692902088-1914179838-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_BN] -> {CC5FC992-B0AA-47CD-9DC2-83445083CBB9} => C:\Program Files\Common Files\AWS\2.1.2.301\ASUSWSShellExt.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_ON] -> {618A47A2-528B-4D9A-AFC8-97D3233511E3} => C:\Program Files\Common Files\AWS\2.1.2.301\ASUSWSShellExt.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_UN] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files\Common Files\AWS\2.1.2.301\ASUSWSShellExt.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-15] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2b620967-8753-4eab-976c-25ce2f6ad37a}: [DhcpNameServer] 40.54.1.15
Tcpip\..\Interfaces\{553b8a50-7b85-40cd-bd96-af9c5516356e}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-2892461949-1692902088-1914179838-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-2892461949-1692902088-1914179838-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-2892461949-1692902088-1914179838-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2892461949-1692902088-1914179838-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2892461949-1692902088-1914179838-1002 -> {F63F39E6-F4C6-43BC-A26C-AF79562B7F31} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-26] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-15] (Google Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-02] (Microsoft Corporation)
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2013-07-12] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2013-07-12] (Intel Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-22] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-24] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-24] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-15]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-15]
Chrome:
=======
CHR Profile: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-31]
CHR Extension: (Dokumenty Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-31]
CHR Extension: (Disk Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Avast Passwords) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2016-04-02]
CHR Extension: (Avast SafePrice) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-23]
CHR Extension: (Tabulky Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [emhginjpijfggbofeediiojmdlmlkoik] - C:\Program Files\AVAST Software\Avast\pam\Chrome\pam.crx [2015-12-15]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-10-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-26]
CHR HKU\S-1-5-21-2892461949-1692902088-1914179838-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsHidService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [103224 2013-09-09] (ASUSTek Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [115512 2014-03-26] (ASUSTek Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-15] (AVAST Software)
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1677016 2014-10-18] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1916656 2016-02-09] (Microsoft Corporation)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [290224 2015-10-15] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [83408 2014-03-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [97232 2014-03-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [90576 2014-03-18] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [283568 2015-10-15] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [586752 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [637912 2013-07-01] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe [168216 2014-01-15] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
S2 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
S3 AsusHID; C:\WINDOWS\System32\drivers\AsusHID.sys [68888 2014-04-08] (ASUS Corporation)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [116032 2015-08-27] (ASUS Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-12-15] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [81168 2015-12-15] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [81728 2015-12-15] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-12-15] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [812208 2016-01-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449384 2016-01-23] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [117712 2015-12-15] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209432 2015-12-15] (AVAST Software)
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [17720 2013-07-02] (ASUSTek Computer Inc.)
R3 BCMSDH43XX; C:\WINDOWS\system32\DRIVERS\bcmdhd63.sys [305368 2014-04-07] (Broadcom Corp)
R3 BthMini; C:\WINDOWS\System32\Drivers\BTHMINI.sys [23040 2015-07-10] (Microsoft Corporation)
S3 btwampfl; C:\WINDOWS\System32\drivers\btwampfl.sys [162560 2015-04-09] (Broadcom Corporation.)
R3 BtwSerialBus; C:\WINDOWS\System32\drivers\BtwSerialBus.sys [139520 2015-04-09] (Broadcom Corporation.)
R3 camera; C:\WINDOWS\system32\DRIVERS\camera.sys [345088 2013-12-02] (Intel Corporation)
R3 CM3218x; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
R3 CPLMACPI; C:\WINDOWS\system32\DRIVERS\CPLMACPI.sys [25040 2015-07-08] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [44496 2014-03-18] (Intel Corporation)
R3 DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [25552 2014-03-18] (Intel Corporation)
R3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [28112 2014-03-18] (Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [36304 2014-03-18] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [80848 2014-03-18] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [181712 2014-03-18] (Intel Corporation)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [23552 2014-03-18] (Intel Corporation)
R3 GpioVirtual; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-18] (Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsHIDSwitch.sys [17416 2015-05-13] (ASUS)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [58368 2014-03-18] (Intel Corporation)
R3 iaiouart; C:\WINDOWS\System32\drivers\iaiouart.sys [87552 2014-03-18] (Intel Corporation)
S3 iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [489832 2013-12-16] (Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44096 2015-07-20] (Intel Corporation)
R3 IntelSST; C:\WINDOWS\system32\drivers\isstrtc.sys [259584 2014-04-03] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35392 2015-07-20] (Intel Corporation)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [21456 2014-03-18] (Intel Corporation)
R3 MT9M114; C:\WINDOWS\System32\drivers\MT9M114.sys [38912 2013-12-02] (Intel Corporation)
R3 PMIC; C:\WINDOWS\System32\drivers\PMIC.sys [48128 2014-03-18] (Intel Corporation)
R3 rtii2sac; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [263936 2015-05-21] (Realtek Semiconductor Corp.)
