Dobrý den, prosím o kontrolu logu. Do NTB se instaluje program Winsnare, Kyubey
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Marcel Dorociak (administrator) on PC-MARCEL (01-04-2017 16:44:08)
Running from C:\Users\Marcel Dorociak\Downloads
Loaded Profiles: Marcel Dorociak (Available Profiles: Marcel Dorociak)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Program Files\Gramblr\gramblr.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-11-18] (Copyright (c) 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-18] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478752 2012-12-18] (Adobe Systems Inc.)
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c012-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c27f-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c28b-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {54779be8-f56e-11e6-8263-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {6b24e8b1-88c5-11e6-825c-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6d8edf-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6c4-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6d5-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {dfacf152-c709-11e6-8260-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
ShellExecuteHooks: No Name - {4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} - C:\Users\Marcel Dorociak\AppData\Roaming\Jipelegernise\Plindomfenuph.dll -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-18] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-18] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{660E2A3A-A005-46B7-B546-82008FE8F1B6}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2295197137-617749404-995821815-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-18] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-18] (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-19]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-10-17] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-20] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-20] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://seznam.cz/
CHR Profile: C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-01] <==== ATTENTION
CHR Extension: (Prezentace Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-16]
CHR Extension: (Dokumenty Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-16]
CHR Extension: (Disk Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-16]
CHR Extension: (YouTube) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-16]
CHR Extension: (Avast SafePrice) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Tabulky Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-16]
CHR Extension: (Avast Online Security) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-31]
CHR Profile: C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default [2017-02-20]
CHR Extension: (Prezentace Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-01]
CHR Extension: (Dokumenty Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-01]
CHR Extension: (Disk Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-01]
CHR Extension: (YouTube) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-01]
CHR Extension: (Avast SafePrice) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-01]
CHR Extension: (Tabulky Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-02]
CHR Extension: (Avast Online Security) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-01]
CHR Extension: (Gmail) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-01]
CHR Extension: (Chrome Media Router) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-01]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-09-16] (Advanced Micro Devices) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-18] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-18] (AVAST Software)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [10408528 2017-03-27] () [File not signed]
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-11-18] (Copyright (c) 2016 Plays.tv, LLC)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-06-12] (Stardock Software, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-09-07] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [79120 2016-03-03] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-18] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-18] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-18] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-18] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-18] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-18] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-18] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-18] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-07] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-01 16:19 - 2017-04-01 16:19 - 06726130 _____ C:\Users\Marcel Dorociak\Downloads\video-1491048252.mp4
2017-04-01 12:33 - 2017-04-01 12:33 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2cf5cd71f0231907
2017-04-01 12:33 - 2017-04-01 12:33 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign24ca0ae0b0513f8e
2017-04-01 12:33 - 2017-04-01 12:33 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign0e2ec2c5230aa246
2017-04-01 12:32 - 2017-04-01 12:42 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\kac
2017-04-01 08:14 - 2017-04-01 08:14 - 00038925 _____ C:\Users\Marcel Dorociak\Downloads\Addition.txt
2017-04-01 08:11 - 2017-04-01 16:44 - 00021025 _____ C:\Users\Marcel Dorociak\Downloads\FRST.txt
2017-04-01 08:11 - 2017-04-01 16:44 - 00000000 ____D C:\FRST
2017-04-01 08:11 - 2017-04-01 08:11 - 02424832 _____ (Farbar) C:\Users\Marcel Dorociak\Downloads\FRST64.exe
2017-04-01 08:11 - 2017-04-01 08:11 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-01 08:01 - 2017-04-01 08:02 - 00003734 _____ C:\Users\Marcel Dorociak\Desktop\Rkill.txt
2017-04-01 07:57 - 2017-04-01 07:57 - 00488857 _____ C:\Users\Marcel Dorociak\Desktop\regrunlog.txt
2017-04-01 07:50 - 2017-04-01 08:00 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2017-04-01 07:50 - 2017-04-01 07:57 - 00000000 ____D C:\Users\Marcel Dorociak\Documents\RegRun2
2017-04-01 07:50 - 2017-04-01 07:57 - 00000000 ____D C:\ProgramData\RegRun
2017-04-01 07:50 - 2017-04-01 07:50 - 00000002 RSHOT C:\Windows\winstart.bat
2017-04-01 07:50 - 2017-04-01 07:50 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2017-04-01 07:50 - 2017-04-01 07:50 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2017-04-01 07:49 - 2017-04-01 07:49 - 18771043 _____ C:\Users\Marcel Dorociak\Downloads\unhackmerus.zip
2017-03-31 23:33 - 2017-03-31 23:33 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙ĐźPçŘ
2017-03-31 21:10 - 2017-03-31 21:10 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙ĐžKvţ
2017-03-31 16:30 - 2017-03-31 16:30 - 00876544 _____ C:\Users\Marcel Dorociak\Downloads\Zemana_AntiMalware_Premium_2.72.2.345_License_Key_Is_Here_Latest.iso
2017-03-31 16:25 - 2017-03-31 16:25 - 00001888 _____ C:\Users\Marcel Dorociak\Desktop\sc-cleaner.txt
2017-03-31 16:15 - 2017-03-31 16:15 - 04089296 _____ C:\Users\Marcel Dorociak\Downloads\adwcleaner_6.045.exe
2017-03-31 15:56 - 2017-03-31 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2017-03-31 15:47 - 2017-03-31 15:47 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\rkill.com
2017-03-30 21:26 - 2017-03-30 21:26 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigne870ae3e33e5dd3b
2017-03-30 21:22 - 2017-03-30 21:22 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign54098c32982cadf7
2017-03-30 21:22 - 2017-03-30 21:22 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2b176ee2f3e9221c
2017-03-30 18:50 - 2017-03-30 18:50 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigneba7df9eda2befa6
2017-03-30 18:50 - 2017-03-30 18:50 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8faaca512bc6a5cd
2017-03-30 18:50 - 2017-03-30 18:50 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign35cad448f4aaba11
2017-03-30 09:31 - 2017-04-01 07:39 - 00003522 _____ C:\Windows\System32\Tasks\Windows-PG
2017-03-30 09:31 - 2017-03-30 09:31 - 00000000 ____D C:\Update
2017-03-29 16:43 - 2017-03-29 16:43 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign859f04e686382cdf
2017-03-29 16:42 - 2017-03-29 16:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignf8cb0bacc8558d5c
2017-03-29 16:42 - 2017-03-29 16:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3e2d4cc9de9fff1d
2017-03-28 23:36 - 2017-03-28 23:36 - 00000000 ____D C:\Windows\system32\faad849216846c518278afbcf9..bin
2017-03-28 23:36 - 2017-03-28 23:36 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙đ›Ĺä
2017-03-28 23:36 - 2017-03-28 23:36 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙@ˇĄi
2017-03-27 22:42 - 2017-03-27 22:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignc23b414555d9c7f1
2017-03-27 21:56 - 2017-03-27 21:56 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigneee2877a7c02662b
2017-03-27 21:56 - 2017-03-27 21:56 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign6e01ca28e5a5d3cd
2017-03-27 18:52 - 2017-03-27 18:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign5e09b9d061f08452
2017-03-27 18:46 - 2017-03-27 18:46 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbceb8cf79fb8872a
2017-03-27 18:46 - 2017-03-27 18:46 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2de31129f409892d
2017-03-26 22:03 - 2017-03-26 22:03 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignfcf9284363a91021
2017-03-26 21:57 - 2017-03-26 21:57 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign9a4d0b718ee58495
2017-03-26 21:57 - 2017-03-26 21:57 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign15139567eb6987c2
2017-03-26 13:38 - 2017-03-26 13:38 - 00000000 ____D C:\Windows\system32\fb0ef8cbb2643c01cf9bf99901..bin
2017-03-26 13:38 - 2017-03-26 13:38 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙ť´;¨
2017-03-26 10:12 - 2017-03-26 10:12 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign376a72e967dcc58d
2017-03-26 10:05 - 2017-03-26 10:05 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignfa2457006f011eb6
2017-03-26 10:05 - 2017-03-26 10:05 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8a60387c79eb321b
