Zdravím, mám problém, objevila se mi zablokovaná hrozba z avastu, která se ale objevuje neustále dokola. Vůbec nevím co s tím, setkal jsem se s tímto problémem poprvé.
Jedná se o objekt ines0049.ddns.net:83, proces wscript.exe.
Budu rád za každou pomoc, Aurene
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zablokovaná hrozba
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaná hrozba
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaná hrozba
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
Ran by Markéta (administrator) on LENOVO (29-04-2016 20:10:58)
Running from C:\Users\Markéta\Downloads
Loaded Profiles: Markéta (Available Profiles: Markéta)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
() C:\Program Files\Smart Menu\WinStartMenuLauncher.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Spotify Ltd) C:\Users\Markéta\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [899680 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6339656 2013-04-10] (Realtek semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-11-30] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-11-30] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-15] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-27] (Raptr, Inc)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-06-08] (Power Software Ltd)
HKLM-x32\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\...\Run: [Spotify Web Helper] => C:\Users\Markéta\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\SysWOW64\lol.scr
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-15] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Markéta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\data.vbs [2016-03-12] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9D0FF57F-F022-41E5-BC13-961905227949}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{9D0FF57F-F022-41E5-BC13-961905227949}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\.DEFAULT -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-15] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-15] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-12] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Markéta\AppData\Roaming\Mozilla\Firefox\Profiles\1c96rwxp.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\windows\SysWOW64\npdeployJava1.dll [2014-08-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-05-02] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-13] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-3642969307-1352502382-3198975890-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Markéta\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3642969307-1352502382-3198975890-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-13] (Pando Networks)
FF Plugin HKU\S-1-5-21-3642969307-1352502382-3198975890-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-04-23] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-26]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-15] (AVAST Software)
S2 BITS; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S2 BITS; C:\windows\SysWOW64\svchost.exe [23040 2012-09-20] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-02-25] (ELAN Microelectronics Corp.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (Lenovo)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-23] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2015-12-06] ()
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-11-30] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 WinStartMenuLauncher; C:\Program Files\Smart Menu\WinStartMenuLauncher.exe [249432 2014-09-05] () [File not signed]
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-25] (Atheros) [File not signed]
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-15] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-15] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 EagleX64; C:\windows\system32\drivers\EagleX64.sys [145624 2015-07-14] (AhnLab, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243272 2013-04-10] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2013-10-25] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [248240 2013-10-25] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-29 20:10 - 2016-04-29 20:11 - 00023986 _____ C:\Users\Markéta\Downloads\FRST.txt
2016-04-29 20:03 - 2016-04-29 20:03 - 02376704 _____ (Farbar) C:\Users\Markéta\Downloads\FRST64.exe
2016-04-27 17:10 - 2016-04-27 17:10 - 00125924 _____ C:\Users\Markéta\Downloads\040_151213.pdf