S3 RTL2832UBDA; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [201104 2012-09-25] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [32912 2012-09-25] (REALTEK SEMICONDUCTOR Corp.)
R3 TXEI; C:\WINDOWS\System32\drivers\TXEI.sys [75792 2014-03-18] (Intel Corporation)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2014-08-15] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-02 16:20 - 2016-04-02 16:20 - 00016148 _____ C:\WINDOWS\system32\JULČA_Julie_HistoryPrediction.bin
2016-04-02 15:52 - 2016-04-02 15:52 - 00019123 _____ C:\Users\Julie\Desktop\FRST.txt
2016-04-02 15:52 - 2016-04-02 15:52 - 00000000 ____D C:\FRST
2016-04-02 15:49 - 2016-04-02 15:49 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-04-02 15:49 - 2016-04-02 15:49 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-04-02 15:47 - 2016-04-02 15:47 - 00112640 _____ (forum.viry.cz) C:\Users\Julie\Desktop\FRSTLauncher (1).exe
2016-04-02 15:43 - 2016-04-02 15:43 - 01726464 _____ (Farbar) C:\Users\Julie\Desktop\FRST.exe
2016-04-02 15:39 - 2016-04-02 15:39 - 216855906 _____ C:\Users\Julie\Downloads\New-Girl-S05E12---CZ-titulky,-1176620.avi.crdownload
2016-04-02 15:38 - 2016-04-02 15:38 - 309798771 _____ C:\WINDOWS\MEMORY.DMP
2016-04-02 15:38 - 2016-04-02 15:38 - 00150656 _____ C:\WINDOWS\Minidump\040216-18625-01.dmp
2016-04-02 15:38 - 2016-04-02 15:38 - 00150656 _____ C:\WINDOWS\Minidump\040216-16437-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-02 15:52 - 2016-01-16 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-02 15:52 - 2015-09-28 10:30 - 00000000 ____D C:\Users\Julie
2016-04-02 15:51 - 2016-01-16 11:39 - 00000000 ___RD C:\Users\Julie\Disk Google
2016-04-02 15:50 - 2015-07-10 10:28 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-02 15:49 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-02 15:48 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-02 15:45 - 2015-07-10 10:28 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-02 15:44 - 2015-09-28 10:44 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-02 15:44 - 2015-09-10 06:00 - 00748196 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-02 15:44 - 2015-09-10 06:00 - 00150400 _____ C:\WINDOWS\system32\perfc005.dat
2016-04-02 15:44 - 2015-07-10 10:27 - 00000000 ____D C:\WINDOWS\INF
2016-04-02 15:43 - 2016-01-24 19:38 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-02 15:40 - 2015-05-22 12:59 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-02 15:38 - 2016-01-24 19:38 - 00000956 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-02 15:38 - 2015-10-01 10:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-02 15:38 - 2015-09-30 09:00 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-04-02 15:38 - 2015-09-28 10:24 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-02 15:38 - 2015-07-21 01:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-02 15:38 - 2015-07-21 01:17 - 00340200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-02 15:38 - 2015-02-08 18:22 - 00000000 __SHD C:\Users\Julie\IntelGraphicsProfiles
==================== Files in the root of some directories =======
2016-03-02 11:26 - 2016-03-02 11:26 - 0000000 _____ () C:\Program Files\Apple Software Update
2016-01-23 06:29 - 2016-01-23 06:29 - 6420480 _____ () C:\Program Files\GUT5715.tmp
2016-03-02 11:26 - 2016-03-02 11:26 - 0000000 _____ () C:\Program Files\MP3 Speed Changer
2016-03-02 11:26 - 2016-03-02 11:26 - 0000000 _____ () C:\Program Files\QuickTime
2016-03-02 11:26 - 2016-03-02 11:26 - 0000000 _____ () C:\Program Files\Skype
2014-05-12 13:26 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2014-05-12 13:26 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-12 13:26 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Julie\AppData\Local\Temp\libeay32.dll
C:\Users\Julie\AppData\Local\Temp\msvcr120.dll
C:\Users\Julie\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Julie\Desktop" je 1 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Ran by Julie (administrator) on JULČA (02-04-2016 15:52:33)
Running from C:\Users\Julie\Desktop
Loaded Profiles: Julie (Available Profiles: Julie)
Platform: Microsoft Windows 10 Home (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS Cloud Corporation) C:\Program Files\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ASUS Cloud Corporation) C:\Program Files\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe
(forum.viry.cz) C:\Users\Julie\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WebStorage] => C:\Program Files\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2912256 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-15] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-09] (Apple Inc.)