2017-03-26 09:56 - 2017-03-26 09:56 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbee2d0ba23bceaad
2017-03-26 09:53 - 2017-03-26 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignb114d9e437ab1529
2017-03-26 09:53 - 2017-03-26 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign93a947a1a315957e
2017-03-25 16:20 - 2017-03-25 16:20 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigna93a7e1aee87eb81
2017-03-25 16:19 - 2017-03-25 16:19 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3b4bb55dd9cd467d
2017-03-25 16:19 - 2017-03-25 16:19 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign223b2c8e5b8611fc
2017-03-25 15:59 - 2017-03-26 22:12 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\sviad
2017-03-25 15:59 - 2017-03-25 15:59 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8c7a9e3bda767b8c
2017-03-25 15:59 - 2017-03-25 15:59 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign345abf27ef6411b9
2017-03-25 15:59 - 2017-03-25 15:59 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2a4aa7996638fea7
2017-03-24 20:51 - 2017-03-24 21:27 - 2044723200 _____ C:\Users\Marcel Dorociak\Downloads\98799998787.part1.rar
2017-03-24 20:51 - 2017-03-24 21:22 - 1904313336 _____ C:\Users\Marcel Dorociak\Downloads\98799998787.part2.rar
2017-03-24 19:52 - 2017-03-24 19:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign94da7321c9fa2018
2017-03-24 19:47 - 2017-03-24 19:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign70b78bb0d46f8927
2017-03-24 19:47 - 2017-03-24 19:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign04bf3507bdb1b9d5
2017-03-23 18:47 - 2017-03-23 18:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign046f5f22938faa54
2017-03-23 18:45 - 2017-03-23 18:45 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignacf5cabe2a5d6539
2017-03-23 18:45 - 2017-03-23 18:45 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign05373f45078a0ddd
2017-03-22 12:53 - 2017-03-22 12:53 - 01320538 _____ C:\Users\Marcel Dorociak\Downloads\0312 Seznam nemovitých věcí.pdf
2017-03-21 22:36 - 2017-03-21 22:36 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign5e92c31b65f70cba
2017-03-21 22:35 - 2017-03-21 22:35 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign863e62f8f29de485
2017-03-21 22:35 - 2017-03-21 22:35 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign77cb54acf66f157b
2017-03-21 14:26 - 2017-03-21 14:26 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign7323bfdbe079fc5f
2017-03-21 13:44 - 2017-03-21 13:44 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigne2d98170a0731eca
2017-03-21 13:44 - 2017-03-21 13:44 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd321347d55b51699
2017-03-20 22:52 - 2017-03-20 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigncec1d54b1083f1e1
2017-03-20 22:52 - 2017-03-20 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbaa377c45a002852
2017-03-20 22:52 - 2017-03-20 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign11729651debaa978
2017-03-20 17:47 - 2017-03-20 17:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbf75ee3f9a501404
2017-03-20 17:47 - 2017-03-20 17:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3e30dddbbeaf39e8
2017-03-20 17:47 - 2017-03-20 17:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign190d9dea4d438315
2017-03-19 23:08 - 2017-03-19 23:08 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignb298aacd1bc235d7
2017-03-19 23:06 - 2017-03-19 23:06 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigncd6a37ecf8be8fc7
2017-03-19 23:06 - 2017-03-19 23:06 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign320114cfc2ed0464
2017-03-19 22:28 - 2017-03-19 22:28 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbc6b808812c9ed14
2017-03-19 22:13 - 2017-03-19 22:13 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignf3235cf0e06d2f19
2017-03-19 22:13 - 2017-03-19 22:13 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign1dd2391f77d0de63
2017-03-19 17:53 - 2017-03-19 17:53 - 00127217 _____ C:\Users\Marcel Dorociak\Desktop\moravskoslezska_lesni.pdf
2017-03-19 10:54 - 2017-03-19 10:54 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign64f6a915bed3f09e
2017-03-19 09:53 - 2017-03-19 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8369d5ce193c40de
2017-03-19 09:53 - 2017-03-19 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3e5aa406ec01eda2
2017-03-18 23:47 - 2017-03-18 23:47 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-18 23:47 - 2017-03-18 23:47 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-18 23:47 - 2017-03-18 23:46 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-18 23:47 - 2017-03-18 23:46 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-18 23:47 - 2017-03-18 23:46 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-18 23:47 - 2017-03-18 23:46 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-18 20:04 - 2017-03-18 20:04 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigna50288edf0f60f85
2017-03-18 20:03 - 2017-03-18 20:03 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign47923097a71484a1
2017-03-18 20:03 - 2017-03-18 20:03 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign1fd1e5eca98beb8a
2017-03-18 20:02 - 2017-03-19 22:27 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\zamky
2017-03-18 19:46 - 2017-03-21 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\zam
2017-03-17 18:43 - 2017-03-17 18:44 - 52291335 _____ C:\Users\Marcel Dorociak\Downloads\OpenPLi-4.0-beta-vuduo-20170317_usb.zip
2017-03-13 20:58 - 2017-03-31 16:43 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2017-03-13 20:37 - 2017-03-13 20:58 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-13 20:37 - 2017-03-13 20:37 - 11581544 _____ (SurfRight B.V.) C:\Users\Marcel Dorociak\Downloads\HitmanPro_x64.exe
2017-03-13 20:36 - 2017-03-13 20:36 - 00465536 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\sc-cleaner.exe
2017-03-13 20:32 - 2017-03-13 20:32 - 00000000 __SHD C:\Users\Marcel Dorociak\AppData\Local\EmieUserList
2017-03-13 20:32 - 2017-03-13 20:32 - 00000000 __SHD C:\Users\Marcel Dorociak\AppData\Local\EmieSiteList
2017-03-13 20:32 - 2017-03-13 20:32 - 00000000 __SHD C:\Users\Marcel Dorociak\AppData\Local\EmieBrowserModeList
2017-03-13 20:05 - 2017-03-13 20:06 - 05755024 _____ (Zemana Ltd. ) C:\Users\Marcel Dorociak\Downloads\Nepotvrzeno 488094.crdownload
2017-03-13 19:00 - 2017-04-01 07:31 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-03-13 19:00 - 2017-04-01 01:57 - 00092527 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-03-13 19:00 - 2017-03-31 17:09 - 00099254 _____ C:\Windows\ZAM.krnl.trace
2017-03-13 19:00 - 2017-03-13 19:00 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Zemana
2017-03-13 18:58 - 2017-03-13 18:58 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\iExplore64.exe
2017-03-13 18:57 - 2017-03-13 18:57 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\iExplore.exe
2017-03-13 18:55 - 2017-03-13 18:56 - 05755024 _____ (Zemana Ltd. ) C:\Users\Marcel Dorociak\Downloads\Zemana.AntiMalware.Setup.exe
2017-03-13 18:54 - 2017-03-13 18:54 - 00912452 _____ C:\Users\Marcel Dorociak\Downloads\rkill.zip
2017-03-12 21:47 - 2017-03-12 21:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd14799c6b806b270
2017-03-12 21:38 - 2017-03-12 21:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd9b2ff2cece3b0f7
2017-03-12 21:38 - 2017-03-12 21:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign670dffd7ddcf02b2
2017-03-12 21:37 - 2017-03-12 23:28 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\fre1
2017-03-12 18:38 - 2017-03-12 18:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign7a1ec57260143344
2017-03-12 18:04 - 2017-03-12 18:04 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigne28e1987db7e0d36
2017-03-12 18:04 - 2017-03-12 18:04 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign92720dcf814601bb
2017-03-11 20:14 - 2017-03-11 21:16 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\Nová složka (2)
2017-03-11 18:51 - 2017-03-12 23:20 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\fre
2017-03-10 23:59 - 2017-02-28 15:09 - 10382928 _____ C:\Users\Marcel Dorociak\Desktop\gramblr.exe
2017-03-10 23:57 - 2017-04-01 16:44 - 00000000 ____D C:\ProgramData\Gramblr
2017-03-10 23:57 - 2017-03-27 14:10 - 00000000 ____D C:\Program Files\Gramblr
2017-03-10 23:57 - 2017-03-10 23:57 - 03587039 _____ C:\Users\Marcel Dorociak\Downloads\gramblr2_win64.zip
2017-03-10 23:57 - 2017-03-10 23:57 - 00000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gramblr.lnk
2017-03-10 22:32 - 2017-03-10 22:32 - 00000000 __SHD C:\Windows\ftpcache
2017-03-10 22:27 - 2015-07-07 15:51 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\call of duty 2 cz
2017-03-10 21:28 - 2017-03-10 22:23 - 3791967656 _____ C:\Users\Marcel Dorociak\Downloads\call of duty 2 cz (1).rar
2017-03-09 19:01 - 2017-03-09 19:02 - 19510758 _____ C:\Users\Marcel Dorociak\Downloads\IOBIT-malware-fighter-license-key.rar.crdownload
2017-03-09 10:05 - 2017-03-09 10:05 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\Nová složka
2017-03-08 21:21 - 2017-03-08 21:21 - 00000000 _____ C:\Windows\SysWOW64\4
2017-03-08 21:21 - 2017-03-08 21:21 - 00000000 _____ C:\Windows\SysWOW64\3
2017-03-07 22:42 - 2017-03-07 22:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd15df54d071f0c12
2017-03-07 22:37 - 2017-03-07 22:37 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8ad30fd9106b277d
2017-03-07 22:37 - 2017-03-07 22:37 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign442f35e4df82353a
2017-03-06 20:28 - 2017-03-06 20:31 - 282727003 _____ C:\Users\Marcel Dorociak\Downloads\zbozicko.zip
2017-03-06 19:54 - 2017-03-06 19:54 - 00085609 _____ C:\Users\Marcel Dorociak\Downloads\Dotaznik.pdf
2017-03-06 00:40 - 2017-03-06 00:40 - 00014542 _____ C:\Users\Marcel Dorociak\Desktop\Přihláška_do_pojištění_odp2017 (1).xlsx
2017-03-06 00:36 - 2017-03-06 00:36 - 00014640 _____ C:\Users\Marcel Dorociak\Downloads\Přihláška_do_pojištění_odp2017 (1).xlsx
2017-03-06 00:32 - 2017-03-06 00:32 - 00034304 _____ C:\Users\Marcel Dorociak\Downloads\Přihláška_do_pojištění_2017-vzor.xls
2017-03-06 00:31 - 2017-03-06 00:31 - 00014640 _____ C:\Users\Marcel Dorociak\Downloads\Přihláška_do_pojištění_odp2017.xlsx
