Dobry den, potrebujem pomoct, avast mi zacal detekovat malware vbs:malware gen, win32:malware gen, pri surfovani akychkolvek stranok, nepravidelne, raz pri otvoreni z detekuje inokedy nie. avira ani eset nic nehlasia. ak som si spravne vsimol doslo okolo polnoci k aktualizacii databazi a priblizne v tom case zacali detekcie.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-02-2017
Ran by Zoltán Bronz (administrator) on LAPTOP-JVJ09D41 (22-02-2017 09:48:51)
Running from C:\Users\Zoltán Bronz\Desktop
Loaded Profiles: Zoltán Bronz (Available Profiles: Zoltán Bronz)
Platform: Windows 10 Home Version 1607 (X64) Language: SlovenÄŤina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\HP\HP OMEN Mouse X9000\hid.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16122.10291.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Zoltán Bronz\Desktop\FRSTLauncher.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9186816 2017-01-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP OMEN Mouse X9000] => C:\Program Files (x86)\HP\HP OMEN Mouse X9000\hid.exe [429056 2016-02-04] ()
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3001536 2016-12-16] (Sony Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{745b2ef7-d53c-454b-ad96-4e6b77998bb0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0E838E3D-0A67-48AB-9A74-A8E5A966D01E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2151822035-1449553926-59665662-1001 -> {0E838E3D-0A67-48AB-9A74-A8E5A966D01E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2151822035-1449553926-59665662-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-12-07] (Ubisoft)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe [310240 2017-02-22] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe [488928 2017-02-22] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-12-08] (Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe [350688 2017-02-22] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [505024 2016-12-16] (Sony Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-26] (Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2017-01-23] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266872 2016-08-19] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-12-08] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2017-01-17] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2017-01-17] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2017-01-17] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2017-01-17] (ESET)
S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2017-01-17] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2017-01-17] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2017-01-17] (ESET)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-12-08] (Intel Corporation)
S3 HPOMENMS; C:\WINDOWS\system32\drivers\HPOMENMS.sys [48872 2016-01-29] ( )
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys [11036640 2017-02-22] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6724368 2016-02-06] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7308560 2016-09-13] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmwu.inf_amd64_6cdbe0c0630ed4a3\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-12-08] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2016-01-20] (Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2016-01-20] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [58984 2016-02-22] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72824 2016-08-19] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [32832 2016-07-31] (HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-22 09:48 - 2017-02-22 09:49 - 00015402 _____ C:\Users\Zoltán Bronz\Desktop\FRST.txt
2017-02-22 09:44 - 2017-02-22 09:48 - 00000000 ____D C:\FRST
2017-02-22 09:44 - 2017-02-22 09:44 - 02422784 _____ (Farbar) C:\Users\Zoltán Bronz\Desktop\FRST64.exe
2017-02-22 09:43 - 2017-02-22 09:43 - 00112640 _____ (forum.viry.cz) C:\Users\Zoltán Bronz\Desktop\FRSTLauncher.exe
2017-02-22 09:42 - 2017-02-22 09:42 - 00112640 _____ (forum.viry.cz) C:\Users\Zoltán Bronz\Downloads\FRSTLauncher.exe
2017-02-22 09:14 - 2017-02-22 09:14 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\ESET
2017-02-22 09:10 - 2017-02-22 09:10 - 00002107 _____ C:\Users\Public\Desktop\ESET Ochrana online platieb.lnk
2017-02-22 09:10 - 2017-02-22 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-02-22 09:10 - 2017-02-22 09:10 - 00000000 ____D C:\ProgramData\ESET
2017-02-22 09:10 - 2017-02-22 09:10 - 00000000 ____D C:\Program Files\ESET
2017-02-22 08:55 - 2017-02-22 09:09 - 03124352 _____ (ESET) C:\Users\Zoltán Bronz\Downloads\eset_smart_security_live_installer_rt_sk.exe
2017-02-22 08:41 - 2017-02-22 08:51 - 00000000 ____D C:\AdwCleaner
2017-02-22 07:31 - 2017-02-22 08:41 - 04015056 _____ C:\Users\Zoltán Bronz\Downloads\adwcleaner_6.043.exe
2017-02-22 07:19 - 2017-02-22 07:19 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\AviraSpeedup
2017-02-22 07:08 - 2017-02-22 07:08 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-02-22 07:05 - 2017-02-22 07:05 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\Avira
