Zdravím, od soboty mám problém s prohlížeči, oba najedou, ale tím to hasne. Několikrát se mi již stalo, že mi to shodilo celý systém. Zkoušel jsem uvést notas do původního nastavení, chvíli to fungovalo, ale pak zase stejné...přikládám log, děkuji za pomoc.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by morlum (administrator) on MORLUMOVO on 08-09-2014 23:45:17
Running from C:\Users\morlum\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2741544 2011-04-08] (Synaptics Incorporated)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2012-02-01] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2012-02-01] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-02-01] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-02-01] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-08] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3157748848-3692453240-2009478529-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3157748848-3692453240-2009478529-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-14] (SUPERAntiSpyware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENN
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=i ... NN_csCZ605
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=i ... NN_csCZ605
SearchScopes: HKCU - {77532F56-0D7A-4D3F-A9DE-3A43DF46C742} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: No Name -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-08]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-08]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-08] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953632 2010-12-14] (Broadcom Corporation.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-08] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-08] (Disc Soft Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U2 Stereo Service; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-08 23:45 - 2014-09-08 23:45 - 00014316 _____ () C:\Users\morlum\Downloads\FRST.txt
2014-09-08 23:45 - 2014-09-08 23:45 - 00000000 ____D () C:\FRST
2014-09-08 23:44 - 2014-09-08 23:44 - 02105344 _____ (Farbar) C:\Users\morlum\Downloads\FRST64.exe
2014-09-08 23:38 - 2014-09-08 23:38 - 00003824 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1410212317
2014-09-08 23:38 - 2014-09-08 23:38 - 00001139 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-09-08 23:38 - 2014-09-08 23:38 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-08 23:38 - 2014-09-08 23:38 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Opera Software
2014-09-08 23:38 - 2014-09-08 23:38 - 00000000 ____D () C:\Users\morlum\AppData\Local\Opera Software
2014-09-08 23:38 - 2014-09-08 23:38 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-08 22:40 - 2014-09-08 23:00 - 00000512 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task fcb7fd10-6343-47d6-92cf-61d9036d1d43.job
2014-09-08 22:40 - 2014-09-08 23:00 - 00000512 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 642614d4-b8b9-4b35-927b-d86f728ddcc8.job
2014-09-08 22:40 - 2014-09-08 22:40 - 00003590 _____ () C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 642614d4-b8b9-4b35-927b-d86f728ddcc8
2014-09-08 22:40 - 2014-09-08 22:40 - 00003516 _____ () C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task fcb7fd10-6343-47d6-92cf-61d9036d1d43
2014-09-08 22:40 - 2014-09-08 22:40 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\SUPERAntiSpyware.com
2014-09-08 22:38 - 2014-09-08 23:09 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-08 22:38 - 2014-09-08 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-08 22:38 - 2014-09-08 22:38 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-09-08 22:38 - 2014-09-08 22:38 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-09-08 22:33 - 2014-09-08 22:33 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-09-08 22:33 - 2014-09-08 22:33 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-09-08 22:33 - 2014-09-08 22:33 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-09-08 22:33 - 2014-09-08 22:33 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-08 22:33 - 2014-09-08 22:33 - 00000000 ____D () C:\ProgramData\Sun
2014-09-08 22:33 - 2014-09-08 22:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-08 22:33 - 2014-09-08 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-08 22:33 - 2014-09-08 22:33 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-08 22:25 - 2014-09-08 22:57 - 00000000 ____D () C:\Users\morlum\AppData\Local\Google
2014-09-08 22:25 - 2014-09-08 22:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Users\morlum\AppData\Local\Deployment
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Users\morlum\AppData\Local\Apps\2.0
2014-09-08 22:16 - 2014-09-08 22:16 - 00699568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-08 22:16 - 2014-09-08 22:16 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-08 22:16 - 2014-09-08 22:16 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-09-08 22:16 - 2014-09-08 22:16 - 00000000 ____D () C:\windows\system32\Macromed
2014-09-08 22:05 - 2014-09-08 22:05 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Google
2014-09-08 21:36 - 2014-09-08 21:49 - 00000000 ____D () C:\Users\morlum\Documents\směs
2014-09-08 21:19 - 2014-09-08 21:19 - 00000000 ____D () C:\Users\morlum\Documents\Dokumenty Historizace
2014-09-08 21:19 - 2014-09-08 21:19 - 00000000 ____D () C:\Users\morlum\Documents\Diplomky Katka
2014-09-08 21:17 - 2014-09-08 21:18 - 00000000 ____D () C:\Users\morlum\Documents\DAVID RADEK - Dompnig
2014-09-08 21:07 - 2014-09-08 21:13 - 00000000 ____D () C:\Users\morlum\Documents\Škola
2014-09-08 21:07 - 2014-09-08 21:07 - 00000000 ____D () C:\Users\morlum\Documents\My eBooks
2014-09-08 21:03 - 2014-09-08 21:07 - 00000000 ____D () C:\Users\morlum\Documents\Literatura
2014-09-08 21:03 - 2014-09-08 21:03 - 00000000 ____D () C:\Users\morlum\Documents\lit
2014-09-08 21:02 - 2014-09-08 21:03 - 00000000 ____D () C:\Users\morlum\Documents\LINGEA AJ NJ
2014-09-08 21:02 - 2014-09-08 21:02 - 00000000 ____D () C:\Users\morlum\Documents\Lexicon
2014-09-08 21:02 - 2014-09-08 21:02 - 00000000 ____D () C:\Users\morlum\Documents\Dunbabin, Jean, The Cambridge History of Later Medieval Philosophy, The Reception and Interpretation of Aristotle's Politics
2014-09-08 21:02 - 2014-07-07 10:20 - 91663236 _____ () C:\Users\morlum\Documents\Starodawne prawa polskiego pomniki, t. II.djvu
2014-09-08 21:02 - 2014-06-08 11:51 - 08702293 _____ () C:\Users\morlum\Documents\ksiegi_miejskie.djvu
2014-09-08 21:02 - 2014-04-09 09:50 - 06873997 _____ () C:\Users\morlum\Documents\dompnig.xps
2014-09-08 21:02 - 2014-04-07 13:59 - 09882589 _____ () C:\Users\morlum\Documents\_erstes_heft_1886.djvu
2014-09-08 21:02 - 2014-04-02 10:33 - 44410305 _____ () C:\Users\morlum\Documents\Mittel und Niderschlesien während der königslosen Zeit II.xps
2014-09-08 21:02 - 2014-04-02 10:18 - 47279633 _____ () C:\Users\morlum\Documents\Mittel und Niderschlesien während der königslosen Zeit I.xps
2014-09-08 21:02 - 2014-04-02 09:57 - 45532422 _____ () C:\Users\morlum\Documents\Ermisch, Schlesiens Verhältnis zu Polen und König Albrecht.xps
2014-09-08 21:02 - 2014-02-17 12:22 - 00058368 _____ () C:\Users\morlum\Documents\SGS_David Radek.xls
2014-09-08 21:02 - 2014-01-02 13:21 - 00028617 _____ () C:\Users\morlum\Documents\Last.Man.Standing.US.S03E11.HDTV.x264-ASAP.srt
2014-09-08 21:02 - 2013-11-22 16:08 - 00051439 ____R () C:\Users\morlum\Documents\zaloha.nbu
2014-09-08 21:02 - 2013-11-22 13:52 - 00172226 _____ () C:\Users\morlum\Documents\zpráávy.csv
2014-09-08 21:02 - 2013-11-13 18:02 - 00054541 _____ () C:\Users\morlum\Documents\Justified.S03E12.720p.BluRay.x264-DEMAND.srt
2014-09-08 21:02 - 2013-11-13 18:02 - 00053216 _____ () C:\Users\morlum\Documents\Justified.S03E13.720p.BluRay.x264-DEMAND.srt
2014-09-08 21:02 - 2013-01-26 13:18 - 00001412 _____ () C:\Users\morlum\Documents\Nainstalovat Windows.lnk
2014-09-08 20:59 - 2014-09-08 20:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-08 20:57 - 2014-09-08 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-08 20:57 - 2014-09-08 20:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-09-08 20:57 - 2014-09-08 20:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-09-08 20:56 - 2014-09-08 20:56 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-08 20:55 - 2014-09-08 21:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-08 20:55 - 2014-09-08 20:55 - 00000000 __RHD () C:\MSOCache
2014-09-08 20:55 - 2014-09-08 20:55 - 00000000 ____D () C:\Users\morlum\AppData\Local\Microsoft Help
2014-09-08 20:54 - 2014-09-08 22:18 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Seznam.cz
2014-09-08 20:54 - 2014-09-08 22:18 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-08 20:53 - 2014-09-08 20:53 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-09-08 20:53 - 2014-09-08 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-09-08 20:52 - 2014-09-08 22:12 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-09-08 20:52 - 2014-09-08 20:54 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\DAEMON Tools Lite