2017-03-02 23:40 - 2017-03-02 23:40 - 08893651 _____ C:\Users\Marcel Dorociak\Downloads\0208 Zasedání rady.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-01 16:25 - 2016-09-26 23:34 - 00321536 ___SH C:\Users\Marcel Dorociak\Downloads\Thumbs.db
2017-04-01 12:35 - 2014-11-21 06:53 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-01 12:35 - 2014-11-21 06:10 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-04-01 12:35 - 2014-11-21 06:10 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-04-01 12:35 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-04-01 08:20 - 2016-09-18 16:02 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2295197137-617749404-995821815-1001
2017-04-01 08:05 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-01 08:04 - 2017-02-20 23:27 - 00000000 ____D C:\AdwCleaner
2017-04-01 08:04 - 2016-09-18 17:58 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-03-31 16:23 - 2016-09-18 15:56 - 00000000 ____D C:\Users\Marcel Dorociak
2017-03-31 16:20 - 2016-09-18 15:56 - 00000847 _____ C:\Users\Marcel Dorociak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-31 16:11 - 2016-09-19 14:02 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-31 16:08 - 2017-02-01 18:48 - 00001180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-31 15:38 - 2017-02-21 01:32 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-30 21:32 - 2016-09-20 23:32 - 03117568 ___SH C:\Users\Marcel Dorociak\Desktop\Thumbs.db
2017-03-26 10:14 - 2016-09-19 14:06 - 00003894 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1474286808
2017-03-26 10:14 - 2016-09-19 14:06 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-26 09:57 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-21 23:47 - 2016-09-19 14:04 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-20 18:57 - 2017-01-01 18:51 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\pad
2017-03-19 17:47 - 2016-09-24 18:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\CrashDumps
2017-03-18 23:47 - 2016-09-19 14:04 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148987366537504
2017-03-18 23:47 - 2016-09-19 14:04 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148987366703106
2017-03-18 23:47 - 2016-09-19 14:04 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-18 23:46 - 2016-09-19 14:06 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-18 23:46 - 2016-09-19 14:04 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-12 23:28 - 2017-01-22 21:12 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Roaming\XnView
2017-03-10 22:52 - 2016-09-18 16:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-10 21:16 - 2016-09-19 18:20 - 00000000 ____D C:\Hry
==================== Files in the root of some directories =======
2017-02-20 23:01 - 2017-02-20 23:01 - 0000114 _____ () C:\Program Files (x86)\metadata
2017-02-12 20:45 - 2017-02-12 20:46 - 318912029 _____ () C:\Users\Marcel Dorociak\AppData\Local\ACCCx3_9_5_353.zip.aamdownload
2017-02-12 20:45 - 2017-02-12 20:46 - 0003560 _____ () C:\Users\Marcel Dorociak\AppData\Local\ACCCx3_9_5_353.zip.aamdownload.aamd
2016-10-04 15:02 - 2016-10-04 15:02 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-04-01 08:20
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
# AdwCleaner v6.045 - Log vytvořen 01/04/2017 v 17:34:55
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-03-31.1 [Místní]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Marcel Dorociak - PC-MARCEL
# Spuštěno z : C:\Users\Marcel Dorociak\Downloads\adwcleaner_6.045 (1).exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
[-] [C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [favicon_url] Smazáno: hxxp://www.startpageing123.com/searchfavicon.ico
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4677 Bajty] - [20/02/2017 23:35:50]
C:\AdwCleaner\AdwCleaner[C2].txt - [1515 Bajty] - [20/02/2017 23:42:33]
C:\AdwCleaner\AdwCleaner[C3].txt - [3962 Bajty] - [13/03/2017 20:30:21]
C:\AdwCleaner\AdwCleaner[C4].txt - [3173 Bajty] - [31/03/2017 16:20:15]
C:\AdwCleaner\AdwCleaner[C5].txt - [2345 Bajty] - [01/04/2017 08:04:32]
C:\AdwCleaner\AdwCleaner[C6].txt - [1343 Bajty] - [01/04/2017 17:34:55]
C:\AdwCleaner\AdwCleaner[S0].txt - [4546 Bajty] - [20/02/2017 23:30:40]
C:\AdwCleaner\AdwCleaner[S1].txt - [4621 Bajty] - [20/02/2017 23:35:24]
C:\AdwCleaner\AdwCleaner[S2].txt - [1727 Bajty] - [20/02/2017 23:42:13]
C:\AdwCleaner\AdwCleaner[S3].txt - [1873 Bajty] - [20/02/2017 23:47:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [4392 Bajty] - [13/03/2017 20:29:11]
C:\AdwCleaner\AdwCleaner[S5].txt - [3946 Bajty] - [31/03/2017 16:19:20]
C:\AdwCleaner\AdwCleaner[S6].txt - [2390 Bajty] - [01/04/2017 08:04:02]
C:\AdwCleaner\AdwCleaner[S7].txt - [2378 Bajty] - [01/04/2017 17:34:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [2000 Bajty] ##########
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-03-31.1 [Místní]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Marcel Dorociak - PC-MARCEL
# Spuštěno z : C:\Users\Marcel Dorociak\Downloads\adwcleaner_6.045 (1).exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
[-] [C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [favicon_url] Smazáno: hxxp://www.startpageing123.com/searchfavicon.ico
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4677 Bajty] - [20/02/2017 23:35:50]
C:\AdwCleaner\AdwCleaner[C2].txt - [1515 Bajty] - [20/02/2017 23:42:33]
C:\AdwCleaner\AdwCleaner[C3].txt - [3962 Bajty] - [13/03/2017 20:30:21]
C:\AdwCleaner\AdwCleaner[C4].txt - [3173 Bajty] - [31/03/2017 16:20:15]
C:\AdwCleaner\AdwCleaner[C5].txt - [2345 Bajty] - [01/04/2017 08:04:32]
C:\AdwCleaner\AdwCleaner[C6].txt - [1343 Bajty] - [01/04/2017 17:34:55]
C:\AdwCleaner\AdwCleaner[S0].txt - [4546 Bajty] - [20/02/2017 23:30:40]
C:\AdwCleaner\AdwCleaner[S1].txt - [4621 Bajty] - [20/02/2017 23:35:24]
C:\AdwCleaner\AdwCleaner[S2].txt - [1727 Bajty] - [20/02/2017 23:42:13]
C:\AdwCleaner\AdwCleaner[S3].txt - [1873 Bajty] - [20/02/2017 23:47:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [4392 Bajty] - [13/03/2017 20:29:11]
C:\AdwCleaner\AdwCleaner[S5].txt - [3946 Bajty] - [31/03/2017 16:19:20]
C:\AdwCleaner\AdwCleaner[S6].txt - [2390 Bajty] - [01/04/2017 08:04:02]
C:\AdwCleaner\AdwCleaner[S7].txt - [2378 Bajty] - [01/04/2017 17:34:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [2000 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Marcel Dorociak (administrator) on PC-MARCEL (01-04-2017 18:23:27)
Running from C:\Users\Marcel Dorociak\Downloads
Loaded Profiles: Marcel Dorociak (Available Profiles: Marcel Dorociak)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Program Files\Gramblr\gramblr.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-11-18] (Copyright (c) 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-18] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478752 2012-12-18] (Adobe Systems Inc.)
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c012-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c27f-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c28b-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {54779be8-f56e-11e6-8263-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {6b24e8b1-88c5-11e6-825c-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6d8edf-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6c4-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6d5-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {dfacf152-c709-11e6-8260-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
ShellExecuteHooks: No Name - {4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} - C:\Users\Marcel Dorociak\AppData\Roaming\Jipelegernise\Plindomfenuph.dll -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-18] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-18] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{660E2A3A-A005-46B7-B546-82008FE8F1B6}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2295197137-617749404-995821815-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2295197137-617749404-995821815-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-18] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-18] (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-19]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-10-17] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-20] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-20] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://seznam.cz/
CHR Profile: C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-01] <==== ATTENTION
CHR Extension: (Prezentace Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-16]
CHR Extension: (Dokumenty Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-16]
CHR Extension: (Disk Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-16]
CHR Extension: (YouTube) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-16]
CHR Extension: (Avast SafePrice) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Tabulky Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-16]
CHR Extension: (Avast Online Security) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-31]
CHR Profile: C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default [2017-02-20]
CHR Extension: (Prezentace Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-01]
CHR Extension: (Dokumenty Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-01]
CHR Extension: (Disk Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-01]
CHR Extension: (YouTube) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-01]
CHR Extension: (Avast SafePrice) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-01]
CHR Extension: (Tabulky Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-02]
CHR Extension: (Avast Online Security) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-01]
CHR Extension: (Gmail) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-01]
CHR Extension: (Chrome Media Router) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-01]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-09-16] (Advanced Micro Devices) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-18] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-18] (AVAST Software)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [10408528 2017-03-27] () [File not signed]