HKU\S-1-5-21-2892461949-1692902088-1914179838-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_BN] -> {CC5FC992-B0AA-47CD-9DC2-83445083CBB9} => C:\Program Files\Common Files\AWS\2.1.2.301\ASUSWSShellExt.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_ON] -> {618A47A2-528B-4D9A-AFC8-97D3233511E3} => C:\Program Files\Common Files\AWS\2.1.2.301\ASUSWSShellExt.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_UN] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files\Common Files\AWS\2.1.2.301\ASUSWSShellExt.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-15] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2b620967-8753-4eab-976c-25ce2f6ad37a}: [DhcpNameServer] 40.54.1.15
Tcpip\..\Interfaces\{553b8a50-7b85-40cd-bd96-af9c5516356e}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-2892461949-1692902088-1914179838-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-2892461949-1692902088-1914179838-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-2892461949-1692902088-1914179838-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2892461949-1692902088-1914179838-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2892461949-1692902088-1914179838-1002 -> {F63F39E6-F4C6-43BC-A26C-AF79562B7F31} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-26] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-15] (Google Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-02] (Microsoft Corporation)
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2013-07-12] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2013-07-12] (Intel Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-22] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-24] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-24] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-15]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-15]
Chrome:
=======
CHR Profile: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-31]
CHR Extension: (Dokumenty Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-31]
CHR Extension: (Disk Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Avast Passwords) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2016-04-02]
CHR Extension: (Avast SafePrice) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-23]
CHR Extension: (Tabulky Google) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [emhginjpijfggbofeediiojmdlmlkoik] - C:\Program Files\AVAST Software\Avast\pam\Chrome\pam.crx [2015-12-15]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-10-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-26]
CHR HKU\S-1-5-21-2892461949-1692902088-1914179838-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsHidService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [103224 2013-09-09] (ASUSTek Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [115512 2014-03-26] (ASUSTek Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-15] (AVAST Software)
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1677016 2014-10-18] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1916656 2016-02-09] (Microsoft Corporation)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [290224 2015-10-15] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [83408 2014-03-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [97232 2014-03-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [90576 2014-03-18] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [283568 2015-10-15] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [586752 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [637912 2013-07-01] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe [168216 2014-01-15] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
S2 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
S3 AsusHID; C:\WINDOWS\System32\drivers\AsusHID.sys [68888 2014-04-08] (ASUS Corporation)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [116032 2015-08-27] (ASUS Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-12-15] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [81168 2015-12-15] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [81728 2015-12-15] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-12-15] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [812208 2016-01-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449384 2016-01-23] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [117712 2015-12-15] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209432 2015-12-15] (AVAST Software)
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [17720 2013-07-02] (ASUSTek Computer Inc.)
R3 BCMSDH43XX; C:\WINDOWS\system32\DRIVERS\bcmdhd63.sys [305368 2014-04-07] (Broadcom Corp)
R3 BthMini; C:\WINDOWS\System32\Drivers\BTHMINI.sys [23040 2015-07-10] (Microsoft Corporation)
S3 btwampfl; C:\WINDOWS\System32\drivers\btwampfl.sys [162560 2015-04-09] (Broadcom Corporation.)
R3 BtwSerialBus; C:\WINDOWS\System32\drivers\BtwSerialBus.sys [139520 2015-04-09] (Broadcom Corporation.)
R3 camera; C:\WINDOWS\system32\DRIVERS\camera.sys [345088 2013-12-02] (Intel Corporation)
R3 CM3218x; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
R3 CPLMACPI; C:\WINDOWS\system32\DRIVERS\CPLMACPI.sys [25040 2015-07-08] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [44496 2014-03-18] (Intel Corporation)
R3 DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [25552 2014-03-18] (Intel Corporation)
R3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [28112 2014-03-18] (Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [36304 2014-03-18] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [80848 2014-03-18] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [181712 2014-03-18] (Intel Corporation)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [23552 2014-03-18] (Intel Corporation)
R3 GpioVirtual; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-18] (Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsHIDSwitch.sys [17416 2015-05-13] (ASUS)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [58368 2014-03-18] (Intel Corporation)
R3 iaiouart; C:\WINDOWS\System32\drivers\iaiouart.sys [87552 2014-03-18] (Intel Corporation)
S3 iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [489832 2013-12-16] (Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44096 2015-07-20] (Intel Corporation)
R3 IntelSST; C:\WINDOWS\system32\drivers\isstrtc.sys [259584 2014-04-03] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35392 2015-07-20] (Intel Corporation)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [21456 2014-03-18] (Intel Corporation)
R3 MT9M114; C:\WINDOWS\System32\drivers\MT9M114.sys [38912 2013-12-02] (Intel Corporation)
R3 PMIC; C:\WINDOWS\System32\drivers\PMIC.sys [48128 2014-03-18] (Intel Corporation)
R3 rtii2sac; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [263936 2015-05-21] (Realtek Semiconductor Corp.)