2014-09-08 20:52 - 2014-09-08 20:54 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-09-08 20:52 - 2014-09-08 20:52 - 00283064 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtsoftbus01.sys
2014-09-08 20:50 - 2014-09-08 20:51 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\rmi
2014-09-08 20:50 - 2014-09-08 20:50 - 00505208 _____ () C:\Users\morlum\Downloads\daemon-tools-4.48.1.exe
2014-09-08 20:49 - 2014-09-08 22:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-08 20:49 - 2014-09-08 21:52 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-08 20:49 - 2014-09-08 20:49 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-08 20:49 - 2014-09-08 20:49 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-08 20:48 - 2014-09-08 22:17 - 00000000 ____D () C:\Users\morlum\AppData\Local\Adobe
2014-09-08 20:42 - 2014-09-08 20:42 - 01678440 _____ (Skype Technologies S.A.) C:\Users\morlum\Downloads\Nepotvrzeno 97971.crdownload
2014-09-08 20:40 - 2014-09-08 20:40 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\AVAST Software
2014-09-08 20:39 - 2014-09-08 20:39 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-08 20:39 - 2014-09-08 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-08 20:38 - 2014-09-08 22:59 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Skype
2014-09-08 20:38 - 2014-09-08 20:40 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-08 20:38 - 2014-09-08 20:38 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-08 20:38 - 2014-09-08 20:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-08 20:38 - 2014-09-08 20:38 - 00000000 ____D () C:\Users\morlum\AppData\Local\Skype
2014-09-08 20:38 - 2014-09-08 20:38 - 00000000 ____D () C:\ProgramData\Skype
2014-09-08 20:38 - 2014-09-08 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-08 20:37 - 2014-09-08 20:39 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-09-08 20:37 - 2014-09-08 20:37 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-09-08 20:37 - 2014-09-08 20:37 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-09-08 20:36 - 2014-09-08 20:36 - 01678440 _____ (Skype Technologies S.A.) C:\Users\morlum\Downloads\SkypeSetup.exe
2014-09-08 20:36 - 2014-09-08 20:36 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-08 20:35 - 2014-09-08 20:36 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-08 20:33 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2014-09-08 20:33 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2014-09-08 20:33 - 2012-02-17 06:58 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-09-08 20:33 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdtcp.sys
2014-09-08 20:32 - 2014-09-08 20:34 - 91906368 _____ (AVAST Software) C:\Users\morlum\Downloads\avast_free_antivirus_setup.exe
2014-09-08 20:32 - 2014-09-08 20:32 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Macromedia
2014-09-08 20:32 - 2014-09-08 20:32 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Adobe
2014-09-08 20:26 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-09-08 20:26 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-09-08 20:26 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-09-08 20:26 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-09-08 20:26 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-09-08 20:26 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-09-08 20:26 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-09-08 20:26 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-09-08 20:26 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-09-08 20:26 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-09-08 20:26 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-08 20:26 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-08 20:26 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-08 20:26 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-08 20:16 - 2014-09-08 21:59 - 00067160 _____ () C:\Users\morlum\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 20:16 - 2014-09-08 20:16 - 00001427 _____ () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-08 20:16 - 2014-09-08 20:16 - 00001393 _____ () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\Documents\Bluetooth Exchange Folder
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Intel Corporation
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\ATI
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\AppData\Local\Broadcom
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\AppData\Local\ATI
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\ProgramData\Energy Management
2014-09-08 20:15 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-09-08 20:15 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum
2014-09-08 20:15 - 2014-09-08 20:15 - 00000020 ___SH () C:\Users\morlum\ntuser.ini
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Šablony
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Soubory cookie
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Poslední
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Okolní tiskárny
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Okolní síť
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Nabídka Start
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Dokumenty
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Documents\Obrázky
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Documents\Hudba
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Documents\Filmy
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Data aplikací
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\AppData\Local\Data aplikací
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 ____D () C:\Users\morlum\AppData\Local\VirtualStore
2014-09-08 20:15 - 2012-02-01 22:00 - 00002086 _____ () C:\Users\morlum\Desktop\OneKey Recovery.lnk
2014-09-08 20:15 - 2012-02-01 21:45 - 00001122 _____ () C:\Users\morlum\Desktop\Cyberlink Power2Go.lnk
2014-09-08 20:15 - 2010-12-19 07:31 - 00000189 _____ () C:\Users\morlum\Desktop\Lenovo Telephony Start Now.url
2014-09-08 20:15 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-08 20:15 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-08 20:13 - 2014-09-08 20:13 - 00000000 __SHD () C:\Recovery
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-08 23:45 - 2014-09-08 23:45 - 00014316 _____ () C:\Users\morlum\Downloads\FRST.txt
2014-09-08 23:45 - 2014-09-08 23:45 - 00000000 ____D () C:\FRST
2014-09-08 23:44 - 2014-09-08 23:44 - 02105344 _____ (Farbar) C:\Users\morlum\Downloads\FRST64.exe
2014-09-08 23:38 - 2014-09-08 23:38 - 00003824 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1410212317
2014-09-08 23:38 - 2014-09-08 23:38 - 00001139 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-09-08 23:38 - 2014-09-08 23:38 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-08 23:38 - 2014-09-08 23:38 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Opera Software
2014-09-08 23:38 - 2014-09-08 23:38 - 00000000 ____D () C:\Users\morlum\AppData\Local\Opera Software
2014-09-08 23:38 - 2014-09-08 23:38 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-08 23:30 - 2012-02-01 21:59 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-08 23:10 - 2012-02-01 22:00 - 00994109 _____ () C:\windows\system32\fastboot.set
2014-09-08 23:09 - 2014-09-08 22:38 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-08 23:09 - 2012-02-01 21:59 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-08 23:09 - 2012-02-01 21:52 - 00022979 _____ () C:\FaceProv.log
2014-09-08 23:09 - 2012-02-01 21:52 - 00000000 ____D () C:\ProgramData\VeriFace
2014-09-08 23:09 - 2012-02-01 21:03 - 00481833 _____ () C:\windows\WindowsUpdate.log
2014-09-08 23:08 - 2009-07-14 06:45 - 00021072 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 23:08 - 2009-07-14 06:45 - 00021072 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 23:07 - 2012-02-01 12:50 - 00622660 _____ () C:\windows\system32\perfh005.dat
2014-09-08 23:07 - 2012-02-01 12:50 - 00118810 _____ () C:\windows\system32\perfc005.dat
2014-09-08 23:07 - 2009-07-14 07:13 - 01445734 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-08 23:00 - 2014-09-08 22:40 - 00000512 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task fcb7fd10-6343-47d6-92cf-61d9036d1d43.job
2014-09-08 23:00 - 2014-09-08 22:40 - 00000512 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 642614d4-b8b9-4b35-927b-d86f728ddcc8.job
2014-09-08 23:00 - 2010-11-21 05:47 - 00012686 _____ () C:\windows\PFRO.log
2014-09-08 23:00 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-08 23:00 - 2009-07-14 06:51 - 00038806 _____ () C:\windows\setupact.log
2014-09-08 22:59 - 2014-09-08 20:38 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Skype