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-11-18] (Copyright (c) 2016 Plays.tv, LLC)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-06-12] (Stardock Software, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-09-07] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [79120 2016-03-03] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-18] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-18] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-18] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-18] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-18] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-18] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-18] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-18] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-07] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-01 18:13 - 2017-04-01 18:13 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-01 17:31 - 2017-04-01 17:31 - 04089296 _____ C:\Users\Marcel Dorociak\Downloads\adwcleaner_6.045 (1).exe
2017-04-01 17:31 - 2017-04-01 17:31 - 00000000 __SHD C:\Users\Marcel Dorociak\AppData\Local\EmieUserList
2017-04-01 17:31 - 2017-04-01 17:31 - 00000000 __SHD C:\Users\Marcel Dorociak\AppData\Local\EmieSiteList
2017-04-01 17:31 - 2017-04-01 17:31 - 00000000 __SHD C:\Users\Marcel Dorociak\AppData\Local\EmieBrowserModeList
2017-04-01 17:30 - 2017-04-01 17:30 - 01663904 _____ (Malwarebytes) C:\Users\Marcel Dorociak\Desktop\JRT (1).exe
2017-04-01 17:20 - 2017-04-01 17:20 - 00000000 ____D C:\zoek_backup
2017-04-01 17:19 - 2017-04-01 17:19 - 01309184 _____ C:\Users\Marcel Dorociak\Desktop\zoek.exe
2017-04-01 16:19 - 2017-04-01 16:19 - 06726130 _____ C:\Users\Marcel Dorociak\Downloads\video-1491048252.mp4
2017-04-01 12:33 - 2017-04-01 12:33 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2cf5cd71f0231907
2017-04-01 12:33 - 2017-04-01 12:33 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign24ca0ae0b0513f8e
2017-04-01 12:33 - 2017-04-01 12:33 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign0e2ec2c5230aa246
2017-04-01 12:32 - 2017-04-01 12:42 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\kac
2017-04-01 08:14 - 2017-04-01 16:45 - 00040034 _____ C:\Users\Marcel Dorociak\Downloads\Addition.txt
2017-04-01 08:11 - 2017-04-01 18:23 - 00021107 _____ C:\Users\Marcel Dorociak\Downloads\FRST.txt
2017-04-01 08:11 - 2017-04-01 18:23 - 00000000 ____D C:\FRST
2017-04-01 08:11 - 2017-04-01 08:11 - 02424832 _____ (Farbar) C:\Users\Marcel Dorociak\Downloads\FRST64.exe
2017-04-01 08:01 - 2017-04-01 08:02 - 00003734 _____ C:\Users\Marcel Dorociak\Desktop\Rkill.txt
2017-04-01 07:57 - 2017-04-01 07:57 - 00488857 _____ C:\Users\Marcel Dorociak\Desktop\regrunlog.txt
2017-04-01 07:50 - 2017-04-01 08:00 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2017-04-01 07:50 - 2017-04-01 07:57 - 00000000 ____D C:\Users\Marcel Dorociak\Documents\RegRun2
2017-04-01 07:50 - 2017-04-01 07:50 - 00000002 RSHOT C:\Windows\winstart.bat
2017-04-01 07:50 - 2017-04-01 07:50 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2017-04-01 07:50 - 2017-04-01 07:50 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2017-04-01 07:49 - 2017-04-01 07:49 - 18771043 _____ C:\Users\Marcel Dorociak\Downloads\unhackmerus.zip
2017-03-31 23:33 - 2017-03-31 23:33 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙ĐźPçŘ
2017-03-31 21:10 - 2017-03-31 21:10 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙ĐžKvţ
2017-03-31 16:30 - 2017-03-31 16:30 - 00876544 _____ C:\Users\Marcel Dorociak\Downloads\Zemana_AntiMalware_Premium_2.72.2.345_License_Key_Is_Here_Latest.iso
2017-03-31 16:25 - 2017-03-31 16:25 - 00001888 _____ C:\Users\Marcel Dorociak\Desktop\sc-cleaner.txt
2017-03-31 16:15 - 2017-03-31 16:15 - 04089296 _____ C:\Users\Marcel Dorociak\Downloads\adwcleaner_6.045.exe
2017-03-31 15:56 - 2017-03-31 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2017-03-31 15:47 - 2017-03-31 15:47 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\rkill.com
2017-03-30 21:26 - 2017-03-30 21:26 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigne870ae3e33e5dd3b
2017-03-30 21:22 - 2017-03-30 21:22 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign54098c32982cadf7
2017-03-30 21:22 - 2017-03-30 21:22 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2b176ee2f3e9221c
2017-03-30 18:50 - 2017-03-30 18:50 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigneba7df9eda2befa6
2017-03-30 18:50 - 2017-03-30 18:50 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8faaca512bc6a5cd
2017-03-30 18:50 - 2017-03-30 18:50 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign35cad448f4aaba11
2017-03-30 09:31 - 2017-04-01 07:39 - 00003522 _____ C:\Windows\System32\Tasks\Windows-PG
2017-03-30 09:31 - 2017-03-30 09:31 - 00000000 ____D C:\Update
2017-03-29 16:43 - 2017-03-29 16:43 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign859f04e686382cdf
2017-03-29 16:42 - 2017-03-29 16:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignf8cb0bacc8558d5c
2017-03-29 16:42 - 2017-03-29 16:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3e2d4cc9de9fff1d
2017-03-28 23:36 - 2017-03-28 23:36 - 00000000 ____D C:\Windows\system32\faad849216846c518278afbcf9..bin
2017-03-28 23:36 - 2017-03-28 23:36 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙đ›Ĺä
2017-03-28 23:36 - 2017-03-28 23:36 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙@ˇĄi
2017-03-27 22:42 - 2017-03-27 22:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignc23b414555d9c7f1
2017-03-27 21:56 - 2017-03-27 21:56 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigneee2877a7c02662b
2017-03-27 21:56 - 2017-03-27 21:56 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign6e01ca28e5a5d3cd
2017-03-27 18:52 - 2017-03-27 18:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign5e09b9d061f08452
2017-03-27 18:46 - 2017-03-27 18:46 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbceb8cf79fb8872a
2017-03-27 18:46 - 2017-03-27 18:46 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2de31129f409892d
2017-03-26 22:03 - 2017-03-26 22:03 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignfcf9284363a91021
2017-03-26 21:57 - 2017-03-26 21:57 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign9a4d0b718ee58495
2017-03-26 21:57 - 2017-03-26 21:57 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign15139567eb6987c2
2017-03-26 13:38 - 2017-03-26 13:38 - 00000000 ____D C:\Windows\system32\fb0ef8cbb2643c01cf9bf99901..bin
2017-03-26 13:38 - 2017-03-26 13:38 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙ť´;¨
2017-03-26 10:12 - 2017-03-26 10:12 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign376a72e967dcc58d
2017-03-26 10:05 - 2017-03-26 10:05 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignfa2457006f011eb6
2017-03-26 10:05 - 2017-03-26 10:05 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8a60387c79eb321b
2017-03-26 09:56 - 2017-03-26 09:56 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbee2d0ba23bceaad
2017-03-26 09:53 - 2017-03-26 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignb114d9e437ab1529
2017-03-26 09:53 - 2017-03-26 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign93a947a1a315957e
2017-03-25 16:20 - 2017-03-25 16:20 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigna93a7e1aee87eb81
2017-03-25 16:19 - 2017-03-25 16:19 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3b4bb55dd9cd467d
2017-03-25 16:19 - 2017-03-25 16:19 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign223b2c8e5b8611fc
2017-03-25 15:59 - 2017-03-26 22:12 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\sviad
2017-03-25 15:59 - 2017-03-25 15:59 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8c7a9e3bda767b8c
2017-03-25 15:59 - 2017-03-25 15:59 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign345abf27ef6411b9
2017-03-25 15:59 - 2017-03-25 15:59 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2a4aa7996638fea7
2017-03-24 20:51 - 2017-03-24 21:27 - 2044723200 _____ C:\Users\Marcel Dorociak\Downloads\98799998787.part1.rar
2017-03-24 20:51 - 2017-03-24 21:22 - 1904313336 _____ C:\Users\Marcel Dorociak\Downloads\98799998787.part2.rar
2017-03-24 19:52 - 2017-03-24 19:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign94da7321c9fa2018
2017-03-24 19:47 - 2017-03-24 19:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign70b78bb0d46f8927
2017-03-24 19:47 - 2017-03-24 19:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign04bf3507bdb1b9d5
2017-03-23 18:47 - 2017-03-23 18:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign046f5f22938faa54
2017-03-23 18:45 - 2017-03-23 18:45 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignacf5cabe2a5d6539
2017-03-23 18:45 - 2017-03-23 18:45 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign05373f45078a0ddd
2017-03-22 12:53 - 2017-03-22 12:53 - 01320538 _____ C:\Users\Marcel Dorociak\Downloads\0312 Seznam nemovitých věcí.pdf
2017-03-21 22:36 - 2017-03-21 22:36 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign5e92c31b65f70cba
2017-03-21 22:35 - 2017-03-21 22:35 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign863e62f8f29de485
2017-03-21 22:35 - 2017-03-21 22:35 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign77cb54acf66f157b
2017-03-21 14:26 - 2017-03-21 14:26 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign7323bfdbe079fc5f
2017-03-21 13:44 - 2017-03-21 13:44 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigne2d98170a0731eca
2017-03-21 13:44 - 2017-03-21 13:44 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd321347d55b51699
2017-03-20 22:52 - 2017-03-20 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigncec1d54b1083f1e1
2017-03-20 22:52 - 2017-03-20 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbaa377c45a002852
2017-03-20 22:52 - 2017-03-20 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign11729651debaa978
2017-03-20 17:47 - 2017-03-20 17:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbf75ee3f9a501404
2017-03-20 17:47 - 2017-03-20 17:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3e30dddbbeaf39e8
2017-03-20 17:47 - 2017-03-20 17:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign190d9dea4d438315