2016-04-27 00:25 - 2016-04-27 00:25 - 00000000 ____D C:\Users\Markéta\.QtWebEngineProcess
2016-04-27 00:25 - 2016-04-27 00:25 - 00000000 ____D C:\Users\Markéta\.LSC
2016-04-27 00:24 - 2016-04-27 00:24 - 00002056 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-04-26 21:02 - 2016-04-29 20:10 - 00000000 ____D C:\FRST
2016-04-26 20:41 - 2016-04-26 20:41 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\KSafe
2016-04-26 20:41 - 2016-04-26 20:41 - 00000000 ____D C:\ProgramData\KSafe
2016-04-26 20:40 - 2016-04-26 21:21 - 00000000 ____D C:\AdwCleaner
2016-04-26 20:40 - 2016-04-26 20:40 - 00000000 ____D C:\Program Files (x86)\DllTool
2016-04-26 20:04 - 2016-04-15 16:20 - 00398152 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-04-26 19:49 - 2016-04-26 19:49 - 00001823 _____ C:\Users\Markéta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2016-04-23 18:49 - 2016-04-23 18:49 - 01914067 _____ C:\Users\Markéta\Downloads\145572771823.xlsx
2016-04-21 12:13 - 2016-04-21 12:13 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\java
2016-04-21 11:59 - 2016-04-21 12:14 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-04-21 11:59 - 2016-04-21 12:13 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\.minecraft
2016-04-21 11:59 - 2016-04-21 11:59 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Microsoft\Windows\Start Menu\Minecraft
2016-04-18 18:06 - 2016-04-18 18:20 - 00000000 ____D C:\Program Files (x86)\Glyph
2016-04-16 16:03 - 2016-04-16 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-04-16 16:03 - 2016-04-16 16:03 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-04-15 16:20 - 2016-04-15 16:20 - 00052184 _____ (AVAST Software) C:\windows\avastSS.scr
2016-04-11 22:01 - 2016-04-28 15:48 - 00012209 _____ C:\Users\Markéta\Documents\Sešitesc.xlsx
2016-04-09 12:51 - 2016-04-09 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-04-09 09:13 - 2016-04-09 12:51 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\PlaysTV
2016-04-07 18:11 - 2016-04-10 16:09 - 00013000 _____ C:\Users\Markéta\Documents\Sešitlol.xlsx
2016-03-31 15:32 - 2016-03-31 15:32 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\LolScreenSaver
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-29 20:08 - 2016-03-12 20:34 - 00648192 ___SH C:\Users\Markéta\Downloads\Thumbs.db
2016-04-29 20:08 - 2013-11-30 02:15 - 33110680 _____ C:\windows\system32\perfh005.dat
2016-04-29 20:08 - 2013-11-30 02:15 - 10807502 _____ C:\windows\system32\perfc005.dat
2016-04-29 20:08 - 2012-07-26 09:28 - 00005434 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-29 20:07 - 2015-02-04 13:27 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Raptr
2016-04-29 20:06 - 2014-04-13 15:09 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-29 19:59 - 2014-04-29 19:53 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-29 19:16 - 2014-04-13 15:09 - 00000974 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-29 18:55 - 2014-04-13 20:47 - 00000000 ____D C:\Users\Markéta\AppData\Local\PMB Files
2016-04-29 18:55 - 2014-04-13 20:47 - 00000000 ____D C:\ProgramData\PMB Files
2016-04-29 18:22 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-29 18:21 - 2013-11-30 02:38 - 00043520 _____ C:\windows\system32\VfService.trf
2016-04-29 18:21 - 2012-07-26 07:26 - 00786432 ___SH C:\windows\system32\config\BBI
2016-04-29 17:43 - 2014-06-08 14:54 - 00000000 ____D C:\Users\Markéta\AppData\Local\Battle.net
2016-04-29 17:43 - 2014-06-08 14:52 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-04-29 14:13 - 2016-03-15 00:28 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-04-28 13:16 - 2015-04-06 02:29 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Spotify
2016-04-28 13:16 - 2015-04-06 02:29 - 00000000 ____D C:\Users\Markéta\AppData\Local\Spotify
2016-04-27 22:01 - 2015-12-08 15:11 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-04-27 15:22 - 2014-04-13 14:50 - 00000000 ____D C:\Users\Markéta\Documents\Bluetooth Folder
2016-04-27 00:48 - 2015-12-08 15:30 - 00001196 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2016-04-27 00:25 - 2014-04-13 14:49 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Lenovo
2016-04-27 00:25 - 2014-04-13 14:45 - 00000000 ____D C:\Users\Markéta
2016-04-27 00:24 - 2013-11-30 02:27 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2016-04-27 00:24 - 2013-11-30 02:27 - 00000000 ____D C:\Program Files\Lenovo
2016-04-27 00:22 - 2013-11-30 02:27 - 00000000 ____D C:\windows\Downloaded Installations
2016-04-26 21:45 - 2014-04-19 12:39 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Skype