2017-02-22 07:04 - 2017-02-22 09:07 - 00000000 ____D C:\ProgramData\Avira
2017-02-22 07:04 - 2017-02-22 09:07 - 00000000 ____D C:\Program Files (x86)\Avira
2017-02-22 06:51 - 2017-02-22 08:44 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-22 06:51 - 2017-02-22 06:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-22 02:11 - 2017-02-22 02:11 - 00000000 _____ C:\autoexec.bat
2017-02-22 01:45 - 2017-02-22 01:45 - 00150032 _____ C:\WINDOWS\SysWOW64\libEGL.dll
2017-02-22 01:45 - 2017-02-22 01:45 - 00122384 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2017-02-22 01:45 - 2017-02-22 01:45 - 00120848 _____ C:\WINDOWS\SysWOW64\libGLESv2.dll
2017-02-22 01:45 - 2017-02-22 01:45 - 00110088 _____ C:\WINDOWS\SysWOW64\libGLESv1_CM.dll
2017-02-17 14:36 - 2017-02-17 14:36 - 00336403 _____ C:\Users\Zoltán Bronz\Downloads\wnetwatcher.zip
2017-02-11 10:10 - 2017-02-11 10:10 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-11 10:10 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-11 10:10 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-11 10:10 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-11 10:10 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-03 02:19 - 2017-02-03 02:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-03 02:18 - 2017-02-03 02:18 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2017-02-03 02:17 - 2017-02-22 07:03 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-03 02:15 - 2017-02-03 02:15 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\AvgSetupLog
2017-02-03 02:15 - 2017-02-03 02:15 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\Avg
2017-02-03 02:15 - 2017-02-03 02:15 - 00000000 ____D C:\ProgramData\Avg
2017-01-29 15:29 - 2017-01-29 15:29 - 00000000 ____D C:\Users\Zoltán Bronz\Documents\Diablo III
2017-01-29 15:10 - 2017-01-29 15:10 - 00000932 _____ C:\Users\Public\Desktop\Diablo III.lnk
2017-01-29 15:10 - 2017-01-29 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2017-01-29 15:06 - 2017-01-29 15:27 - 00000000 ____D C:\Program Files (x86)\Diablo III
2017-01-29 15:06 - 2017-01-29 15:06 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-01-29 15:05 - 2017-01-30 22:09 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\Battle.net
2017-01-29 15:05 - 2017-01-30 22:09 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-29 15:05 - 2017-01-29 15:05 - 00000936 _____ C:\Users\Public\Desktop\Battle.net.lnk
2017-01-29 15:05 - 2017-01-29 15:05 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\Blizzard Entertainment
2017-01-29 15:05 - 2017-01-29 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-01-29 15:04 - 2017-01-29 15:06 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\Battle.net
2017-01-29 15:03 - 2017-01-29 15:04 - 00000000 ____D C:\ProgramData\Battle.net
2017-01-26 07:45 - 2017-01-26 07:44 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-01-26 07:45 - 2017-01-26 07:44 - 08104122 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-01-26 07:45 - 2017-01-26 07:44 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 03014136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-01-26 07:45 - 2017-01-26 07:44 - 02706856 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 02201592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 01435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 01003512 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00866096 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00859912 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00854208 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00726120 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00511728 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 01615656 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 01529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 00438688 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 00112488 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
2017-01-26 02:03 - 2017-01-26 02:03 - 01307648 _____ C:\Users\Zoltán Bronz\AppData\Local\file__0.localstorage
2017-01-25 01:20 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 01:20 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-25 01:16 - 2017-01-25 01:16 - 00000982 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-01-25 01:16 - 2017-01-25 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-01-25 01:16 - 2017-01-25 01:16 - 00000000 ____D C:\Program Files\CPUID
2017-01-23 17:01 - 2017-01-23 17:01 - 00000000 ____D C:\ProgramData\Samsung
2017-01-23 17:00 - 2017-01-23 17:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2017-01-23 17:00 - 2017-01-23 17:01 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\Samsung
2017-01-23 17:00 - 2017-01-23 17:01 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-01-23 17:00 - 2017-01-23 17:00 - 00143664 ____N C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
2017-01-23 17:00 - 2017-01-23 17:00 - 00143664 ____N C:\WINDOWS\system32\SecUPDUtilSvc.exe