2017-03-19 23:08 - 2017-03-19 23:08 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignb298aacd1bc235d7
2017-03-19 23:06 - 2017-03-19 23:06 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigncd6a37ecf8be8fc7
2017-03-19 23:06 - 2017-03-19 23:06 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign320114cfc2ed0464
2017-03-19 22:28 - 2017-03-19 22:28 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbc6b808812c9ed14
2017-03-19 22:13 - 2017-03-19 22:13 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignf3235cf0e06d2f19
2017-03-19 22:13 - 2017-03-19 22:13 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign1dd2391f77d0de63
2017-03-19 17:53 - 2017-03-19 17:53 - 00127217 _____ C:\Users\Marcel Dorociak\Desktop\moravskoslezska_lesni.pdf
2017-03-19 10:54 - 2017-03-19 10:54 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign64f6a915bed3f09e
2017-03-19 09:53 - 2017-03-19 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8369d5ce193c40de
2017-03-19 09:53 - 2017-03-19 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3e5aa406ec01eda2
2017-03-18 23:47 - 2017-03-18 23:47 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-18 23:47 - 2017-03-18 23:47 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-18 23:47 - 2017-03-18 23:46 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-18 23:47 - 2017-03-18 23:46 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-18 23:47 - 2017-03-18 23:46 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-18 23:47 - 2017-03-18 23:46 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-18 20:04 - 2017-03-18 20:04 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigna50288edf0f60f85
2017-03-18 20:03 - 2017-03-18 20:03 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign47923097a71484a1
2017-03-18 20:03 - 2017-03-18 20:03 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign1fd1e5eca98beb8a
2017-03-18 20:02 - 2017-03-19 22:27 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\zamky
2017-03-18 19:46 - 2017-03-21 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\zam
2017-03-17 18:43 - 2017-03-17 18:44 - 52291335 _____ C:\Users\Marcel Dorociak\Downloads\OpenPLi-4.0-beta-vuduo-20170317_usb.zip
2017-03-13 20:58 - 2017-03-31 16:43 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2017-03-13 20:37 - 2017-03-13 20:58 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-13 20:37 - 2017-03-13 20:37 - 11581544 _____ (SurfRight B.V.) C:\Users\Marcel Dorociak\Downloads\HitmanPro_x64.exe
2017-03-13 20:36 - 2017-03-13 20:36 - 00465536 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\sc-cleaner.exe
2017-03-13 20:05 - 2017-03-13 20:06 - 05755024 _____ (Zemana Ltd. ) C:\Users\Marcel Dorociak\Downloads\Nepotvrzeno 488094.crdownload
2017-03-13 19:00 - 2017-04-01 01:57 - 00092527 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-03-13 19:00 - 2017-03-31 17:09 - 00099254 _____ C:\Windows\ZAM.krnl.trace
2017-03-13 19:00 - 2017-03-13 19:00 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Zemana
2017-03-13 18:58 - 2017-03-13 18:58 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\iExplore64.exe
2017-03-13 18:57 - 2017-03-13 18:57 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\iExplore.exe
2017-03-13 18:55 - 2017-03-13 18:56 - 05755024 _____ (Zemana Ltd. ) C:\Users\Marcel Dorociak\Downloads\Zemana.AntiMalware.Setup.exe
2017-03-13 18:54 - 2017-03-13 18:54 - 00912452 _____ C:\Users\Marcel Dorociak\Downloads\rkill.zip
2017-03-12 21:47 - 2017-03-12 21:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd14799c6b806b270
2017-03-12 21:38 - 2017-03-12 21:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd9b2ff2cece3b0f7
2017-03-12 21:38 - 2017-03-12 21:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign670dffd7ddcf02b2
2017-03-12 21:37 - 2017-03-12 23:28 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\fre1
2017-03-12 18:38 - 2017-03-12 18:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign7a1ec57260143344
2017-03-12 18:04 - 2017-03-12 18:04 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigne28e1987db7e0d36
2017-03-12 18:04 - 2017-03-12 18:04 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign92720dcf814601bb
2017-03-11 20:14 - 2017-03-11 21:16 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\Nová složka (2)
2017-03-11 18:51 - 2017-03-12 23:20 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\fre
2017-03-10 23:59 - 2017-02-28 15:09 - 10382928 _____ C:\Users\Marcel Dorociak\Desktop\gramblr.exe
2017-03-10 23:57 - 2017-04-01 18:24 - 00000000 ____D C:\ProgramData\Gramblr
2017-03-10 23:57 - 2017-03-27 14:10 - 00000000 ____D C:\Program Files\Gramblr
2017-03-10 23:57 - 2017-03-10 23:57 - 03587039 _____ C:\Users\Marcel Dorociak\Downloads\gramblr2_win64.zip
2017-03-10 23:57 - 2017-03-10 23:57 - 00000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gramblr.lnk
2017-03-10 22:32 - 2017-03-10 22:32 - 00000000 __SHD C:\Windows\ftpcache
2017-03-10 22:27 - 2015-07-07 15:51 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\call of duty 2 cz
2017-03-10 21:28 - 2017-03-10 22:23 - 3791967656 _____ C:\Users\Marcel Dorociak\Downloads\call of duty 2 cz (1).rar
2017-03-09 19:01 - 2017-03-09 19:02 - 19510758 _____ C:\Users\Marcel Dorociak\Downloads\IOBIT-malware-fighter-license-key.rar.crdownload
2017-03-09 10:05 - 2017-03-09 10:05 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\Nová složka
2017-03-08 21:21 - 2017-03-08 21:21 - 00000000 _____ C:\Windows\SysWOW64\4
2017-03-08 21:21 - 2017-03-08 21:21 - 00000000 _____ C:\Windows\SysWOW64\3
2017-03-07 22:42 - 2017-03-07 22:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd15df54d071f0c12
2017-03-07 22:37 - 2017-03-07 22:37 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8ad30fd9106b277d
2017-03-07 22:37 - 2017-03-07 22:37 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign442f35e4df82353a
2017-03-06 20:28 - 2017-03-06 20:31 - 282727003 _____ C:\Users\Marcel Dorociak\Downloads\zbozicko.zip
2017-03-06 19:54 - 2017-03-06 19:54 - 00085609 _____ C:\Users\Marcel Dorociak\Downloads\Dotaznik.pdf
2017-03-06 00:40 - 2017-03-06 00:40 - 00014542 _____ C:\Users\Marcel Dorociak\Desktop\Přihláška_do_pojištění_odp2017 (1).xlsx
2017-03-06 00:36 - 2017-03-06 00:36 - 00014640 _____ C:\Users\Marcel Dorociak\Downloads\Přihláška_do_pojištění_odp2017 (1).xlsx
2017-03-06 00:32 - 2017-03-06 00:32 - 00034304 _____ C:\Users\Marcel Dorociak\Downloads\Přihláška_do_pojištění_2017-vzor.xls
2017-03-06 00:31 - 2017-03-06 00:31 - 00014640 _____ C:\Users\Marcel Dorociak\Downloads\Přihláška_do_pojištění_odp2017.xlsx
2017-03-02 23:40 - 2017-03-02 23:40 - 08893651 _____ C:\Users\Marcel Dorociak\Downloads\0208 Zasedání rady.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-01 17:41 - 2014-11-21 06:53 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-01 17:41 - 2014-11-21 06:10 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-04-01 17:41 - 2014-11-21 06:10 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-04-01 17:41 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-04-01 17:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-01 17:35 - 2016-09-18 17:58 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-04-01 17:34 - 2017-02-20 23:27 - 00000000 ____D C:\AdwCleaner
2017-04-01 16:25 - 2016-09-26 23:34 - 00321536 ___SH C:\Users\Marcel Dorociak\Downloads\Thumbs.db
2017-04-01 08:20 - 2016-09-18 16:02 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2295197137-617749404-995821815-1001
2017-03-31 16:23 - 2016-09-18 15:56 - 00000000 ____D C:\Users\Marcel Dorociak
2017-03-31 16:20 - 2016-09-18 15:56 - 00000847 _____ C:\Users\Marcel Dorociak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-31 16:11 - 2016-09-19 14:02 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-31 16:08 - 2017-02-01 18:48 - 00001180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-31 15:38 - 2017-02-21 01:32 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-30 21:32 - 2016-09-20 23:32 - 03117568 ___SH C:\Users\Marcel Dorociak\Desktop\Thumbs.db
2017-03-26 10:14 - 2016-09-19 14:06 - 00003894 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1474286808
2017-03-26 10:14 - 2016-09-19 14:06 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-26 09:57 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-21 23:47 - 2016-09-19 14:04 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-20 18:57 - 2017-01-01 18:51 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\pad
2017-03-19 17:47 - 2016-09-24 18:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\CrashDumps
2017-03-18 23:47 - 2016-09-19 14:04 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148987366537504
2017-03-18 23:47 - 2016-09-19 14:04 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148987366703106
2017-03-18 23:47 - 2016-09-19 14:04 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-18 23:46 - 2016-09-19 14:06 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-18 23:46 - 2016-09-19 14:04 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-12 23:28 - 2017-01-22 21:12 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Roaming\XnView
2017-03-10 22:52 - 2016-09-18 16:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-10 21:16 - 2016-09-19 18:20 - 00000000 ____D C:\Hry
==================== Files in the root of some directories =======
2017-02-20 23:01 - 2017-02-20 23:01 - 0000114 _____ () C:\Program Files (x86)\metadata
2017-02-12 20:45 - 2017-02-12 20:46 - 318912029 _____ () C:\Users\Marcel Dorociak\AppData\Local\ACCCx3_9_5_353.zip.aamdownload
2017-02-12 20:45 - 2017-02-12 20:46 - 0003560 _____ () C:\Users\Marcel Dorociak\AppData\Local\ACCCx3_9_5_353.zip.aamdownload.aamd
2016-10-04 15:02 - 2016-10-04 15:02 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-04-01 08:20
==================== End of FRST.txt ============================
Ran by Marcel Dorociak (administrator) on PC-MARCEL (01-04-2017 18:23:27)
Running from C:\Users\Marcel Dorociak\Downloads
Loaded Profiles: Marcel Dorociak (Available Profiles: Marcel Dorociak)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Program Files\Gramblr\gramblr.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-11-18] (Copyright (c) 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-18] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478752 2012-12-18] (Adobe Systems Inc.)