2016-04-26 21:44 - 2016-03-03 16:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-26 21:44 - 2014-04-19 12:39 - 00000000 ____D C:\ProgramData\Skype
2016-04-26 21:33 - 2014-04-13 15:04 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3642969307-1352502382-3198975890-1002
2016-04-26 21:15 - 2014-04-14 16:03 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-04-26 20:23 - 2016-03-03 19:41 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-04-26 20:19 - 2012-07-26 07:37 - 00000000 ____D C:\windows\Inf
2016-04-26 20:05 - 2016-02-12 18:25 - 00003038 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1455294315
2016-04-26 20:05 - 2016-02-12 18:25 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-26 20:05 - 2014-12-30 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-04-26 20:02 - 2014-04-18 16:44 - 00000000 ____D C:\Users\Markéta\AppData\Local\CrashDumps
2016-04-24 00:43 - 2015-07-18 18:22 - 00017043 _____ C:\Users\Markéta\Documents\SešitHS.xlsx
2016-04-23 18:50 - 2014-04-13 14:47 - 00000000 ____D C:\Users\Markéta\AppData\Local\Packages
2016-04-23 12:34 - 2014-12-26 00:02 - 00000000 ____D C:\ProgramData\Origin
2016-04-23 12:11 - 2014-12-26 00:01 - 00000000 ____D C:\Program Files (x86)\Origin
2016-04-20 21:15 - 2013-11-30 02:35 - 00000000 ____D C:\ProgramData\McAfee
2016-04-19 23:26 - 2013-11-30 02:35 - 00000000 ____D C:\Program Files\mcafee
2016-04-19 23:26 - 2013-11-30 02:35 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-04-19 23:26 - 2013-11-30 02:35 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-04-19 23:19 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\NDF
2016-04-19 14:15 - 2012-07-26 10:12 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-19 14:12 - 2014-05-01 20:09 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-18 18:20 - 2015-07-13 19:41 - 00000000 ____D C:\Users\Markéta\AppData\Local\Glyph
2016-04-18 18:07 - 2015-07-13 19:41 - 00000000 ____D C:\ProgramData\Glyph
2016-04-16 16:02 - 2012-07-26 10:12 - 00000000 ___HD C:\windows\ELAMBKUP
2016-04-16 16:00 - 2015-09-23 21:07 - 00000000 ____D C:\Users\Markéta
2016-04-15 20:51 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\ELAM
2016-04-15 19:55 - 2015-12-06 03:34 - 00026081 _____ C:\Users\Markéta\Documents\Sešitwwe.xlsx
2016-04-15 16:21 - 2014-05-14 15:40 - 00287528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00465792 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00166432 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-04-15 16:19 - 2016-02-12 18:19 - 00037144 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2016-04-15 16:19 - 2014-05-14 15:40 - 01070904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2016-04-12 08:17 - 2014-04-13 15:10 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 08:17 - 2014-04-13 15:10 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-08 18:53 - 2016-03-13 21:43 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-04-08 18:53 - 2015-03-27 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-04-07 22:59 - 2014-04-29 19:53 - 00003802 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-04-02 13:24 - 2016-02-13 11:18 - 00000000 ____D C:\Markéta Foto 2016
2016-03-31 15:32 - 2015-03-22 03:57 - 00000000 ____D C:\Riot Games
==================== Files in the root of some directories =======
2015-02-17 15:48 - 2016-02-12 18:14 - 0007605 _____ () C:\Users\Markéta\AppData\Local\resmon.resmoncfg
2013-11-30 02:15 - 2013-11-30 02:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-26 09:25
==================== End of FRST.txt ============================
Ran by Markéta (administrator) on LENOVO (29-04-2016 20:10:58)
Running from C:\Users\Markéta\Downloads
Loaded Profiles: Markéta (Available Profiles: Markéta)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
() C:\Program Files\Smart Menu\WinStartMenuLauncher.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Spotify Ltd) C:\Users\Markéta\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [899680 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6339656 2013-04-10] (Realtek semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-11-30] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-11-30] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-15] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-27] (Raptr, Inc)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-06-08] (Power Software Ltd)