2014-09-08 22:57 - 2014-09-08 22:25 - 00000000 ____D () C:\Users\morlum\AppData\Local\Google
2014-09-08 22:57 - 2014-09-08 22:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-08 22:57 - 2012-02-01 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-08 22:40 - 2014-09-08 22:40 - 00003590 _____ () C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 642614d4-b8b9-4b35-927b-d86f728ddcc8
2014-09-08 22:40 - 2014-09-08 22:40 - 00003516 _____ () C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task fcb7fd10-6343-47d6-92cf-61d9036d1d43
2014-09-08 22:40 - 2014-09-08 22:40 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\SUPERAntiSpyware.com
2014-09-08 22:40 - 2014-09-08 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-08 22:38 - 2014-09-08 22:38 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-09-08 22:38 - 2014-09-08 22:38 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-09-08 22:33 - 2014-09-08 22:33 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-09-08 22:33 - 2014-09-08 22:33 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-09-08 22:33 - 2014-09-08 22:33 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-09-08 22:33 - 2014-09-08 22:33 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-08 22:33 - 2014-09-08 22:33 - 00000000 ____D () C:\ProgramData\Sun
2014-09-08 22:33 - 2014-09-08 22:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-08 22:33 - 2014-09-08 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-08 22:33 - 2014-09-08 22:33 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Users\morlum\AppData\Local\Deployment
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Users\morlum\AppData\Local\Apps\2.0
2014-09-08 22:25 - 2012-02-01 21:59 - 00003962 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-08 22:25 - 2012-02-01 21:59 - 00003710 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-08 22:18 - 2014-09-08 20:54 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Seznam.cz
2014-09-08 22:18 - 2014-09-08 20:54 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-08 22:17 - 2014-09-08 20:48 - 00000000 ____D () C:\Users\morlum\AppData\Local\Adobe
2014-09-08 22:16 - 2014-09-08 22:16 - 00699568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-08 22:16 - 2014-09-08 22:16 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-08 22:16 - 2014-09-08 22:16 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-09-08 22:16 - 2014-09-08 22:16 - 00000000 ____D () C:\windows\system32\Macromed
2014-09-08 22:12 - 2014-09-08 20:52 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-09-08 22:11 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-09-08 22:10 - 2011-02-22 13:19 - 00000000 ____D () C:\windows\Panther
2014-09-08 22:05 - 2014-09-08 22:05 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Google
2014-09-08 22:01 - 2014-09-08 20:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-08 21:59 - 2014-09-08 20:16 - 00067160 _____ () C:\Users\morlum\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 21:59 - 2009-07-14 06:45 - 00313616 _____ () C:\windows\system32\FNTCACHE.DAT
2014-09-08 21:52 - 2014-09-08 20:49 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-08 21:49 - 2014-09-08 21:36 - 00000000 ____D () C:\Users\morlum\Documents\směs
2014-09-08 21:19 - 2014-09-08 21:19 - 00000000 ____D () C:\Users\morlum\Documents\Dokumenty Historizace
2014-09-08 21:19 - 2014-09-08 21:19 - 00000000 ____D () C:\Users\morlum\Documents\Diplomky Katka
2014-09-08 21:18 - 2014-09-08 21:17 - 00000000 ____D () C:\Users\morlum\Documents\DAVID RADEK - Dompnig
2014-09-08 21:13 - 2014-09-08 21:07 - 00000000 ____D () C:\Users\morlum\Documents\Škola
2014-09-08 21:07 - 2014-09-08 21:07 - 00000000 ____D () C:\Users\morlum\Documents\My eBooks
2014-09-08 21:07 - 2014-09-08 21:03 - 00000000 ____D () C:\Users\morlum\Documents\Literatura
2014-09-08 21:03 - 2014-09-08 21:03 - 00000000 ____D () C:\Users\morlum\Documents\lit
2014-09-08 21:03 - 2014-09-08 21:02 - 00000000 ____D () C:\Users\morlum\Documents\LINGEA AJ NJ
2014-09-08 21:02 - 2014-09-08 21:02 - 00000000 ____D () C:\Users\morlum\Documents\Lexicon
2014-09-08 21:02 - 2014-09-08 21:02 - 00000000 ____D () C:\Users\morlum\Documents\Dunbabin, Jean, The Cambridge History of Later Medieval Philosophy, The Reception and Interpretation of Aristotle's Politics
2014-09-08 21:00 - 2014-09-08 20:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-08 20:59 - 2014-09-08 20:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-08 20:59 - 2011-09-29 05:37 - 00000000 ____D () C:\windows\ShellNew
2014-09-08 20:59 - 2009-07-14 04:34 - 00000502 _____ () C:\windows\win.ini
2014-09-08 20:57 - 2014-09-08 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-08 20:57 - 2014-09-08 20:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-09-08 20:57 - 2014-09-08 20:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-09-08 20:57 - 2012-02-01 21:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-08 20:56 - 2014-09-08 20:56 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-08 20:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-08 20:55 - 2014-09-08 20:55 - 00000000 __RHD () C:\MSOCache
2014-09-08 20:55 - 2014-09-08 20:55 - 00000000 ____D () C:\Users\morlum\AppData\Local\Microsoft Help
2014-09-08 20:54 - 2014-09-08 20:52 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\DAEMON Tools Lite
2014-09-08 20:54 - 2014-09-08 20:52 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-09-08 20:53 - 2014-09-08 20:53 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-09-08 20:53 - 2014-09-08 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-09-08 20:52 - 2014-09-08 20:52 - 00283064 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtsoftbus01.sys
2014-09-08 20:51 - 2014-09-08 20:50 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\rmi
2014-09-08 20:50 - 2014-09-08 20:50 - 00505208 _____ () C:\Users\morlum\Downloads\daemon-tools-4.48.1.exe
2014-09-08 20:49 - 2014-09-08 20:49 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-08 20:49 - 2014-09-08 20:49 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-08 20:45 - 2012-02-01 21:46 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-08 20:45 - 2012-02-01 21:46 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-08 20:43 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sk-SK
2014-09-08 20:43 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\sk-SK
2014-09-08 20:42 - 2014-09-08 20:42 - 01678440 _____ (Skype Technologies S.A.) C:\Users\morlum\Downloads\Nepotvrzeno 97971.crdownload
2014-09-08 20:40 - 2014-09-08 20:40 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\AVAST Software
2014-09-08 20:40 - 2014-09-08 20:38 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-08 20:39 - 2014-09-08 20:39 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-08 20:39 - 2014-09-08 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-08 20:39 - 2014-09-08 20:37 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-09-08 20:38 - 2014-09-08 20:38 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-08 20:38 - 2014-09-08 20:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-08 20:38 - 2014-09-08 20:38 - 00000000 ____D () C:\Users\morlum\AppData\Local\Skype
2014-09-08 20:38 - 2014-09-08 20:38 - 00000000 ____D () C:\ProgramData\Skype
2014-09-08 20:38 - 2014-09-08 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-08 20:37 - 2014-09-08 20:37 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-09-08 20:37 - 2014-09-08 20:37 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-09-08 20:37 - 2014-09-08 20:37 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-09-08 20:37 - 2014-09-08 20:37 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-09-08 20:36 - 2014-09-08 20:36 - 01678440 _____ (Skype Technologies S.A.) C:\Users\morlum\Downloads\SkypeSetup.exe
2014-09-08 20:36 - 2014-09-08 20:36 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-08 20:36 - 2014-09-08 20:35 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-08 20:34 - 2014-09-08 20:32 - 91906368 _____ (AVAST Software) C:\Users\morlum\Downloads\avast_free_antivirus_setup.exe
2014-09-08 20:32 - 2014-09-08 20:32 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Macromedia
2014-09-08 20:32 - 2014-09-08 20:32 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Adobe
2014-09-08 20:26 - 2009-07-14 07:32 - 00000000 ____D () C:\windows\system32\restore
2014-09-08 20:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-08 20:16 - 2014-09-08 20:16 - 00001427 _____ () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-08 20:16 - 2014-09-08 20:16 - 00001393 _____ () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\Documents\Bluetooth Exchange Folder
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Intel Corporation
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\ATI
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\AppData\Local\Broadcom
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\Users\morlum\AppData\Local\ATI