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c012-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c27f-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c28b-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {54779be8-f56e-11e6-8263-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {6b24e8b1-88c5-11e6-825c-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6d8edf-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6c4-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6d5-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {dfacf152-c709-11e6-8260-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
ShellExecuteHooks: No Name - {4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} - C:\Users\Marcel Dorociak\AppData\Roaming\Jipelegernise\Plindomfenuph.dll -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-18] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-18] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{660E2A3A-A005-46B7-B546-82008FE8F1B6}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2295197137-617749404-995821815-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2295197137-617749404-995821815-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-18] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-18] (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-19]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-10-17] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-20] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-20] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://seznam.cz/
CHR Profile: C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-01] <==== ATTENTION
CHR Extension: (Prezentace Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-16]
CHR Extension: (Dokumenty Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-16]
CHR Extension: (Disk Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-16]
CHR Extension: (YouTube) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-16]
CHR Extension: (Avast SafePrice) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Tabulky Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-16]
CHR Extension: (Avast Online Security) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-31]
CHR Profile: C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default [2017-02-20]
CHR Extension: (Prezentace Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-01]
CHR Extension: (Dokumenty Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-01]
CHR Extension: (Disk Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-01]
CHR Extension: (YouTube) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-01]
CHR Extension: (Avast SafePrice) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-01]
CHR Extension: (Tabulky Google) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-02]
CHR Extension: (Avast Online Security) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-01]
CHR Extension: (Gmail) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-01]
CHR Extension: (Chrome Media Router) - C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-01]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-09-16] (Advanced Micro Devices) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-18] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-18] (AVAST Software)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [10408528 2017-03-27] () [File not signed]
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-11-18] (Copyright (c) 2016 Plays.tv, LLC)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-06-12] (Stardock Software, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-09-07] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [79120 2016-03-03] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-18] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-18] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-18] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-18] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-18] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-18] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-18] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-18] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-07] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-01 18:13 - 2017-04-01 18:13 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-01 17:31 - 2017-04-01 17:31 - 04089296 _____ C:\Users\Marcel Dorociak\Downloads\adwcleaner_6.045 (1).exe
2017-04-01 17:31 - 2017-04-01 17:31 - 00000000 __SHD C:\Users\Marcel Dorociak\AppData\Local\EmieUserList
2017-04-01 17:31 - 2017-04-01 17:31 - 00000000 __SHD C:\Users\Marcel Dorociak\AppData\Local\EmieSiteList
2017-04-01 17:31 - 2017-04-01 17:31 - 00000000 __SHD C:\Users\Marcel Dorociak\AppData\Local\EmieBrowserModeList
2017-04-01 17:30 - 2017-04-01 17:30 - 01663904 _____ (Malwarebytes) C:\Users\Marcel Dorociak\Desktop\JRT (1).exe
2017-04-01 17:20 - 2017-04-01 17:20 - 00000000 ____D C:\zoek_backup
2017-04-01 17:19 - 2017-04-01 17:19 - 01309184 _____ C:\Users\Marcel Dorociak\Desktop\zoek.exe
2017-04-01 16:19 - 2017-04-01 16:19 - 06726130 _____ C:\Users\Marcel Dorociak\Downloads\video-1491048252.mp4
2017-04-01 12:33 - 2017-04-01 12:33 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2cf5cd71f0231907
2017-04-01 12:33 - 2017-04-01 12:33 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign24ca0ae0b0513f8e
2017-04-01 12:33 - 2017-04-01 12:33 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign0e2ec2c5230aa246
2017-04-01 12:32 - 2017-04-01 12:42 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\kac
2017-04-01 08:14 - 2017-04-01 16:45 - 00040034 _____ C:\Users\Marcel Dorociak\Downloads\Addition.txt
2017-04-01 08:11 - 2017-04-01 18:23 - 00021107 _____ C:\Users\Marcel Dorociak\Downloads\FRST.txt
2017-04-01 08:11 - 2017-04-01 18:23 - 00000000 ____D C:\FRST
2017-04-01 08:11 - 2017-04-01 08:11 - 02424832 _____ (Farbar) C:\Users\Marcel Dorociak\Downloads\FRST64.exe
2017-04-01 08:01 - 2017-04-01 08:02 - 00003734 _____ C:\Users\Marcel Dorociak\Desktop\Rkill.txt
2017-04-01 07:57 - 2017-04-01 07:57 - 00488857 _____ C:\Users\Marcel Dorociak\Desktop\regrunlog.txt
2017-04-01 07:50 - 2017-04-01 08:00 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2017-04-01 07:50 - 2017-04-01 07:57 - 00000000 ____D C:\Users\Marcel Dorociak\Documents\RegRun2
2017-04-01 07:50 - 2017-04-01 07:50 - 00000002 RSHOT C:\Windows\winstart.bat
2017-04-01 07:50 - 2017-04-01 07:50 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2017-04-01 07:50 - 2017-04-01 07:50 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2017-04-01 07:49 - 2017-04-01 07:49 - 18771043 _____ C:\Users\Marcel Dorociak\Downloads\unhackmerus.zip
2017-03-31 23:33 - 2017-03-31 23:33 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙ĐźPçŘ
2017-03-31 21:10 - 2017-03-31 21:10 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙ĐžKvţ
2017-03-31 16:30 - 2017-03-31 16:30 - 00876544 _____ C:\Users\Marcel Dorociak\Downloads\Zemana_AntiMalware_Premium_2.72.2.345_License_Key_Is_Here_Latest.iso
2017-03-31 16:25 - 2017-03-31 16:25 - 00001888 _____ C:\Users\Marcel Dorociak\Desktop\sc-cleaner.txt
2017-03-31 16:15 - 2017-03-31 16:15 - 04089296 _____ C:\Users\Marcel Dorociak\Downloads\adwcleaner_6.045.exe
2017-03-31 15:56 - 2017-03-31 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2017-03-31 15:47 - 2017-03-31 15:47 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\rkill.com
2017-03-30 21:26 - 2017-03-30 21:26 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigne870ae3e33e5dd3b
2017-03-30 21:22 - 2017-03-30 21:22 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign54098c32982cadf7
2017-03-30 21:22 - 2017-03-30 21:22 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2b176ee2f3e9221c
2017-03-30 18:50 - 2017-03-30 18:50 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigneba7df9eda2befa6
2017-03-30 18:50 - 2017-03-30 18:50 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8faaca512bc6a5cd
2017-03-30 18:50 - 2017-03-30 18:50 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign35cad448f4aaba11
2017-03-30 09:31 - 2017-04-01 07:39 - 00003522 _____ C:\Windows\System32\Tasks\Windows-PG
2017-03-30 09:31 - 2017-03-30 09:31 - 00000000 ____D C:\Update
2017-03-29 16:43 - 2017-03-29 16:43 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign859f04e686382cdf
2017-03-29 16:42 - 2017-03-29 16:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignf8cb0bacc8558d5c
2017-03-29 16:42 - 2017-03-29 16:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3e2d4cc9de9fff1d
2017-03-28 23:36 - 2017-03-28 23:36 - 00000000 ____D C:\Windows\system32\faad849216846c518278afbcf9..bin
2017-03-28 23:36 - 2017-03-28 23:36 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙đ›Ĺä
2017-03-28 23:36 - 2017-03-28 23:36 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙@ˇĄi
2017-03-27 22:42 - 2017-03-27 22:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignc23b414555d9c7f1
2017-03-27 21:56 - 2017-03-27 21:56 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigneee2877a7c02662b
2017-03-27 21:56 - 2017-03-27 21:56 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign6e01ca28e5a5d3cd
2017-03-27 18:52 - 2017-03-27 18:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign5e09b9d061f08452
2017-03-27 18:46 - 2017-03-27 18:46 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbceb8cf79fb8872a
2017-03-27 18:46 - 2017-03-27 18:46 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2de31129f409892d
2017-03-26 22:03 - 2017-03-26 22:03 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignfcf9284363a91021
2017-03-26 21:57 - 2017-03-26 21:57 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign9a4d0b718ee58495
2017-03-26 21:57 - 2017-03-26 21:57 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign15139567eb6987c2
2017-03-26 13:38 - 2017-03-26 13:38 - 00000000 ____D C:\Windows\system32\fb0ef8cbb2643c01cf9bf99901..bin
2017-03-26 13:38 - 2017-03-26 13:38 - 00000000 ____D C:\Windows\system32\˙˙˙˙˙˙˙˙ť´;¨
2017-03-26 10:12 - 2017-03-26 10:12 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign376a72e967dcc58d
2017-03-26 10:05 - 2017-03-26 10:05 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignfa2457006f011eb6
2017-03-26 10:05 - 2017-03-26 10:05 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8a60387c79eb321b
2017-03-26 09:56 - 2017-03-26 09:56 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbee2d0ba23bceaad
2017-03-26 09:53 - 2017-03-26 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignb114d9e437ab1529
2017-03-26 09:53 - 2017-03-26 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign93a947a1a315957e
2017-03-25 16:20 - 2017-03-25 16:20 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigna93a7e1aee87eb81
2017-03-25 16:19 - 2017-03-25 16:19 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3b4bb55dd9cd467d
2017-03-25 16:19 - 2017-03-25 16:19 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign223b2c8e5b8611fc
2017-03-25 15:59 - 2017-03-26 22:12 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\sviad
2017-03-25 15:59 - 2017-03-25 15:59 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8c7a9e3bda767b8c