HKLM-x32\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\...\Run: [Spotify Web Helper] => C:\Users\Markéta\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\SysWOW64\lol.scr
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-15] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Markéta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\data.vbs [2016-03-12] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9D0FF57F-F022-41E5-BC13-961905227949}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{9D0FF57F-F022-41E5-BC13-961905227949}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\.DEFAULT -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-15] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-15] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-12] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Markéta\AppData\Roaming\Mozilla\Firefox\Profiles\1c96rwxp.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\windows\SysWOW64\npdeployJava1.dll [2014-08-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-05-02] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-13] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-3642969307-1352502382-3198975890-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Markéta\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3642969307-1352502382-3198975890-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-13] (Pando Networks)
FF Plugin HKU\S-1-5-21-3642969307-1352502382-3198975890-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-04-23] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-26]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Markéta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-15] (AVAST Software)
S2 BITS; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S2 BITS; C:\windows\SysWOW64\svchost.exe [23040 2012-09-20] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-02-25] (ELAN Microelectronics Corp.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (Lenovo)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-23] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2015-12-06] ()
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-11-30] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 WinStartMenuLauncher; C:\Program Files\Smart Menu\WinStartMenuLauncher.exe [249432 2014-09-05] () [File not signed]
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-25] (Atheros) [File not signed]
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-15] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-15] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 EagleX64; C:\windows\system32\drivers\EagleX64.sys [145624 2015-07-14] (AhnLab, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243272 2013-04-10] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2013-10-25] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [248240 2013-10-25] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-29 20:10 - 2016-04-29 20:11 - 00023986 _____ C:\Users\Markéta\Downloads\FRST.txt
2016-04-29 20:03 - 2016-04-29 20:03 - 02376704 _____ (Farbar) C:\Users\Markéta\Downloads\FRST64.exe
2016-04-27 17:10 - 2016-04-27 17:10 - 00125924 _____ C:\Users\Markéta\Downloads\040_151213.pdf
2016-04-27 00:25 - 2016-04-27 00:25 - 00000000 ____D C:\Users\Markéta\.QtWebEngineProcess
2016-04-27 00:25 - 2016-04-27 00:25 - 00000000 ____D C:\Users\Markéta\.LSC
2016-04-27 00:24 - 2016-04-27 00:24 - 00002056 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-04-26 21:02 - 2016-04-29 20:10 - 00000000 ____D C:\FRST
2016-04-26 20:41 - 2016-04-26 20:41 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\KSafe
2016-04-26 20:41 - 2016-04-26 20:41 - 00000000 ____D C:\ProgramData\KSafe
2016-04-26 20:40 - 2016-04-26 21:21 - 00000000 ____D C:\AdwCleaner
2016-04-26 20:40 - 2016-04-26 20:40 - 00000000 ____D C:\Program Files (x86)\DllTool
2016-04-26 20:04 - 2016-04-15 16:20 - 00398152 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-04-26 19:49 - 2016-04-26 19:49 - 00001823 _____ C:\Users\Markéta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2016-04-23 18:49 - 2016-04-23 18:49 - 01914067 _____ C:\Users\Markéta\Downloads\145572771823.xlsx
2016-04-21 12:13 - 2016-04-21 12:13 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\java
2016-04-21 11:59 - 2016-04-21 12:14 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-04-21 11:59 - 2016-04-21 12:13 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\.minecraft
2016-04-21 11:59 - 2016-04-21 11:59 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Microsoft\Windows\Start Menu\Minecraft
