řeším problém s PC, kde se AVG (free verze) neustále vypíná. Po opětovném spuštění (ať už v aplikaci a nebo ve službách) se hned znovu vypne. Počítač je používán pouze na emaily a web, nicméně začínám mít podezření, že přes email muselo přijít něco nevítaného. AVG jsem zkusil odinstalovat a nainstalovat znovu, ale hned po instalaci se služba vypnula.
V prohlížeči událostí jsem k tomu našel:
"Služba avgbIDSAgent ukončena s chybou 3758213661 (0xE001CA1D), specifickou pro službu."
Chtěl bych moc poprosit, jestli se na to někdo podívá. Pomohlo by mi vyloučit, že to je nějaká nákaza a že je tam třeba "jen" problém s AVG, které si musím nějak vyřešit.
Ještě doplním, že jsem k probíranému PC připojen přes Teamviewer (jde o PC známého).
Předem moc děkuji.
Log FRST:
Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-04-2017
Ran by Administrator (administrator) on KOMP (01-05-2017 17:44:16)
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(CANON INC.) C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP3LAK.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(InterVideo Inc.) C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
(CANON INC.) C:\WINDOWS\system32\spool\drivers\w32x86\3\CNABHSWK.EXE
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17531392 2009-03-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [PinnacleDriverCheck] => C:\WINDOWS\system32\PSDrvCheck.exe [406016 2004-03-10] ()
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33660928 2009-08-25] (VIA Technologies, Inc.)
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [UpdatePDRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [219800 2017-03-23] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [219800 2017-03-23] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [CNAP3 Launcher] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNAP3LAK.EXE [228520 2012-06-14] (CANON INC.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [263088 2017-05-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2183752 2017-05-01] ()
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2008-09-06] (ATI Technologies Inc.)
Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll [2014-01-23] (LogMeIn, Inc.)
HKU\AvGeneric_S-1-5-21-1708537768-492894223-682003330-1003\...\RunOnce: [_nltide_2] => regsvr32 /s /n /i:U shell32
HKU\AvGeneric_S-1-5-21-1708537768-492894223-682003330-1003\...\RunOnce: [NeroHomeFirstStart] => C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [16680 2007-06-27] (Nero AG)
HKU\S-1-5-19\...\RunOnce: [_nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [_nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-21-1708537768-492894223-682003330-500\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1708537768-492894223-682003330-500\...\Run: [Asrsetup] => E:\ASRSetup.exe
HKU\S-1-5-21-1708537768-492894223-682003330-500\...\Run: [ASRockOCTuner] => [X]
HKU\S-1-5-21-1708537768-492894223-682003330-500\...\Run: [ASRockIES] => [X]
HKU\S-1-5-21-1708537768-492894223-682003330-500\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-1708537768-492894223-682003330-500\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-18\...\RunOnce: [_nltide_2] => regsvr32 /s /n /i:U shell32
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk [2010-11-10]
ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\NewShortcut1.lnk [2009-10-02]
ShortcutTarget: NewShortcut1.lnk -> C:\Program Files\USB_video_device\Utility\RemoteTool\BDARemote.exe (No File)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{40464BD7-F203-4BBA-9BB3-4971DA9081AC}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CCA5C642-40EC-4472-BCBC-9C097D082B17}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\AvGeneric_S-1-5-21-1708537768-492894223-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1708537768-492894223-682003330-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={50625E45-1760-4A14-A3C6-1C8CEE603132}&mid=5d2682fce51347cca49368aca3544b3c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2017-05-01 15:09:31&v=4.3.7.452&pid=wtu&sg=&sap=hp
URLSearchHook: [AvGeneric_S-1-5-21-1708537768-492894223-682003330-1003] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1708537768-492894223-682003330-500 -> DefaultScope {AC4E34F4-29B3-4DA0-9A8A-B53C0EEA1EA2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKU\S-1-5-21-1708537768-492894223-682003330-500 -> {19aa3856-45bb-494c-9fc3-d331e5944edf} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKU\S-1-5-21-1708537768-492894223-682003330-500 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={50625E45-1760-4A14-A3C6-1C8CEE603132}&mid=5d2682fce51347cca49368aca3544b3c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2017-05-01 15:09:31&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1708537768-492894223-682003330-500 -> {AC4E34F4-29B3-4DA0-9A8A-B53C0EEA1EA2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKU\S-1-5-21-1708537768-492894223-682003330-500 -> {c3f9a001-9743-43cc-adf3-c60af2704d85} URL = hxxp://www.firmy.cz/phr/{searchTerms}?sourceid=IE_5
SearchScopes: HKU\S-1-5-21-1708537768-492894223-682003330-500 -> {ea62f701-1b94-47e7-8762-c1d4f192f5f3} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=IE_5
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-13] (Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-05-01] (AVG)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-13] (Oracle Corporation)
BHO: No Name -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-1708537768-492894223-682003330-500 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\bt2l9wn7.default [2017-05-01]