2017-03-25 15:59 - 2017-03-25 15:59 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign345abf27ef6411b9
2017-03-25 15:59 - 2017-03-25 15:59 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign2a4aa7996638fea7
2017-03-24 20:51 - 2017-03-24 21:27 - 2044723200 _____ C:\Users\Marcel Dorociak\Downloads\98799998787.part1.rar
2017-03-24 20:51 - 2017-03-24 21:22 - 1904313336 _____ C:\Users\Marcel Dorociak\Downloads\98799998787.part2.rar
2017-03-24 19:52 - 2017-03-24 19:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign94da7321c9fa2018
2017-03-24 19:47 - 2017-03-24 19:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign70b78bb0d46f8927
2017-03-24 19:47 - 2017-03-24 19:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign04bf3507bdb1b9d5
2017-03-23 18:47 - 2017-03-23 18:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign046f5f22938faa54
2017-03-23 18:45 - 2017-03-23 18:45 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignacf5cabe2a5d6539
2017-03-23 18:45 - 2017-03-23 18:45 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign05373f45078a0ddd
2017-03-22 12:53 - 2017-03-22 12:53 - 01320538 _____ C:\Users\Marcel Dorociak\Downloads\0312 Seznam nemovitých věcí.pdf
2017-03-21 22:36 - 2017-03-21 22:36 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign5e92c31b65f70cba
2017-03-21 22:35 - 2017-03-21 22:35 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign863e62f8f29de485
2017-03-21 22:35 - 2017-03-21 22:35 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign77cb54acf66f157b
2017-03-21 14:26 - 2017-03-21 14:26 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign7323bfdbe079fc5f
2017-03-21 13:44 - 2017-03-21 13:44 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigne2d98170a0731eca
2017-03-21 13:44 - 2017-03-21 13:44 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd321347d55b51699
2017-03-20 22:52 - 2017-03-20 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigncec1d54b1083f1e1
2017-03-20 22:52 - 2017-03-20 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbaa377c45a002852
2017-03-20 22:52 - 2017-03-20 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign11729651debaa978
2017-03-20 17:47 - 2017-03-20 17:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbf75ee3f9a501404
2017-03-20 17:47 - 2017-03-20 17:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3e30dddbbeaf39e8
2017-03-20 17:47 - 2017-03-20 17:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign190d9dea4d438315
2017-03-19 23:08 - 2017-03-19 23:08 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignb298aacd1bc235d7
2017-03-19 23:06 - 2017-03-19 23:06 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigncd6a37ecf8be8fc7
2017-03-19 23:06 - 2017-03-19 23:06 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign320114cfc2ed0464
2017-03-19 22:28 - 2017-03-19 22:28 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignbc6b808812c9ed14
2017-03-19 22:13 - 2017-03-19 22:13 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignf3235cf0e06d2f19
2017-03-19 22:13 - 2017-03-19 22:13 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign1dd2391f77d0de63
2017-03-19 17:53 - 2017-03-19 17:53 - 00127217 _____ C:\Users\Marcel Dorociak\Desktop\moravskoslezska_lesni.pdf
2017-03-19 10:54 - 2017-03-19 10:54 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign64f6a915bed3f09e
2017-03-19 09:53 - 2017-03-19 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8369d5ce193c40de
2017-03-19 09:53 - 2017-03-19 09:53 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign3e5aa406ec01eda2
2017-03-18 23:47 - 2017-03-18 23:47 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-18 23:47 - 2017-03-18 23:47 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-18 23:47 - 2017-03-18 23:46 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-18 23:47 - 2017-03-18 23:46 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-18 23:47 - 2017-03-18 23:46 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-18 23:47 - 2017-03-18 23:46 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-18 20:04 - 2017-03-18 20:04 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigna50288edf0f60f85
2017-03-18 20:03 - 2017-03-18 20:03 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign47923097a71484a1
2017-03-18 20:03 - 2017-03-18 20:03 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign1fd1e5eca98beb8a
2017-03-18 20:02 - 2017-03-19 22:27 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\zamky
2017-03-18 19:46 - 2017-03-21 22:52 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\zam
2017-03-17 18:43 - 2017-03-17 18:44 - 52291335 _____ C:\Users\Marcel Dorociak\Downloads\OpenPLi-4.0-beta-vuduo-20170317_usb.zip
2017-03-13 20:58 - 2017-03-31 16:43 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2017-03-13 20:37 - 2017-03-13 20:58 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-13 20:37 - 2017-03-13 20:37 - 11581544 _____ (SurfRight B.V.) C:\Users\Marcel Dorociak\Downloads\HitmanPro_x64.exe
2017-03-13 20:36 - 2017-03-13 20:36 - 00465536 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\sc-cleaner.exe
2017-03-13 20:05 - 2017-03-13 20:06 - 05755024 _____ (Zemana Ltd. ) C:\Users\Marcel Dorociak\Downloads\Nepotvrzeno 488094.crdownload
2017-03-13 19:00 - 2017-04-01 01:57 - 00092527 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-03-13 19:00 - 2017-03-31 17:09 - 00099254 _____ C:\Windows\ZAM.krnl.trace
2017-03-13 19:00 - 2017-03-13 19:00 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Zemana
2017-03-13 18:58 - 2017-03-13 18:58 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\iExplore64.exe
2017-03-13 18:57 - 2017-03-13 18:57 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Marcel Dorociak\Downloads\iExplore.exe
2017-03-13 18:55 - 2017-03-13 18:56 - 05755024 _____ (Zemana Ltd. ) C:\Users\Marcel Dorociak\Downloads\Zemana.AntiMalware.Setup.exe
2017-03-13 18:54 - 2017-03-13 18:54 - 00912452 _____ C:\Users\Marcel Dorociak\Downloads\rkill.zip
2017-03-12 21:47 - 2017-03-12 21:47 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd14799c6b806b270
2017-03-12 21:38 - 2017-03-12 21:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd9b2ff2cece3b0f7
2017-03-12 21:38 - 2017-03-12 21:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign670dffd7ddcf02b2
2017-03-12 21:37 - 2017-03-12 23:28 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\fre1
2017-03-12 18:38 - 2017-03-12 18:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign7a1ec57260143344
2017-03-12 18:04 - 2017-03-12 18:04 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsigne28e1987db7e0d36
2017-03-12 18:04 - 2017-03-12 18:04 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign92720dcf814601bb
2017-03-11 20:14 - 2017-03-11 21:16 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\Nová složka (2)
2017-03-11 18:51 - 2017-03-12 23:20 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\fre
2017-03-10 23:59 - 2017-02-28 15:09 - 10382928 _____ C:\Users\Marcel Dorociak\Desktop\gramblr.exe
2017-03-10 23:57 - 2017-04-01 18:24 - 00000000 ____D C:\ProgramData\Gramblr
2017-03-10 23:57 - 2017-03-27 14:10 - 00000000 ____D C:\Program Files\Gramblr
2017-03-10 23:57 - 2017-03-10 23:57 - 03587039 _____ C:\Users\Marcel Dorociak\Downloads\gramblr2_win64.zip
2017-03-10 23:57 - 2017-03-10 23:57 - 00000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gramblr.lnk
2017-03-10 22:32 - 2017-03-10 22:32 - 00000000 __SHD C:\Windows\ftpcache
2017-03-10 22:27 - 2015-07-07 15:51 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\call of duty 2 cz
2017-03-10 21:28 - 2017-03-10 22:23 - 3791967656 _____ C:\Users\Marcel Dorociak\Downloads\call of duty 2 cz (1).rar
2017-03-09 19:01 - 2017-03-09 19:02 - 19510758 _____ C:\Users\Marcel Dorociak\Downloads\IOBIT-malware-fighter-license-key.rar.crdownload
2017-03-09 10:05 - 2017-03-09 10:05 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\Nová složka
2017-03-08 21:21 - 2017-03-08 21:21 - 00000000 _____ C:\Windows\SysWOW64\4
2017-03-08 21:21 - 2017-03-08 21:21 - 00000000 _____ C:\Windows\SysWOW64\3
2017-03-07 22:42 - 2017-03-07 22:42 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsignd15df54d071f0c12
2017-03-07 22:37 - 2017-03-07 22:37 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign8ad30fd9106b277d
2017-03-07 22:37 - 2017-03-07 22:37 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\Tempzxpsign442f35e4df82353a
2017-03-06 20:28 - 2017-03-06 20:31 - 282727003 _____ C:\Users\Marcel Dorociak\Downloads\zbozicko.zip
2017-03-06 19:54 - 2017-03-06 19:54 - 00085609 _____ C:\Users\Marcel Dorociak\Downloads\Dotaznik.pdf
2017-03-06 00:40 - 2017-03-06 00:40 - 00014542 _____ C:\Users\Marcel Dorociak\Desktop\Přihláška_do_pojištění_odp2017 (1).xlsx
2017-03-06 00:36 - 2017-03-06 00:36 - 00014640 _____ C:\Users\Marcel Dorociak\Downloads\Přihláška_do_pojištění_odp2017 (1).xlsx
2017-03-06 00:32 - 2017-03-06 00:32 - 00034304 _____ C:\Users\Marcel Dorociak\Downloads\Přihláška_do_pojištění_2017-vzor.xls
2017-03-06 00:31 - 2017-03-06 00:31 - 00014640 _____ C:\Users\Marcel Dorociak\Downloads\Přihláška_do_pojištění_odp2017.xlsx
2017-03-02 23:40 - 2017-03-02 23:40 - 08893651 _____ C:\Users\Marcel Dorociak\Downloads\0208 Zasedání rady.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-01 17:41 - 2014-11-21 06:53 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-01 17:41 - 2014-11-21 06:10 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-04-01 17:41 - 2014-11-21 06:10 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-04-01 17:41 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-04-01 17:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-01 17:35 - 2016-09-18 17:58 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-04-01 17:34 - 2017-02-20 23:27 - 00000000 ____D C:\AdwCleaner
2017-04-01 16:25 - 2016-09-26 23:34 - 00321536 ___SH C:\Users\Marcel Dorociak\Downloads\Thumbs.db
2017-04-01 08:20 - 2016-09-18 16:02 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2295197137-617749404-995821815-1001
2017-03-31 16:23 - 2016-09-18 15:56 - 00000000 ____D C:\Users\Marcel Dorociak
2017-03-31 16:20 - 2016-09-18 15:56 - 00000847 _____ C:\Users\Marcel Dorociak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-31 16:11 - 2016-09-19 14:02 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-31 16:08 - 2017-02-01 18:48 - 00001180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-31 15:38 - 2017-02-21 01:32 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-30 21:32 - 2016-09-20 23:32 - 03117568 ___SH C:\Users\Marcel Dorociak\Desktop\Thumbs.db
2017-03-26 10:14 - 2016-09-19 14:06 - 00003894 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1474286808
2017-03-26 10:14 - 2016-09-19 14:06 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-26 09:57 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-21 23:47 - 2016-09-19 14:04 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-20 18:57 - 2017-01-01 18:51 - 00000000 ____D C:\Users\Marcel Dorociak\Desktop\pad
2017-03-19 17:47 - 2016-09-24 18:38 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Local\CrashDumps
2017-03-18 23:47 - 2016-09-19 14:04 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148987366537504