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\ProgramData\Energy Management
2014-09-08 20:16 - 2014-09-08 20:15 - 00000000 ____D () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-09-08 20:16 - 2014-09-08 20:15 - 00000000 ____D () C:\Users\morlum
2014-09-08 20:15 - 2014-09-08 20:15 - 00000020 ___SH () C:\Users\morlum\ntuser.ini
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Šablony
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Soubory cookie
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Poslední
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Okolní tiskárny
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Okolní síť
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Nabídka Start
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Dokumenty
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Documents\Obrázky
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Documents\Hudba
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Documents\Filmy
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\Data aplikací
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 _SHDL () C:\Users\morlum\AppData\Local\Data aplikací
2014-09-08 20:15 - 2014-09-08 20:15 - 00000000 ____D () C:\Users\morlum\AppData\Local\VirtualStore
2014-09-08 20:13 - 2014-09-08 20:13 - 00000000 __SHD () C:\Recovery
Some content of TEMP:
====================
C:\Users\morlum\AppData\Local\Temp\bitool.dll
C:\Users\morlum\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\morlum\AppData\Local\Temp\ose00000.exe
C:\Users\morlum\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2011-02-22 13:19
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by morlum at 2014-09-08 23:45:54
Running from C:\Users\morlum\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - Czech/èeština (HKLM-x32\...\OMUI.cs-cz) (Version: 12.0.4518.1025 - Microsoft Corporation)
Microsoft Office O MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Standard 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office X MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Opera Stable 24.0.1558.53 (HKLM-x32\...\Opera 24.0.1558.53) (Version: 24.0.1558.53 - Opera Software ASA)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version: - )
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version: - )
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
08-09-2014 18:26:05 Windows Update
08-09-2014 18:33:23 Windows Update
08-09-2014 18:36:14 avast! antivirus system restore point
08-09-2014 18:52:54 Instalace balíčku ovladače zařízení: DT Soft Ltd Systémová zařízení
08-09-2014 18:55:13 Installed Microsoft Office Standard 2007
08-09-2014 18:59:06 Installed Microsoft Office Language Pack 2007 - Czech/èeština
08-09-2014 20:33:00 Installed Java 7 Update 67
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {09DE2846-9D4B-4E29-8263-8D545E3994C0} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {0E1F5877-CF4F-49A9-B4BB-A0E84FEC59F8} - System32\Tasks\Opera scheduled Autoupdate 1410212317 => C:\Program Files (x86)\Opera\launcher.exe [2014-08-27] (Opera Software)
Task: {1EBAE086-42E5-46A3-A7F2-59CFC7F3D781} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08] (Google Inc.)
Task: {5F5381BA-CC72-4441-B9EF-24A72939657F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08] (Google Inc.)
Task: {7645966F-B943-4F59-99BB-B463303F1446} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-08] (AVAST Software)
Task: {8781A8FE-A1DC-462C-8A7F-2542C729F1EF} - System32\Tasks\SUPERAntiSpyware Scheduled Task 642614d4-b8b9-4b35-927b-d86f728ddcc8 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {90AB674F-44F1-4316-A284-F30971CE83AC} - System32\Tasks\SUPERAntiSpyware Scheduled Task fcb7fd10-6343-47d6-92cf-61d9036d1d43 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 642614d4-b8b9-4b35-927b-d86f728ddcc8.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task fcb7fd10-6343-47d6-92cf-61d9036d1d43.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Loaded Modules (whitelisted) =============
2012-02-01 21:52 - 2012-02-01 21:52 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
2012-02-01 21:18 - 2011-03-25 11:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 05:20 - 2012-02-01 22:03 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 05:20 - 2012-02-01 22:03 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2010-12-14 20:05 - 2010-12-14 20:05 - 00173856 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2011-11-02 00:22 - 2011-11-02 00:22 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-09-08 20:37 - 2014-09-08 20:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-08 22:34 - 2014-09-08 22:34 - 02845184 _____ () C:\Program Files\AVAST Software\Avast\defs\14090802\algo.dll
2012-02-01 21:17 - 2012-02-01 21:17 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\4fea37f22ba7c5f1c0bbc189d748a3e8\IsdiInterop.ni.dll
2012-02-01 21:16 - 2011-02-18 10:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-01 21:52 - 2012-02-01 21:52 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2014-09-08 20:37 - 2014-09-08 20:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/08/2014 11:02:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/08/2014 10:59:39 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (09/08/2014 10:59:39 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (09/08/2014 10:59:39 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (09/08/2014 10:59:39 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (09/08/2014 10:59:39 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (09/08/2014 10:59:39 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (09/08/2014 10:59:39 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (09/08/2014 10:59:39 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (09/08/2014 10:59:39 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
System errors:
=============
Error: (09/08/2014 10:59:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (09/08/2014 10:10:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (09/08/2014 10:09:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD}
Error: (09/08/2014 10:09:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (09/08/2014 09:57:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (09/08/2014 08:43:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (09/08/2014 08:13:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Background Intelligent Transfer Service ukončena s chybou %%-2147024846, specifickou pro službu.
Error: (09/08/2014 08:13:53 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: Službu BITS se nezdařilo spustit. Chyba 2147942450.
Error: (02/01/2012 10:10:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\bcmihvsrv64.dll
Error: (02/01/2012 10:10:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\bcmihvsrv64.dll
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 51%
Total physical RAM: 4039.86 MB
Available physical RAM: 1977.93 MB
Total Pagefile: 8077.91 MB
Available Pagefile: 5844 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:319.78 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:25.76 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1B18F4BA)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nefunkční Google chrome a Opera
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119545
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Google chrome a Opera
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\morlum\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U2 Stereo Service; No ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\morlum\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nefunkční Google chrome a Opera
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-09-2014 01
Ran by morlum at 2014-09-09 18:48:48 Run:1
Running from C:\Users\morlum\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U2 Stereo Service; No ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\morlum\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}" => Key not found.
"HKCR\Wow6432Node\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key not found.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key not found.
"C:\Program Files (x86)\Google\Google Toolbar" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value not found.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
BcmSqlStartupSvc => Service deleted successfully.
CLKMSVC10_3A60B698 => Service deleted successfully.
CLKMSVC10_C3B3B687 => Service deleted successfully.
DriverService => Service deleted successfully.
iATAgentService => Service deleted successfully.
idealife Update Service => Service deleted successfully.
IGRS => Service deleted successfully.
IviRegMgr => Service deleted successfully.
nvUpdatusService => Service deleted successfully.
Oasis2Service => Service deleted successfully.
PCCarerService => Service deleted successfully.