FF Homepage: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\bt2l9wn7.default -> hxxp://www.seznam.cz/
FF Extension: (AVG Web TuneUp) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\bt2l9wn7.default\Extensions\avg@toolbar.xpi [2017-05-01]
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\bt2l9wn7.default\searchplugins\avg-secure-search.xml [2017-05-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-12-18] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-18] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [No File]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-13] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VLC\npvlc.dll [2014-07-23] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2017-05-01]
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-18]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-18]
CHR Extension: (Disk Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-18]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-18]
CHR Extension: (AVG Secure Search) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-05-01]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-18]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-18]
CHR HKU\S-1-5-21-1708537768-492894223-682003330-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2008-09-05] () [File not signed]
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [262696 2017-05-01] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5808784 2017-05-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189744 2017-03-23] (AVG Technologies CZ, s.r.o.)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2008-12-31] ()
S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-02-27] (Skype Technologies) [File not signed]
R2 vToolbarUpdater40.3.7; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-05-01] (AVG Secure Search)
S3 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [27136 2009-05-22] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-05-01] ()
S3 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2009-05-22] (Microsoft Corporation) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R3 ASAPIW2k; C:\WINDOWS\System32\drivers\ASAPIW2k.sys [11264 2004-03-10] (Pinnacle Systems GmbH) [File not signed]
R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiskx.sys [135384 2017-05-01] (AVG Technologies CZ, s.r.o.)
S1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriverx.sys [257504 2017-05-01] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidshx.sys [150536 2017-05-01] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgblogx.sys [269856 2017-05-01] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbunivx.sys [43504 2017-05-01] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [35128 2017-05-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [247552 2017-02-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [197376 2016-09-26] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [109056 2017-05-01] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr.sys [61744 2017-05-01] (AVG Technologies CZ, s.r.o.)
S0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [63136 2017-05-01] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [765048 2017-05-01] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [473888 2017-05-01] (AVG Technologies CZ, s.r.o.)
R3 avgStmXP; C:\WINDOWS\system32\drivers\avgStmXP.sys [185200 2017-05-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [280784 2017-05-01] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2004-07-16] (Pinnacle Systems GmbH) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2003-01-22] (Padus, Inc.) [File not signed]
S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA.sys [535040 2008-05-14] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM.sys [286208 2008-05-14] (eMPIA Technology, Inc.)
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1381632 2009-07-10] (VIA Technologies, Inc.)
S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2009-05-22] (Microsoft Corporation) [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2009-05-22] (Microsoft Corporation) [File not signed]
S1 Avgdiskx; system32\DRIVERS\avgdiskx.sys [X]
S0 AVGIDSHX; system32\DRIVERS\avgidshx.sys [X]
S4 IntelIde; no ImagePath
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; no ImagePath
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-01 17:44 - 2017-05-01 17:44 - 00021375 _____ C:\Documents and Settings\Administrator\Plocha\FRST.txt
2017-05-01 17:39 - 2017-05-01 17:44 - 00000000 ____D C:\FRST
2017-05-01 17:38 - 2017-05-01 17:38 - 01768960 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST.exe
2017-05-01 17:10 - 2017-05-01 17:10 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\AVG Web TuneUp
2017-05-01 17:09 - 2017-05-01 17:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