2017-01-23 17:00 - 2016-03-24 04:56 - 02817536 ____N C:\WINDOWS\system32\DlgSearchEngine.dll
2017-01-23 17:00 - 2016-03-24 04:56 - 02078208 ____N C:\WINDOWS\SysWOW64\DlgSearchEngine.dll
2017-01-23 17:00 - 2015-09-25 02:13 - 00225600 _____ C:\WINDOWS\system32\SBuySupplies.exe
2017-01-23 17:00 - 2015-03-12 03:43 - 00158016 _____ C:\WINDOWS\system32\us00aci.exe
2017-01-23 17:00 - 2015-03-12 03:43 - 00089600 _____ (SS) C:\WINDOWS\system32\us00aci.dll
2017-01-23 17:00 - 2015-03-12 03:43 - 00022528 _____ () C:\WINDOWS\system32\us00alm.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-22 09:32 - 2016-10-09 02:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-22 09:13 - 2016-10-09 02:16 - 01532334 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-22 09:12 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-22 09:11 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-22 09:08 - 2016-10-09 02:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-22 09:08 - 2016-10-09 02:13 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-22 09:08 - 2016-10-05 16:52 - 00000000 __SHD C:\Users\Zoltán Bronz\IntelGraphicsProfiles
2017-02-22 09:08 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-22 08:58 - 2016-05-06 02:42 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-22 08:36 - 2017-01-20 22:50 - 00000000 ____D C:\Users\Zoltán Bronz\Documents\Might & Magic Heroes VI
2017-02-22 08:36 - 2016-05-06 02:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-22 08:32 - 2016-11-03 22:58 - 00000000 ____D C:\ProgramData\install_backup
2017-02-22 08:32 - 2016-10-05 16:54 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\CyberLink
2017-02-22 08:32 - 2016-08-15 21:07 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-02-22 08:32 - 2016-08-15 21:06 - 00000000 ____D C:\ProgramData\CyberLink
2017-02-22 08:21 - 2016-10-09 02:09 - 00363592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-22 06:50 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-22 06:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-22 06:50 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 06:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-22 02:50 - 2016-10-06 20:50 - 00000392 _____ C:\WINDOWS\Tasks\HPCeeScheduleForZoltán Bronz.job
2017-02-22 02:34 - 2016-10-07 11:41 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-22 02:11 - 2016-10-09 02:17 - 00000000 ____D C:\Users\Zoltán Bronz
2017-02-22 02:02 - 2016-10-09 02:22 - 00003982 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1475746492
2017-02-22 02:02 - 2016-10-06 10:34 - 00001127 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-22 02:02 - 2016-10-06 10:34 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-22 01:46 - 2016-10-20 07:52 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\MPC-HC
2017-02-22 01:46 - 2016-10-10 14:29 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\uTorrent
2017-02-22 01:45 - 2016-12-17 01:04 - 00280072 _____ C:\WINDOWS\system32\igfxCPL.cpl
2017-02-22 01:45 - 2016-10-09 02:14 - 00122384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-02-22 01:45 - 2016-10-09 02:14 - 00113168 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-02-22 01:45 - 2016-10-06 21:04 - 00113168 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2017-02-16 06:47 - 2016-10-09 02:22 - 00003312 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForZoltán Bronz
2017-02-09 23:46 - 2016-10-05 21:00 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\CrashDumps
2017-02-09 23:30 - 2016-10-07 07:23 - 00000000 ____D C:\WarThunder
2017-02-06 20:48 - 2016-11-09 02:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-11-09 02:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 02:12 - 2016-08-15 21:15 - 00000000 ____D C:\ProgramData\McAfee
2017-02-03 02:12 - 2016-08-15 21:15 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-02-03 02:11 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-03 02:10 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-01-30 22:00 - 2016-10-06 10:10 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-01-26 07:47 - 2016-10-09 02:15 - 00040510 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-01-26 07:47 - 2016-10-09 02:15 - 00002105 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bang & Olufsen Audio Control.lnk
2017-01-26 07:47 - 2016-08-15 20:39 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-01-26 07:46 - 2016-10-09 02:14 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-01-26 07:44 - 2016-10-06 21:08 - 05556224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-01-26 07:44 - 2016-10-06 21:08 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-01-26 07:44 - 2016-10-06 21:08 - 03202040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-01-26 07:44 - 2016-10-06 21:08 - 02995000 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-01-26 07:44 - 2016-10-06 21:08 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-01-26 07:44 - 2016-10-06 21:08 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-01-26 07:44 - 2016-05-06 11:14 - 00000000 ____D C:\SWSetup