ReadyComm.DirectRouter => Service deleted successfully.
RichVideo => Service deleted successfully.
RtLedService => Service deleted successfully.
SeaPort => Service deleted successfully.
SoftwareService => Service deleted successfully.
SQLWriter => Service deleted successfully.
Stereo Service => Service deleted successfully.
"C:\windows\Tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found.
"C:\windows\Tasks\GoogleUpdateTaskMachineCore.job" => File/Directory not found.
"C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA" => File/Directory not found.
"C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore" => File/Directory not found.
"C:\Users\morlum\AppData\Local\Temp" directory move:
C:\Users\morlum\AppData\Local\Temp\5E1F.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\6284.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\62D3.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\6332.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\63AF.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\6527.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\6595.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\65E4.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7204.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7205.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\736D.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\737D.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\737E.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\737F.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7380.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7381.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7382.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7393.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\9D19.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\AdobeSFX.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\BE27.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\BF9E.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\binsis142.xml => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\binsischeck654.xml => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\bitool.dll => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\CProgram Files (x86)Opera24.0.1558.53opera_autoupdate.download.lock => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\CProgram Files (x86)Opera24.0.1558.53opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\D336.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\DT.gadget.~0000 => Moved successfully.
Could not move "C:\Users\morlum\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\morlum\AppData\Local\Temp\GoogleToolbarInstaller1.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\JAUReg.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\java_install_sp.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\jawshtml.html => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\jinstall.cfg => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\morlum.bmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\nsx19AB.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\opera_crashreporter.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\opera_installer_20140908233833.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\opera_installer_20140908233837.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\opera_installer_20140909105719.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\RD148.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\SetupExe(201409082054141444).log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\SetupExe(201409082058511330).log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\Skype.msi => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\TFR16E9.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\SUPERSetup\setup.db3 => Moved successfully.
Could not move "C:\Users\morlum\AppData\Local\Temp\Skype\DbTemp\temp-CftpN8CXGtXVGlYKJgDnVTLy" => Scheduled to move on reboot.
Could not move "C:\Users\morlum\AppData\Local\Temp\Skype\DbTemp\temp-o176y1RjA0aJ6vy1IlEhnCtW" => Scheduled to move on reboot.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\BF9E.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\DECODED_IMAGES => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\DECODED_MESSAGE_CATALOGS => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\manifest.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\options.html => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_metadata\verified_contents.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\zh_TW\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\zh_CN\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\vi\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ur\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\uk\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\tr\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\th\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\sv\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\sr\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\sl\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\sk\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ru\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ro\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\pt_PT\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\pt_BR\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\pl\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\nl\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\nb\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ms\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\lv\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\lt\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ko\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ja\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\it\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\id\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\hu\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\hr\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\hi\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\he\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\fr\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\fi\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\fa\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\et\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\es\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\en_GB\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\en\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\el\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\de\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\da\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\cs\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ca\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\bn\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\bg\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\be\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ar\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\scripts\anchor.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\scripts\bs.aos.crx.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\scripts\bs.crx.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\scripts\extension.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\avast-logo.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icnthumbdownsmall.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icnthumbsmall.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_bug.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_check.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_checkbig.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_close.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_close_small.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_extensiontop.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_extensiontop_green.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_extensiontop_orange.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_extensiontop_red.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_eye.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_norating_big.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_norating_big2.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_siteforward.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_thumbdown_big.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_thumblearn.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_thumbright_big.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_thumbup_big.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_warning.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icon128.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icon256.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icon48.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icon64.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\img_bg.jpg => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\logo_avast.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\logo_avastblack.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\sas_logo.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_green.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_grey.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_norating.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_orange.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_red.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_thumbdown.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_thumbneutral.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_thumbup.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switchersmall_dotgreen.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switchersmall_dotred.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_dotgreen.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_dotorange.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_dotred.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_greenbg.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_orangebg.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_redbg.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\css\extension.css => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\css\settings.css => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\avastwrc.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\bal.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\ial.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\options.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\query.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\templates.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\wrc_gpb.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\mocks\empty.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\mocks\ga.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\mocks\gpt.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\mocks\omniture.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\csl.parser.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\eventemitter2.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\jquery-1.5.2.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\jquery.mustache.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\lodash.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\protobuf.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\Opera NetInstaller\net_installer.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\MUI\OneKey Recovery.lnk => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\MUI\Lenovo\OneKey Recovery\OneKey Recovery.lnk => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\Low\Google Toolbar\gtb1F47.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
Could not move "C:\Users\morlum\AppData\Local\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-09 18:51:01)<=
C:\Users\morlum\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\morlum\AppData\Local\Temp\Skype\DbTemp\temp-CftpN8CXGtXVGlYKJgDnVTLy => Is moved successfully.
C:\Users\morlum\AppData\Local\Temp\Skype\DbTemp\temp-o176y1RjA0aJ6vy1IlEhnCtW => Is moved successfully.
C:\Users\morlum\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
Ran by morlum at 2014-09-09 18:48:48 Run:1
Running from C:\Users\morlum\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U2 Stereo Service; No ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\morlum\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}" => Key not found.
"HKCR\Wow6432Node\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key not found.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key not found.
"C:\Program Files (x86)\Google\Google Toolbar" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value not found.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
BcmSqlStartupSvc => Service deleted successfully.
CLKMSVC10_3A60B698 => Service deleted successfully.
CLKMSVC10_C3B3B687 => Service deleted successfully.
DriverService => Service deleted successfully.
iATAgentService => Service deleted successfully.
idealife Update Service => Service deleted successfully.
IGRS => Service deleted successfully.
IviRegMgr => Service deleted successfully.
nvUpdatusService => Service deleted successfully.
Oasis2Service => Service deleted successfully.
PCCarerService => Service deleted successfully.
ReadyComm.DirectRouter => Service deleted successfully.
RichVideo => Service deleted successfully.
RtLedService => Service deleted successfully.
SeaPort => Service deleted successfully.
SoftwareService => Service deleted successfully.
SQLWriter => Service deleted successfully.
Stereo Service => Service deleted successfully.
"C:\windows\Tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found.
"C:\windows\Tasks\GoogleUpdateTaskMachineCore.job" => File/Directory not found.
"C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA" => File/Directory not found.
"C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore" => File/Directory not found.
"C:\Users\morlum\AppData\Local\Temp" directory move:
C:\Users\morlum\AppData\Local\Temp\5E1F.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\6284.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\62D3.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\6332.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\63AF.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\6527.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\6595.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\65E4.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7204.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7205.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\736D.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\737D.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\737E.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\737F.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7380.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7381.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7382.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\7393.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\9D19.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\AdobeSFX.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\BE27.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\BF9E.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\binsis142.xml => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\binsischeck654.xml => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\bitool.dll => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\CProgram Files (x86)Opera24.0.1558.53opera_autoupdate.download.lock => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\CProgram Files (x86)Opera24.0.1558.53opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\D336.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\DT.gadget.~0000 => Moved successfully.
Could not move "C:\Users\morlum\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\morlum\AppData\Local\Temp\GoogleToolbarInstaller1.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\JAUReg.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\java_install_sp.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\jawshtml.html => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\jinstall.cfg => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\morlum.bmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\nsx19AB.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\opera_crashreporter.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\opera_installer_20140908233833.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\opera_installer_20140908233837.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\opera_installer_20140909105719.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\RD148.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\SetupExe(201409082054141444).log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\SetupExe(201409082058511330).log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\Skype.msi => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\TFR16E9.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\SUPERSetup\setup.db3 => Moved successfully.
Could not move "C:\Users\morlum\AppData\Local\Temp\Skype\DbTemp\temp-CftpN8CXGtXVGlYKJgDnVTLy" => Scheduled to move on reboot.