2016-04-18 18:06 - 2016-04-18 18:20 - 00000000 ____D C:\Program Files (x86)\Glyph
2016-04-16 16:03 - 2016-04-16 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-04-16 16:03 - 2016-04-16 16:03 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-04-15 16:20 - 2016-04-15 16:20 - 00052184 _____ (AVAST Software) C:\windows\avastSS.scr
2016-04-11 22:01 - 2016-04-28 15:48 - 00012209 _____ C:\Users\Markéta\Documents\Sešitesc.xlsx
2016-04-09 12:51 - 2016-04-09 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-04-09 09:13 - 2016-04-09 12:51 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\PlaysTV
2016-04-07 18:11 - 2016-04-10 16:09 - 00013000 _____ C:\Users\Markéta\Documents\Sešitlol.xlsx
2016-03-31 15:32 - 2016-03-31 15:32 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\LolScreenSaver
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-29 20:08 - 2016-03-12 20:34 - 00648192 ___SH C:\Users\Markéta\Downloads\Thumbs.db
2016-04-29 20:08 - 2013-11-30 02:15 - 33110680 _____ C:\windows\system32\perfh005.dat
2016-04-29 20:08 - 2013-11-30 02:15 - 10807502 _____ C:\windows\system32\perfc005.dat
2016-04-29 20:08 - 2012-07-26 09:28 - 00005434 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-29 20:07 - 2015-02-04 13:27 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Raptr
2016-04-29 20:06 - 2014-04-13 15:09 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-29 19:59 - 2014-04-29 19:53 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-29 19:16 - 2014-04-13 15:09 - 00000974 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-29 18:55 - 2014-04-13 20:47 - 00000000 ____D C:\Users\Markéta\AppData\Local\PMB Files
2016-04-29 18:55 - 2014-04-13 20:47 - 00000000 ____D C:\ProgramData\PMB Files
2016-04-29 18:22 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-29 18:21 - 2013-11-30 02:38 - 00043520 _____ C:\windows\system32\VfService.trf
2016-04-29 18:21 - 2012-07-26 07:26 - 00786432 ___SH C:\windows\system32\config\BBI
2016-04-29 17:43 - 2014-06-08 14:54 - 00000000 ____D C:\Users\Markéta\AppData\Local\Battle.net
2016-04-29 17:43 - 2014-06-08 14:52 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-04-29 14:13 - 2016-03-15 00:28 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-04-28 13:16 - 2015-04-06 02:29 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Spotify
2016-04-28 13:16 - 2015-04-06 02:29 - 00000000 ____D C:\Users\Markéta\AppData\Local\Spotify
2016-04-27 22:01 - 2015-12-08 15:11 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-04-27 15:22 - 2014-04-13 14:50 - 00000000 ____D C:\Users\Markéta\Documents\Bluetooth Folder
2016-04-27 00:48 - 2015-12-08 15:30 - 00001196 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2016-04-27 00:25 - 2014-04-13 14:49 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Lenovo
2016-04-27 00:25 - 2014-04-13 14:45 - 00000000 ____D C:\Users\Markéta
2016-04-27 00:24 - 2013-11-30 02:27 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2016-04-27 00:24 - 2013-11-30 02:27 - 00000000 ____D C:\Program Files\Lenovo
2016-04-27 00:22 - 2013-11-30 02:27 - 00000000 ____D C:\windows\Downloaded Installations
2016-04-26 21:45 - 2014-04-19 12:39 - 00000000 ____D C:\Users\Markéta\AppData\Roaming\Skype
2016-04-26 21:44 - 2016-03-03 16:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-26 21:44 - 2014-04-19 12:39 - 00000000 ____D C:\ProgramData\Skype
2016-04-26 21:33 - 2014-04-13 15:04 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3642969307-1352502382-3198975890-1002
2016-04-26 21:15 - 2014-04-14 16:03 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-04-26 20:23 - 2016-03-03 19:41 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-04-26 20:19 - 2012-07-26 07:37 - 00000000 ____D C:\windows\Inf
2016-04-26 20:05 - 2016-02-12 18:25 - 00003038 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1455294315
2016-04-26 20:05 - 2016-02-12 18:25 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-26 20:05 - 2014-12-30 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-04-26 20:02 - 2014-04-18 16:44 - 00000000 ____D C:\Users\Markéta\AppData\Local\CrashDumps
2016-04-24 00:43 - 2015-07-18 18:22 - 00017043 _____ C:\Users\Markéta\Documents\SešitHS.xlsx
2016-04-23 18:50 - 2014-04-13 14:47 - 00000000 ____D C:\Users\Markéta\AppData\Local\Packages
2016-04-23 12:34 - 2014-12-26 00:02 - 00000000 ____D C:\ProgramData\Origin
2016-04-23 12:11 - 2014-12-26 00:01 - 00000000 ____D C:\Program Files (x86)\Origin
2016-04-20 21:15 - 2013-11-30 02:35 - 00000000 ____D C:\ProgramData\McAfee