2017-03-18 23:47 - 2016-09-19 14:04 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148987366703106
2017-03-18 23:47 - 2016-09-19 14:04 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-18 23:47 - 2016-09-19 14:04 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-18 23:46 - 2016-09-19 14:06 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-18 23:46 - 2016-09-19 14:04 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-12 23:28 - 2017-01-22 21:12 - 00000000 ____D C:\Users\Marcel Dorociak\AppData\Roaming\XnView
2017-03-10 22:52 - 2016-09-18 16:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-10 21:16 - 2016-09-19 18:20 - 00000000 ____D C:\Hry
==================== Files in the root of some directories =======
2017-02-20 23:01 - 2017-02-20 23:01 - 0000114 _____ () C:\Program Files (x86)\metadata
2017-02-12 20:45 - 2017-02-12 20:46 - 318912029 _____ () C:\Users\Marcel Dorociak\AppData\Local\ACCCx3_9_5_353.zip.aamdownload
2017-02-12 20:45 - 2017-02-12 20:46 - 0003560 _____ () C:\Users\Marcel Dorociak\AppData\Local\ACCCx3_9_5_353.zip.aamdownload.aamd
2016-10-04 15:02 - 2016-10-04 15:02 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-04-01 08:20
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Marcel Dorociak\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c012-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c27f-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c28b-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {54779be8-f56e-11e6-8263-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {6b24e8b1-88c5-11e6-825c-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6d8edf-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6c4-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6d5-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {dfacf152-c709-11e6-8260-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
ShellExecuteHooks: No Name - {4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} - C:\Users\Marcel Dorociak\AppData\Roaming\Jipelegernise\Plindomfenuph.dll -> No File
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
CHR Profile: C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-01] <==== ATTENTION
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
C:\Windows\winstart.bat
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐźPçŘ
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐžKvţ
C:\Windows\system32\˙˙˙˙˙˙˙˙đ›Ĺä
C:\Windows\system32\˙˙˙˙˙˙˙˙@ˇĄi
C:\Windows\system32\˙˙˙˙˙˙˙˙ť´;¨
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Marcel Dorociak (01-04-2017 20:29:56) Run:1
Running from C:\Users\Marcel Dorociak\Downloads
Loaded Profiles: Marcel Dorociak (Available Profiles: Marcel Dorociak)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c012-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c27f-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c28b-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {54779be8-f56e-11e6-8263-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {6b24e8b1-88c5-11e6-825c-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6d8edf-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6c4-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6d5-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {dfacf152-c709-11e6-8260-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
ShellExecuteHooks: No Name - {4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} - C:\Users\Marcel Dorociak\AppData\Roaming\Jipelegernise\Plindomfenuph.dll -> No File
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
CHR Profile: C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-01] <==== ATTENTION
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
C:\Windows\winstart.bat
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐźPçŘ
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐžKvţ
C:\Windows\system32\˙˙˙˙˙˙˙˙đ›Ĺä
C:\Windows\system32\˙˙˙˙˙˙˙˙@ˇĄi
C:\Windows\system32\˙˙˙˙˙˙˙˙ť´;¨
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-2295197137-617749404-995821815-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f58c012-f3ac-11e6-8261-2c337a61a336} => key removed successfully
HKCR\CLSID\{1f58c012-f3ac-11e6-8261-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f58c27f-f3ac-11e6-8261-2c337a61a336} => key removed successfully
HKCR\CLSID\{1f58c27f-f3ac-11e6-8261-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f58c28b-f3ac-11e6-8261-2c337a61a336} => key removed successfully
HKCR\CLSID\{1f58c28b-f3ac-11e6-8261-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54779be8-f56e-11e6-8263-2c337a61a336} => key removed successfully
HKCR\CLSID\{54779be8-f56e-11e6-8263-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b24e8b1-88c5-11e6-825c-2c337a61a336} => key removed successfully
HKCR\CLSID\{6b24e8b1-88c5-11e6-825c-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e6d8edf-9463-11e6-825e-2c337a61a336} => key removed successfully
HKCR\CLSID\{8e6d8edf-9463-11e6-825e-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e6da6c4-9463-11e6-825e-2c337a61a336} => key removed successfully
HKCR\CLSID\{8e6da6c4-9463-11e6-825e-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e6da6d5-9463-11e6-825e-2c337a61a336} => key removed successfully
HKCR\CLSID\{8e6da6d5-9463-11e6-825e-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfacf152-c709-11e6-8260-2c337a61a336} => key removed successfully
HKCR\CLSID\{dfacf152-c709-11e6-8260-2c337a61a336} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} => value removed successfully
HKCR\CLSID\{4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
HKLM\System\CurrentControlSet\Services\Partizan => key removed successfully
Partizan => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM => key removed successfully
ZAM => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM_Guard => key removed successfully
ZAM_Guard => service removed successfully
C:\Windows\winstart.bat => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐźPçŘ => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐžKvţ => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙đ›Ĺä => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙@ˇĄi => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙ť´;¨ => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 20971520 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27867383 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 31706964 B
Edge => 0 B
Chrome => 3938304 B
Firefox => 11111258 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 78440 B
NetworkService => 0 B
Marcel Dorociak => 3337647646 B
RecycleBin => 1421286566 B
EmptyTemp: => 4.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:30:16 ====
Ran by Marcel Dorociak (01-04-2017 20:29:56) Run:1
Running from C:\Users\Marcel Dorociak\Downloads
Loaded Profiles: Marcel Dorociak (Available Profiles: Marcel Dorociak)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c012-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c27f-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {1f58c28b-f3ac-11e6-8261-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {54779be8-f56e-11e6-8263-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {6b24e8b1-88c5-11e6-825c-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6d8edf-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6c4-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {8e6da6d5-9463-11e6-825e-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2295197137-617749404-995821815-1001\...\MountPoints2: {dfacf152-c709-11e6-8260-2c337a61a336} - "G:\HiSuiteDownLoader.exe"
ShellExecuteHooks: No Name - {4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} - C:\Users\Marcel Dorociak\AppData\Roaming\Jipelegernise\Plindomfenuph.dll -> No File
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
CHR Profile: C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-01] <==== ATTENTION
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
C:\Windows\winstart.bat
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐźPçŘ
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐžKvţ
C:\Windows\system32\˙˙˙˙˙˙˙˙đ›Ĺä
C:\Windows\system32\˙˙˙˙˙˙˙˙@ˇĄi
C:\Windows\system32\˙˙˙˙˙˙˙˙ť´;¨
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-2295197137-617749404-995821815-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f58c012-f3ac-11e6-8261-2c337a61a336} => key removed successfully
HKCR\CLSID\{1f58c012-f3ac-11e6-8261-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f58c27f-f3ac-11e6-8261-2c337a61a336} => key removed successfully
HKCR\CLSID\{1f58c27f-f3ac-11e6-8261-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f58c28b-f3ac-11e6-8261-2c337a61a336} => key removed successfully
HKCR\CLSID\{1f58c28b-f3ac-11e6-8261-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54779be8-f56e-11e6-8263-2c337a61a336} => key removed successfully
HKCR\CLSID\{54779be8-f56e-11e6-8263-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b24e8b1-88c5-11e6-825c-2c337a61a336} => key removed successfully
HKCR\CLSID\{6b24e8b1-88c5-11e6-825c-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e6d8edf-9463-11e6-825e-2c337a61a336} => key removed successfully
HKCR\CLSID\{8e6d8edf-9463-11e6-825e-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e6da6c4-9463-11e6-825e-2c337a61a336} => key removed successfully
HKCR\CLSID\{8e6da6c4-9463-11e6-825e-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e6da6d5-9463-11e6-825e-2c337a61a336} => key removed successfully
HKCR\CLSID\{8e6da6d5-9463-11e6-825e-2c337a61a336} => key not found.
HKU\S-1-5-21-2295197137-617749404-995821815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfacf152-c709-11e6-8260-2c337a61a336} => key removed successfully
HKCR\CLSID\{dfacf152-c709-11e6-8260-2c337a61a336} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} => value removed successfully
HKCR\CLSID\{4ED33EDA-F36B-11E6-AEE4-64006A5CFC23} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Users\Marcel Dorociak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
HKLM\System\CurrentControlSet\Services\Partizan => key removed successfully
Partizan => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM => key removed successfully
ZAM => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM_Guard => key removed successfully
ZAM_Guard => service removed successfully
C:\Windows\winstart.bat => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐźPçŘ => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙ĐžKvţ => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙đ›Ĺä => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙@ˇĄi => moved successfully
C:\Windows\system32\˙˙˙˙˙˙˙˙ť´;¨ => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 20971520 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27867383 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 31706964 B
Edge => 0 B
Chrome => 3938304 B
Firefox => 11111258 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 78440 B
NetworkService => 0 B
Marcel Dorociak => 3337647646 B
RecycleBin => 1421286566 B
EmptyTemp: => 4.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:30:16 ====
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
Vypadá to v pořádku, děkuji za pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?