Could not move "C:\Users\morlum\AppData\Local\Temp\Skype\DbTemp\temp-o176y1RjA0aJ6vy1IlEhnCtW" => Scheduled to move on reboot.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\BF9E.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\DECODED_IMAGES => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\DECODED_MESSAGE_CATALOGS => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\manifest.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\options.html => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_metadata\verified_contents.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\zh_TW\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\zh_CN\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\vi\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ur\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\uk\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\tr\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\th\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\sv\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\sr\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\sl\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\sk\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ru\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ro\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\pt_PT\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\pt_BR\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\pl\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\nl\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\nb\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ms\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\lv\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\lt\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ko\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ja\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\it\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\id\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\hu\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\hr\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\hi\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\he\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\fr\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\fi\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\fa\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\et\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\es\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\en_GB\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\en\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\el\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\de\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\da\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\cs\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ca\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\bn\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\bg\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\be\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\_locales\ar\messages.json => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\scripts\anchor.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\scripts\bs.aos.crx.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\scripts\bs.crx.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\scripts\extension.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\avast-logo.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icnthumbdownsmall.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icnthumbsmall.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_bug.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_check.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_checkbig.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_close.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_close_small.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_extensiontop.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_extensiontop_green.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_extensiontop_orange.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_extensiontop_red.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_eye.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_norating_big.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_norating_big2.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_siteforward.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_thumbdown_big.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_thumblearn.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_thumbright_big.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_thumbup_big.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icn_warning.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icon128.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icon256.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icon48.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\icon64.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\img_bg.jpg => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\logo_avast.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\logo_avastblack.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\sas_logo.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_green.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_grey.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_norating.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_orange.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_red.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_thumbdown.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_thumbneutral.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\se_icn_thumbup.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switchersmall_dotgreen.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switchersmall_dotred.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_dotgreen.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_dotorange.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_dotred.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_greenbg.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_orangebg.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\img\switcher_redbg.png => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\css\extension.css => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\skin\css\settings.css => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\avastwrc.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\bal.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\ial.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\options.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\query.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\templates.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\scripts\wrc_gpb.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\mocks\empty.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\mocks\ga.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\mocks\gpt.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\mocks\omniture.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\csl.parser.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\eventemitter2.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\jquery-1.5.2.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\jquery.mustache.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\lodash.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\scoped_dir_4176_32373\CRX_INSTALL\common\libs\protobuf.js => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\Opera NetInstaller\net_installer.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\MUI\OneKey Recovery.lnk => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\MUI\Lenovo\OneKey Recovery\OneKey Recovery.lnk => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\Low\Google Toolbar\gtb1F47.tmp => Moved successfully.
C:\Users\morlum\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
Could not move "C:\Users\morlum\AppData\Local\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-09 18:51:01)<=
C:\Users\morlum\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\morlum\AppData\Local\Temp\Skype\DbTemp\temp-CftpN8CXGtXVGlYKJgDnVTLy => Is moved successfully.
C:\Users\morlum\AppData\Local\Temp\Skype\DbTemp\temp-o176y1RjA0aJ6vy1IlEhnCtW => Is moved successfully.
C:\Users\morlum\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119545
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Google chrome a Opera
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nefunkční Google chrome a Opera
Ne, ani ne. Prohlížeče se chovají stále stejně.
-
Rudy
- Site Admin
- Příspěvky: 119545
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Google chrome a Opera
Zkuste oba prohlížeče zazálohovat pomocí ChromeBackup a Opera Backup: http://www.stahuj.centrum.cz/utility_a_ ... ra-backup/ , http://www.stahuj.centrum.cz/internet_a ... me-backup/ . Pak je oba odinstalujte vč. jejich profilů. Znovu nainstalujte a zpět ze záloh nakopírujte pouze záložky, příp. hesla.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nefunkční Google chrome a Opera
Díky za pomoc, ale bohužel stále nic. I po reinstalu se Chrome/Opera chovají stejně. Je to nějaký vir?
-
Rudy
- Site Admin
- Příspěvky: 119545
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Google chrome a Opera
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nefunkční Google chrome a Opera
ComboFix 14-09-09.01 - morlum 09.09.2014 21:14:56.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4040.2335 [GMT 2:00]
Spuštěný z: c:\users\morlum\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\s.bat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-09 do 2014-09-09 )))))))))))))))))))))))))))))))
.
.
2014-09-09 19:21 . 2014-09-09 19:21 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{791E0DBF-3D4F-4A5A-9B40-0F06CD583598}\offreg.dll
2014-09-09 19:21 . 2014-09-09 19:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-09 17:54 . 2014-09-09 17:55 -------- d-----w- c:\program files (x86)\Google
2014-09-09 14:11 . 2014-08-21 09:24 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{791E0DBF-3D4F-4A5A-9B40-0F06CD583598}\mpengine.dll
2014-09-09 13:47 . 2014-09-09 13:47 -------- d-----w- c:\windows\Migration
2014-09-09 13:40 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-09-09 12:39 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-09-09 12:39 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-09-09 12:39 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-09-09 12:39 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-09-09 12:39 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-09-09 12:39 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-09-09 12:39 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-09-09 12:39 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-09-09 12:38 . 2014-09-09 12:38 -------- d-s---w- c:\windows\system32\CompatTel
2014-09-09 10:45 . 2014-09-09 11:44 -------- d-----w- c:\program files (x86)\Hearthstone
2014-09-09 10:44 . 2014-09-09 10:45 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2014-09-09 10:44 . 2014-09-09 10:44 -------- d-----w- c:\program files (x86)\Battle.net
2014-09-09 10:44 . 2014-09-09 10:44 -------- d-----w- c:\programdata\Blizzard Entertainment
2014-09-09 10:40 . 2014-09-09 10:40 -------- d-----w- c:\programdata\Battle.net
2014-09-09 09:49 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-09-09 09:49 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-09-09 09:27 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-09-09 09:27 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-09 09:20 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-09-09 09:20 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-09-09 09:01 . 2014-09-09 09:01 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-09-08 21:45 . 2014-09-09 16:51 -------- d-----w- C:\FRST
2014-09-08 20:38 . 2014-09-09 16:53 -------- d-----w- c:\program files\SUPERAntiSpyware
2014-09-08 20:38 . 2014-09-08 20:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-09-08 20:33 . 2014-09-08 20:33 -------- d-----w- c:\programdata\Oracle
2014-09-08 20:33 . 2014-09-08 20:33 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-09-08 20:33 . 2014-09-08 20:33 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-09-08 20:33 . 2014-09-08 20:33 -------- d-----w- c:\program files (x86)\Java
2014-09-08 20:16 . 2014-09-08 20:16 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-08 20:16 . 2014-09-08 20:16 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-08 20:16 . 2014-09-08 20:16 -------- d-----w- c:\windows\SysWow64\Macromed
2014-09-08 20:16 . 2014-09-08 20:16 -------- d-----w- c:\windows\system32\Macromed
2014-09-08 18:59 . 2014-09-08 18:59 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-09-08 18:57 . 2014-09-08 18:57 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-09-08 18:56 . 2014-09-09 13:47 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-09-08 18:56 . 2014-09-08 18:56 -------- d-----w- c:\program files\Microsoft Office
2014-09-08 18:55 . 2014-09-08 19:00 -------- d-----w- c:\programdata\Microsoft Help
2014-09-08 18:55 . 2014-09-08 18:55 -------- d-----r- C:\MSOCache
2014-09-08 18:52 . 2014-09-08 18:52 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-09-08 18:52 . 2014-09-08 20:12 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-09-08 18:52 . 2014-09-08 18:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-09-08 18:49 . 2014-09-08 18:49 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-09-08 18:38 . 2014-09-08 18:38 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-08 18:38 . 2014-09-08 18:38 -------- d-----r- c:\program files (x86)\Skype
2014-09-08 18:38 . 2014-09-09 08:55 -------- d-----w- c:\programdata\Skype
2014-09-08 18:37 . 2014-09-08 18:39 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-09-08 18:37 . 2014-09-08 18:37 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-09-08 18:37 . 2014-09-08 18:37 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-09-08 18:37 . 2014-09-08 18:37 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-09-08 18:37 . 2014-09-08 18:37 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-09-08 18:37 . 2014-09-08 18:37 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-09-08 18:37 . 2014-09-08 18:37 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-09-08 18:37 . 2014-09-08 18:37 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-09-08 18:37 . 2014-09-08 18:37 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-09-08 18:37 . 2014-09-08 18:37 43152 ----a-w- c:\windows\avastSS.scr
2014-09-08 18:36 . 2014-09-08 18:36 -------- d-----w- c:\program files\AVAST Software
2014-09-08 18:35 . 2014-09-08 18:36 -------- d-----w- c:\programdata\AVAST Software
2014-09-08 18:33 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2014-09-08 18:33 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2014-09-08 18:33 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-09-08 18:33 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-09-08 18:16 . 2014-09-08 18:16 -------- d-----w- c:\programdata\Energy Management
2014-09-08 18:15 . 2014-09-08 18:16 -------- d-----w- c:\users\morlum
2014-09-08 18:13 . 2014-09-08 18:13 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-08 18:47 . 2010-06-24 11:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-08-14 7762712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-02 343168]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-02-01 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-08 4085896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys;c:\windows\SYSNATIVE\Drivers\vm2uvcflt.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-09 17:55 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09 17:54]
.