S3 RTL2832UBDA; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [201104 2012-09-25] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [32912 2012-09-25] (REALTEK SEMICONDUCTOR Corp.)
R3 TXEI; C:\WINDOWS\System32\drivers\TXEI.sys [75792 2014-03-18] (Intel Corporation)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2014-08-15] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-02 16:20 - 2016-04-02 16:20 - 00016148 _____ C:\WINDOWS\system32\JULČA_Julie_HistoryPrediction.bin
2016-04-02 15:52 - 2016-04-02 15:52 - 00019123 _____ C:\Users\Julie\Desktop\FRST.txt
2016-04-02 15:52 - 2016-04-02 15:52 - 00000000 ____D C:\FRST
2016-04-02 15:49 - 2016-04-02 15:49 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-04-02 15:49 - 2016-04-02 15:49 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-04-02 15:47 - 2016-04-02 15:47 - 00112640 _____ (forum.viry.cz) C:\Users\Julie\Desktop\FRSTLauncher (1).exe
2016-04-02 15:43 - 2016-04-02 15:43 - 01726464 _____ (Farbar) C:\Users\Julie\Desktop\FRST.exe
2016-04-02 15:39 - 2016-04-02 15:39 - 216855906 _____ C:\Users\Julie\Downloads\New-Girl-S05E12---CZ-titulky,-1176620.avi.crdownload
2016-04-02 15:38 - 2016-04-02 15:38 - 309798771 _____ C:\WINDOWS\MEMORY.DMP
2016-04-02 15:38 - 2016-04-02 15:38 - 00150656 _____ C:\WINDOWS\Minidump\040216-18625-01.dmp
2016-04-02 15:38 - 2016-04-02 15:38 - 00150656 _____ C:\WINDOWS\Minidump\040216-16437-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-02 15:52 - 2016-01-16 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-02 15:52 - 2015-09-28 10:30 - 00000000 ____D C:\Users\Julie
2016-04-02 15:51 - 2016-01-16 11:39 - 00000000 ___RD C:\Users\Julie\Disk Google
2016-04-02 15:50 - 2015-07-10 10:28 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-02 15:49 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-02 15:48 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-02 15:45 - 2015-07-10 10:28 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-02 15:44 - 2015-09-28 10:44 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-02 15:44 - 2015-09-10 06:00 - 00748196 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-02 15:44 - 2015-09-10 06:00 - 00150400 _____ C:\WINDOWS\system32\perfc005.dat
2016-04-02 15:44 - 2015-07-10 10:27 - 00000000 ____D C:\WINDOWS\INF
2016-04-02 15:43 - 2016-01-24 19:38 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-02 15:40 - 2015-05-22 12:59 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-02 15:38 - 2016-01-24 19:38 - 00000956 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-02 15:38 - 2015-10-01 10:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-02 15:38 - 2015-09-30 09:00 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-04-02 15:38 - 2015-09-28 10:24 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-02 15:38 - 2015-07-21 01:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-02 15:38 - 2015-07-21 01:17 - 00340200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-02 15:38 - 2015-02-08 18:22 - 00000000 __SHD C:\Users\Julie\IntelGraphicsProfiles
==================== Files in the root of some directories =======
2016-03-02 11:26 - 2016-03-02 11:26 - 0000000 _____ () C:\Program Files\Apple Software Update
2016-01-23 06:29 - 2016-01-23 06:29 - 6420480 _____ () C:\Program Files\GUT5715.tmp
2016-03-02 11:26 - 2016-03-02 11:26 - 0000000 _____ () C:\Program Files\MP3 Speed Changer
2016-03-02 11:26 - 2016-03-02 11:26 - 0000000 _____ () C:\Program Files\QuickTime
2016-03-02 11:26 - 2016-03-02 11:26 - 0000000 _____ () C:\Program Files\Skype
2014-05-12 13:26 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2014-05-12 13:26 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-12 13:26 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Julie\AppData\Local\Temp\libeay32.dll
C:\Users\Julie\AppData\Local\Temp\msvcr120.dll
C:\Users\Julie\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Julie\Desktop" je 1 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu. Díky
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
SearchScopes: HKU\S-1-5-21-2892461949-1692902088-1914179838-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2892461949-1692902088-1914179838-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-15] (Google Inc.)
C:\Program Files\Google\Google Toolbar
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files\GUT5715.tmp
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Julie\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?