2017-01-24 02:38 - 2016-10-05 16:54 - 00000000 ___RD C:\Users\Zoltán Bronz\OneDrive
2017-01-23 19:23 - 2017-01-19 18:43 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Might & Magic - Heroes 5.5
2017-01-23 17:49 - 2016-05-06 02:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
==================== Files in the root of some directories =======
2017-01-26 02:03 - 2017-01-26 02:03 - 1307648 _____ () C:\Users\Zoltán Bronz\AppData\Local\file__0.localstorage
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-13 08:24
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows) (Fixed) (Total:237.24 GB) (Free:137.6 GB) NTFS
Drive d: (DATA) (Fixed) (Total:918.77 GB) (Free:680.92 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:12.74 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Available physical RAM: 12696.54 MB
Total physical RAM: 16273.78 MB
Percentage of memory in use: 21%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 238.5 GB) (Disk ID: 99C5DC12)
Disk: 1 (Size: 931.5 GB) (Disk ID: AB454D4D)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForZoltán Bronz.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personálny firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Zolt n Bronz\Desktop" je 2 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Avast hlasi malware
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Avast hlasi malware
- Přílohy
-
- Addition.zip
- (10.38 KiB) Staženo 79 x
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Avast hlasi malware
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Avast hlasi malware
# AdwCleaner v6.043 - *Logfile created 22/02/2017 *at 19:12:19
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-22.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Zoltán Bronz - LAPTOP-JVJ09D41
# *Running from : C:\Users\Zoltán Bronz\Desktop\adwcleaner_6.043.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1016 *Bytes] - [22/02/2017 08:51:12]
C:\AdwCleaner\AdwCleaner[C2].txt - [862 *Bytes] - [22/02/2017 19:12:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1196 *Bytes] - [22/02/2017 08:50:59]
C:\AdwCleaner\AdwCleaner[S1].txt - [1342 *Bytes] - [22/02/2017 19:12:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1083 *Bytes] ##########
tak asi avastaci nieco nedomysleli
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-22.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Zoltán Bronz - LAPTOP-JVJ09D41
# *Running from : C:\Users\Zoltán Bronz\Desktop\adwcleaner_6.043.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1016 *Bytes] - [22/02/2017 08:51:12]
C:\AdwCleaner\AdwCleaner[C2].txt - [862 *Bytes] - [22/02/2017 19:12:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1196 *Bytes] - [22/02/2017 08:50:59]
C:\AdwCleaner\AdwCleaner[S1].txt - [1342 *Bytes] - [22/02/2017 19:12:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1083 *Bytes] ##########
tak asi avastaci nieco nedomysleli
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Avast hlasi malware
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Avast hlasi malware
predpokladam, ze som mal spravit toto 
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-02-2017 01
Ran by Zoltán Bronz (22-02-2017 21:24:27) Run:1
Running from C:\Users\Zoltán Bronz\Desktop
Loaded Profiles: Zoltán Bronz (Available Profiles: Zoltán Bronz)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21337479 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 253216913 B
Edge => 815 B
Chrome => 0 B
Firefox => 0 B
Opera => 353982838 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 76620 B
systemprofile32 => 128 B
LocalService => 818 B
NetworkService => 0 B
Zoltán Bronz => 178403801 B
RecycleBin => 0 B
EmptyTemp: => 769.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:24:33 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-02-2017 01
Ran by Zoltán Bronz (22-02-2017 21:24:27) Run:1
Running from C:\Users\Zoltán Bronz\Desktop
Loaded Profiles: Zoltán Bronz (Available Profiles: Zoltán Bronz)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21337479 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 253216913 B
Edge => 815 B
Chrome => 0 B
Firefox => 0 B
Opera => 353982838 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 76620 B
systemprofile32 => 128 B
LocalService => 818 B
NetworkService => 0 B
Zoltán Bronz => 178403801 B
RecycleBin => 0 B
EmptyTemp: => 769.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:24:33 ====
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Avast hlasi malware
Ano. Bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Avast hlasi malware
som jeden z tych, ktoreho trochu vystrasil avast , preto som si nechal skontrolovat pc, teraz sa uz vie, ze problem je na strane avastu a islo o falosne detekcie, dakujem za kontrolu a precistenie 
, preto som si nechal skontrolovat pc, teraz sa uz vie, ze problem je na strane avastu a islo o falosne detekcie, dakujem za kontrolu a precistenie -
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Avast hlasi malware
OK, to chápu. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?