2014-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09 17:54]
.
2014-09-08 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 642614d4-b8b9-4b35-927b-d86f728ddcc8.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2014-09-09 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task fcb7fd10-6343-47d6-92cf-61d9036d1d43.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-09-08 18:37 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-02-01 19:52 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-02-01 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-02-01 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-02-01 5908928]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\morlum\AppData\Roaming\Mozilla\Firefox\Profiles\phtm4a2d.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-09-09 21:23:51
ComboFix-quarantined-files.txt 2014-09-09 19:23
.
Před spuštěním: Volných bajtů: 335 467 769 856
Po spuštění: Volných bajtů: 335 277 629 440
.
- - End Of File - - 2406D537CB6F8638B574B58E7D4DC6D9
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4040.2335 [GMT 2:00]
Spuštěný z: c:\users\morlum\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\s.bat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-09 do 2014-09-09 )))))))))))))))))))))))))))))))
.
.
2014-09-09 19:21 . 2014-09-09 19:21 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{791E0DBF-3D4F-4A5A-9B40-0F06CD583598}\offreg.dll
2014-09-09 19:21 . 2014-09-09 19:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-09 17:54 . 2014-09-09 17:55 -------- d-----w- c:\program files (x86)\Google
2014-09-09 14:11 . 2014-08-21 09:24 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{791E0DBF-3D4F-4A5A-9B40-0F06CD583598}\mpengine.dll
2014-09-09 13:47 . 2014-09-09 13:47 -------- d-----w- c:\windows\Migration
2014-09-09 13:40 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-09-09 12:39 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-09-09 12:39 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-09-09 12:39 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-09-09 12:39 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-09-09 12:39 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-09-09 12:39 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-09-09 12:39 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-09-09 12:39 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-09-09 12:38 . 2014-09-09 12:38 -------- d-s---w- c:\windows\system32\CompatTel
2014-09-09 10:45 . 2014-09-09 11:44 -------- d-----w- c:\program files (x86)\Hearthstone
2014-09-09 10:44 . 2014-09-09 10:45 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2014-09-09 10:44 . 2014-09-09 10:44 -------- d-----w- c:\program files (x86)\Battle.net
2014-09-09 10:44 . 2014-09-09 10:44 -------- d-----w- c:\programdata\Blizzard Entertainment
2014-09-09 10:40 . 2014-09-09 10:40 -------- d-----w- c:\programdata\Battle.net
2014-09-09 09:49 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-09-09 09:49 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-09-09 09:27 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-09-09 09:27 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-09 09:20 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-09-09 09:20 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-09-09 09:01 . 2014-09-09 09:01 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-09-08 21:45 . 2014-09-09 16:51 -------- d-----w- C:\FRST
2014-09-08 20:38 . 2014-09-09 16:53 -------- d-----w- c:\program files\SUPERAntiSpyware
2014-09-08 20:38 . 2014-09-08 20:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-09-08 20:33 . 2014-09-08 20:33 -------- d-----w- c:\programdata\Oracle
2014-09-08 20:33 . 2014-09-08 20:33 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-09-08 20:33 . 2014-09-08 20:33 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-09-08 20:33 . 2014-09-08 20:33 -------- d-----w- c:\program files (x86)\Java
2014-09-08 20:16 . 2014-09-08 20:16 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-08 20:16 . 2014-09-08 20:16 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-08 20:16 . 2014-09-08 20:16 -------- d-----w- c:\windows\SysWow64\Macromed
2014-09-08 20:16 . 2014-09-08 20:16 -------- d-----w- c:\windows\system32\Macromed
2014-09-08 18:59 . 2014-09-08 18:59 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-09-08 18:57 . 2014-09-08 18:57 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-09-08 18:56 . 2014-09-09 13:47 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-09-08 18:56 . 2014-09-08 18:56 -------- d-----w- c:\program files\Microsoft Office
2014-09-08 18:55 . 2014-09-08 19:00 -------- d-----w- c:\programdata\Microsoft Help
2014-09-08 18:55 . 2014-09-08 18:55 -------- d-----r- C:\MSOCache
2014-09-08 18:52 . 2014-09-08 18:52 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-09-08 18:52 . 2014-09-08 20:12 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-09-08 18:52 . 2014-09-08 18:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-09-08 18:49 . 2014-09-08 18:49 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-09-08 18:38 . 2014-09-08 18:38 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-08 18:38 . 2014-09-08 18:38 -------- d-----r- c:\program files (x86)\Skype
2014-09-08 18:38 . 2014-09-09 08:55 -------- d-----w- c:\programdata\Skype
2014-09-08 18:37 . 2014-09-08 18:39 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-09-08 18:37 . 2014-09-08 18:37 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-09-08 18:37 . 2014-09-08 18:37 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-09-08 18:37 . 2014-09-08 18:37 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-09-08 18:37 . 2014-09-08 18:37 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-09-08 18:37 . 2014-09-08 18:37 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-09-08 18:37 . 2014-09-08 18:37 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-09-08 18:37 . 2014-09-08 18:37 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-09-08 18:37 . 2014-09-08 18:37 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-09-08 18:37 . 2014-09-08 18:37 43152 ----a-w- c:\windows\avastSS.scr
2014-09-08 18:36 . 2014-09-08 18:36 -------- d-----w- c:\program files\AVAST Software
2014-09-08 18:35 . 2014-09-08 18:36 -------- d-----w- c:\programdata\AVAST Software
2014-09-08 18:33 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2014-09-08 18:33 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2014-09-08 18:33 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-09-08 18:33 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-09-08 18:16 . 2014-09-08 18:16 -------- d-----w- c:\programdata\Energy Management
2014-09-08 18:15 . 2014-09-08 18:16 -------- d-----w- c:\users\morlum
2014-09-08 18:13 . 2014-09-08 18:13 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-08 18:47 . 2010-06-24 11:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-08-14 7762712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-02 343168]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-02-01 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-08 4085896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys;c:\windows\SYSNATIVE\Drivers\vm2uvcflt.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-09 17:55 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09 17:54]
.