2017-05-01 17:09 - 2017-05-01 17:09 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2017-05-01 17:09 - 2017-05-01 17:09 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2017-05-01 17:07 - 2017-05-01 17:07 - 00765048 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00473888 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgsp.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00331240 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-05-01 17:07 - 2017-05-01 17:07 - 00280784 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00269856 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblogx.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00257504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriverx.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00185200 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStmXP.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00150536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidshx.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00135384 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiskx.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00109056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmonflt.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00063136 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00061744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00043504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbunivx.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00035128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-05-01 17:07 - 2017-05-01 17:07 - 00000310 ____H C:\WINDOWS\Tasks\Antivirus Emergency Update.job
2017-05-01 17:07 - 2017-05-01 17:07 - 00000000 ____D C:\WINDOWS\LastGood
2017-04-30 00:34 - 2017-04-30 00:34 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d2c138c822522c.job
2017-04-29 13:34 - 2017-04-29 13:34 - 00113947 _____ C:\Documents and Settings\Administrator\Dokumenty\bug.20170429133405.txt
2017-04-25 20:50 - 2017-04-25 20:50 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\ESET
2017-04-16 14:42 - 2017-04-16 14:42 - 00113947 _____ C:\Documents and Settings\Administrator\Dokumenty\bug.20170416144232.txt
2017-04-13 14:14 - 2017-04-13 14:14 - 00113947 _____ C:\Documents and Settings\Administrator\Dokumenty\bug.20170413141453.txt
2017-04-12 18:45 - 2017-04-30 00:34 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d2b3ac417025c2.job
2017-04-11 21:58 - 2017-04-11 21:58 - 00000000 _____ C:\WINDOWS\system32\last.dump
2017-04-07 07:42 - 2017-04-07 07:42 - 00113947 _____ C:\Documents and Settings\Administrator\Dokumenty\bug.20170407074236.txt
2017-04-03 10:03 - 2017-04-03 10:03 - 00113947 _____ C:\Documents and Settings\Administrator\Dokumenty\bug.20170403100356.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-01 17:44 - 2009-05-22 17:30 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2017-05-01 17:44 - 2009-05-22 17:30 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2017-05-01 17:43 - 2014-03-15 18:29 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory
2017-05-01 17:36 - 2016-12-04 22:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-01 17:10 - 2009-05-22 17:30 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2017-05-01 17:09 - 2016-01-04 20:31 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\AVG
2017-05-01 17:09 - 2009-05-22 19:21 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2017-05-01 17:08 - 2016-01-04 20:28 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\AvgSetupLog
2017-05-01 17:08 - 2009-05-22 19:16 - 00000000 ___HD C:\WINDOWS\inf
2017-05-01 17:06 - 2016-09-20 18:51 - 00000314 ____H C:\WINDOWS\Tasks\AVG EUpdate Task.job
2017-05-01 17:06 - 2016-01-04 20:29 - 00000000 ____D C:\Program Files\AVG
2017-05-01 17:06 - 2016-01-04 20:29 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avg
2017-05-01 16:51 - 2009-05-23 07:58 - 00327680 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2017-05-01 16:51 - 2009-05-22 17:30 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2017-05-01 16:51 - 2008-08-28 23:22 - 00044964 ____C C:\WINDOWS\system32\ativvaxx.cap
2017-05-01 16:46 - 2016-04-26 20:21 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\eM Client
2017-05-01 11:09 - 2011-12-06 16:16 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2017-05-01 11:09 - 2009-05-22 17:30 - 00000000 ____D C:\Documents and Settings\Administrator
2017-04-30 16:13 - 2014-01-12 23:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-04-30 09:42 - 2017-03-18 19:18 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Skype
2017-04-30 09:31 - 2016-04-26 20:21 - 00000000 ____D C:\Program Files\eM Client
2017-04-30 09:14 - 2017-03-18 19:18 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2017-04-30 00:52 - 2016-01-04 20:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2017-04-29 13:34 - 2009-05-22 17:30 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty
2017-04-24 23:20 - 2016-01-04 20:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
2017-04-24 23:20 - 2016-01-04 20:29 - 00000629 _____ C:\Documents and Settings\All Users\Plocha\AVG.lnk
2017-04-24 23:20 - 2009-05-22 19:21 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-04-23 19:38 - 2009-10-02 12:25 - 00195584 _____ C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-04-23 18:23 - 2001-10-25 18:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-04-12 18:45 - 2016-12-17 08:09 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d2582c240c31f0.job
2017-04-02 23:02 - 2011-03-04 21:25 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Temp
==================== Files in the root of some directories =======
2016-03-02 00:51 - 2016-03-02 00:51 - 0000600 ____C () C:\Documents and Settings\Administrator\Data aplikací\winscp.rnd
2009-10-02 12:25 - 2017-04-23 19:38 - 0195584 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
2017-04-03 10:03 - 2017-04-03 10:03 - 0032768 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\adr6piwt.dll
2017-04-03 22:26 - 2017-04-03 22:26 - 0009216 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_jby-kg-.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Přispějete na provoz fóra?