2016-04-19 23:26 - 2013-11-30 02:35 - 00000000 ____D C:\Program Files\mcafee
2016-04-19 23:26 - 2013-11-30 02:35 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-04-19 23:26 - 2013-11-30 02:35 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-04-19 23:19 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\NDF
2016-04-19 14:15 - 2012-07-26 10:12 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-19 14:12 - 2014-05-01 20:09 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-18 18:20 - 2015-07-13 19:41 - 00000000 ____D C:\Users\Markéta\AppData\Local\Glyph
2016-04-18 18:07 - 2015-07-13 19:41 - 00000000 ____D C:\ProgramData\Glyph
2016-04-16 16:02 - 2012-07-26 10:12 - 00000000 ___HD C:\windows\ELAMBKUP
2016-04-16 16:00 - 2015-09-23 21:07 - 00000000 ____D C:\Users\Markéta
2016-04-15 20:51 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\ELAM
2016-04-15 19:55 - 2015-12-06 03:34 - 00026081 _____ C:\Users\Markéta\Documents\Sešitwwe.xlsx
2016-04-15 16:21 - 2014-05-14 15:40 - 00287528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00465792 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00166432 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-04-15 16:20 - 2014-05-14 15:40 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-04-15 16:19 - 2016-02-12 18:19 - 00037144 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2016-04-15 16:19 - 2014-05-14 15:40 - 01070904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2016-04-12 08:17 - 2014-04-13 15:10 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 08:17 - 2014-04-13 15:10 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-08 18:53 - 2016-03-13 21:43 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-04-08 18:53 - 2015-03-27 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-04-07 22:59 - 2014-04-29 19:53 - 00003802 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-04-02 13:24 - 2016-02-13 11:18 - 00000000 ____D C:\Markéta Foto 2016
2016-03-31 15:32 - 2015-03-22 03:57 - 00000000 ____D C:\Riot Games
==================== Files in the root of some directories =======
2015-02-17 15:48 - 2016-02-12 18:14 - 0007605 _____ () C:\Users\Markéta\AppData\Local\resmon.resmoncfg
2013-11-30 02:15 - 2013-11-30 02:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-26 09:25
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.zip
- (9.86 KiB) Staženo 53 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaná hrozba
Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaná hrozba
# AdwCleaner v5.114 - Log soubor vytvořen 29/04/2016 o 20:58:26
# Aktualizováno 27/04/2016 by Xplode
# Databáze : 2016-04-27.1 [Server]
# Operační systém : Windows 8 (X64)
# Jméno uživatele : Markéta - LENOVO
# Spuštěno z : C:\Users\Markéta\Desktop\adwcleaner_5.114.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [768 bytes] - [29/04/2016 20:58:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [811 bytes] - [29/04/2016 20:56:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [912 bytes] ##########
# Aktualizováno 27/04/2016 by Xplode
# Databáze : 2016-04-27.1 [Server]
# Operační systém : Windows 8 (X64)
# Jméno uživatele : Markéta - LENOVO
# Spuštěno z : C:\Users\Markéta\Desktop\adwcleaner_5.114.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [768 bytes] - [29/04/2016 20:58:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [811 bytes] - [29/04/2016 20:56:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [912 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaná hrozba
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Markéta\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\.DEFAULT -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
C:\ProgramData\McAfee
C:\Program Files\mcafee
C:\Program Files\Common Files\mcafee
C:\Program Files (x86)\McAfee
C:\ProgramData\DP45977C.lfl
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaná hrozba
Fix result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
Ran by Markéta (2016-04-30 16:06:25) Run:1
Running from C:\Users\Markéta\Downloads
Loaded Profiles: Markéta (Available Profiles: Markéta)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\.DEFAULT -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
C:\ProgramData\McAfee
C:\Program Files\mcafee
C:\Program Files\Common Files\mcafee
C:\Program Files (x86)\McAfee
C:\ProgramData\DP45977C.lfl
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\data => value removed successfully
Could not move "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" => Scheduled to move on reboot.