2014-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09 17:54]
.
2014-09-08 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 642614d4-b8b9-4b35-927b-d86f728ddcc8.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2014-09-09 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task fcb7fd10-6343-47d6-92cf-61d9036d1d43.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-09-08 18:37 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-02-01 19:52 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-02-01 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-02-01 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-02-01 5908928]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\morlum\AppData\Roaming\Mozilla\Firefox\Profiles\phtm4a2d.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-09-09 21:23:51
ComboFix-quarantined-files.txt 2014-09-09 19:23
.
Před spuštěním: Volných bajtů: 335 467 769 856
Po spuštění: Volných bajtů: 335 277 629 440
.
- - End Of File - - 2406D537CB6F8638B574B58E7D4DC6D9
-
Rudy
- Site Admin
- Příspěvky: 119545
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Google chrome a Opera
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF de dpdutí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nefunkční Google chrome a Opera
Kód: Vybrat vše
ComboFix 14-09-09.01 - morlum 09.09.2014 22:09:38.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4040.2115 [GMT 2:00]
Spuštěný z: c:\users\morlum\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\morlum\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-09 do 2014-09-09 )))))))))))))))))))))))))))))))
.
.
2014-09-09 17:54 . 2014-09-09 17:55 -------- d-----w- c:\program files (x86)\Google
2014-09-09 14:11 . 2014-08-21 09:24 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{791E0DBF-3D4F-4A5A-9B40-0F06CD583598}\mpengine.dll
2014-09-09 13:47 . 2014-09-09 13:47 -------- d-----w- c:\windows\Migration
2014-09-09 13:40 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-09-09 12:39 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-09-09 12:39 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-09-09 12:39 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-09-09 12:39 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-09-09 12:39 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-09-09 12:39 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-09-09 12:39 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-09-09 12:39 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-09-09 12:38 . 2014-09-09 12:38 -------- d-s---w- c:\windows\system32\CompatTel
2014-09-09 10:45 . 2014-09-09 11:44 -------- d-----w- c:\program files (x86)\Hearthstone
2014-09-09 10:44 . 2014-09-09 10:45 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2014-09-09 10:44 . 2014-09-09 10:44 -------- d-----w- c:\program files (x86)\Battle.net
2014-09-09 10:44 . 2014-09-09 10:44 -------- d-----w- c:\programdata\Blizzard Entertainment
2014-09-09 10:40 . 2014-09-09 10:40 -------- d-----w- c:\programdata\Battle.net
2014-09-09 09:49 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-09-09 09:49 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-09-09 09:27 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-09-09 09:27 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-09 09:20 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-09-09 09:20 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-09-09 09:01 . 2014-09-09 09:01 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-09-08 21:45 . 2014-09-09 16:51 -------- d-----w- C:\FRST
2014-09-08 20:38 . 2014-09-09 16:53 -------- d-----w- c:\program files\SUPERAntiSpyware
2014-09-08 20:38 . 2014-09-08 20:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-09-08 20:33 . 2014-09-08 20:33 -------- d-----w- c:\programdata\Oracle
2014-09-08 20:33 . 2014-09-08 20:33 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-09-08 20:33 . 2014-09-08 20:33 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-09-08 20:33 . 2014-09-08 20:33 -------- d-----w- c:\program files (x86)\Java
2014-09-08 20:16 . 2014-09-08 20:16 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-08 20:16 . 2014-09-08 20:16 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-08 20:16 . 2014-09-08 20:16 -------- d-----w- c:\windows\SysWow64\Macromed
2014-09-08 20:16 . 2014-09-08 20:16 -------- d-----w- c:\windows\system32\Macromed
2014-09-08 18:59 . 2014-09-08 18:59 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-09-08 18:57 . 2014-09-08 18:57 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-09-08 18:56 . 2014-09-09 13:47 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-09-08 18:56 . 2014-09-08 18:56 -------- d-----w- c:\program files\Microsoft Office
2014-09-08 18:55 . 2014-09-08 19:00 -------- d-----w- c:\programdata\Microsoft Help
2014-09-08 18:55 . 2014-09-08 18:55 -------- d-----r- C:\MSOCache
2014-09-08 18:52 . 2014-09-08 18:52 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-09-08 18:52 . 2014-09-08 20:12 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-09-08 18:52 . 2014-09-08 18:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-09-08 18:49 . 2014-09-08 18:49 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-09-08 18:38 . 2014-09-08 18:38 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-08 18:38 . 2014-09-08 18:38 -------- d-----r- c:\program files (x86)\Skype
2014-09-08 18:38 . 2014-09-09 08:55 -------- d-----w- c:\programdata\Skype
2014-09-08 18:37 . 2014-09-08 18:39 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-09-08 18:37 . 2014-09-08 18:37 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-09-08 18:37 . 2014-09-08 18:37 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-09-08 18:37 . 2014-09-08 18:37 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-09-08 18:37 . 2014-09-08 18:37 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-09-08 18:37 . 2014-09-08 18:37 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-09-08 18:37 . 2014-09-08 18:37 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-09-08 18:37 . 2014-09-08 18:37 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-09-08 18:37 . 2014-09-08 18:37 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-09-08 18:37 . 2014-09-08 18:37 43152 ----a-w- c:\windows\avastSS.scr
2014-09-08 18:36 . 2014-09-08 18:36 -------- d-----w- c:\program files\AVAST Software
2014-09-08 18:35 . 2014-09-08 18:36 -------- d-----w- c:\programdata\AVAST Software
2014-09-08 18:33 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2014-09-08 18:33 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2014-09-08 18:33 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-09-08 18:33 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-09-08 18:16 . 2014-09-08 18:16 -------- d-----w- c:\programdata\Energy Management
2014-09-08 18:15 . 2014-09-08 18:16 -------- d-----w- c:\users\morlum
2014-09-08 18:13 . 2014-09-08 18:13 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-08 18:47 . 2010-06-24 11:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-08-14 7762712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-02 343168]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-02-01 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-08 4085896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys;c:\windows\SYSNATIVE\Drivers\vm2uvcflt.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-09 17:55 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09 17:54]
.
2014-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09 17:54]
.
2014-09-08 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 642614d4-b8b9-4b35-927b-d86f728ddcc8.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2014-09-09 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task fcb7fd10-6343-47d6-92cf-61d9036d1d43.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-09-08 18:37 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-02-01 19:52 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-02-01 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-02-01 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-02-01 5908928]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\morlum\AppData\Roaming\Mozilla\Firefox\Profiles\phtm4a2d.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-09-09 22:25:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-09-09 20:25
ComboFix2.txt 2014-09-09 19:23
.
Před spuštěním: Volných bajtů: 335 327 358 976
Po spuštění: Volných bajtů: 335 264 616 448
.
- - End Of File - - E67AA879FCBE77ABB495C9C8F11C0D76Re: Nefunkční Google chrome a Opera
Dnes ráno to tvářilo, že by to možná i fungovalo, ale vzápětí prohlížeč shodil celý pc do BDOS.
-
Rudy
- Site Admin
- Příspěvky: 119545
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Google chrome a Opera
Vše smazáno. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Co jste instaloval těsně přd tím, než se problém objevil?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nefunkční Google chrome a Opera
Nejsem si jistý, ale řekl bych, že nic. Windows možná stahoval aktualizace maximálně. Přikládám i odkaz na na soubor ze složky C:\Windows\minidump
http://uloz.to/xgbrzDKp/091014-43305-01-dmp
http://uloz.to/xgbrzDKp/091014-43305-01-dmp
-
Rudy
- Site Admin
- Příspěvky: 119545
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Google chrome a Opera
Zkuste odinstalovat aktualizace za poslední měsíc.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?