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Windows\CurrentVersion\Run\\data => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5370866A-5C14-4AC0-8E05-1775FC4CC49F}" => key removed successfully
HKCR\CLSID\{5370866A-5C14-4AC0-8E05-1775FC4CC49F} => key not found.
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5370866A-5C14-4AC0-8E05-1775FC4CC49F}" => key removed successfully
HKCR\CLSID\{5370866A-5C14-4AC0-8E05-1775FC4CC49F} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
"HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => not found.
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
C:\ProgramData\McAfee => moved successfully
C:\Program Files\mcafee => moved successfully
C:\Program Files\Common Files\mcafee => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-04-30 16:13:59)
C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs => Is moved successfully
C:\ProgramData\DP45977C.lfl => Is moved successfully
==== End of Fixlog 16:13:59 ====
Ran by Markéta (2016-04-30 16:06:25) Run:1
Running from C:\Users\Markéta\Downloads
Loaded Profiles: Markéta (Available Profiles: Markéta)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\...\Run: [data] => wscript.exe //B "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" <===== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\.DEFAULT -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> DefaultScope {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
SearchScopes: HKU\S-1-5-21-3642969307-1352502382-3198975890-1002 -> {5370866A-5C14-4AC0-8E05-1775FC4CC49F} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
C:\ProgramData\McAfee
C:\Program Files\mcafee
C:\Program Files\Common Files\mcafee
C:\Program Files (x86)\McAfee
C:\ProgramData\DP45977C.lfl
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\data => value removed successfully
Could not move "C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs" => Scheduled to move on reboot.
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\Software\Microsoft\Windows\CurrentVersion\Run\\data => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5370866A-5C14-4AC0-8E05-1775FC4CC49F}" => key removed successfully
HKCR\CLSID\{5370866A-5C14-4AC0-8E05-1775FC4CC49F} => key not found.
HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3642969307-1352502382-3198975890-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5370866A-5C14-4AC0-8E05-1775FC4CC49F}" => key removed successfully
HKCR\CLSID\{5370866A-5C14-4AC0-8E05-1775FC4CC49F} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
"HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => not found.
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
C:\ProgramData\McAfee => moved successfully
C:\Program Files\mcafee => moved successfully
C:\Program Files\Common Files\mcafee => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-04-30 16:13:59)
C:\Users\MARKTA~1\AppData\Local\Temp\data.vbs => Is moved successfully
C:\ProgramData\DP45977C.lfl => Is moved successfully
==== End of Fixlog 16:13:59 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaná hrozba
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaná hrozba
Nějakou dobu to bylo v klidu, ale teď to jednou za čas vyskočí, nemám tušení kvůli čemu.
Je ale pravda, že to pomohlo a o dost se to zlepšilo.
Je ale pravda, že to pomohlo a o dost se to zlepšilo.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaná hrozba
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?