Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyskakujuce okna a nežiaduca reklama

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
kocure
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 17 led 2007 18:32
Bydliště: BB-SK
Kontaktovat uživatele:
Kontaktovat uživatele kocure

Vyskakujuce okna a nežiaduca reklama

#1 Příspěvek od kocure »

Prosim o pomoc,
v prehliadaci vyskakuje neziaduce reklama a otvaraju sa karty.
tu je log

zLogfile of random's system information tool 1.10 (written by random/random)
Run by Ladislav at 2015-09-05 05:34:04
Microsoft Windows 8.1 so službou Bing
System drive C: has 828 GB (91%) free of 911 GB
Total RAM: 3979 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:34:47, on 5.9.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7\plugin.exe
C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\3\plugin.exe
C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\12\plugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ladislav.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Razor Web - {2e22e1c9-9ddb-40da-85c7-0753217fff76} - (no file)
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: (no name) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - (no file)
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [NokiaPCInternetAccess] "C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe" /b
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.katasterportal.sk
O15 - Trusted IP range: http://195.28.70.134
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Service Mgr RazorWeb - Unknown owner - C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugincontainer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr RazorWeb - Unknown owner - C:\Program Files (x86)\Common Files\4776dc07-f30f-4d0b-87a6-e2d583c890d4\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11834 bytes

======Listing Processes======





wininit.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\windows\system32\nvvsvc.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 666402759744
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\system32\CxAudMsg64.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
dashost.exe {8adde5a3-2a34-4c5b-965f93ed61773e83}
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bfad3e7c-a9a2-4c6b-893b-9b36c57dcefa -SystemEventPortName:HostProcess-a58dad5e-d0ec-40cf-b3f1-bbaf39b53c8e -IoCancelEventPortName:HostProcess-c7389b47-49fc-434c-9ef3-f681bf03e930 -NonStateChangingEventPortName:HostProcess-f384f934-7a80-43f4-bae2-d2febf2fd159 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:51405e92-d5fd-4d3a-a097-2bd2cfa8b240 -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x173c_0x165c_0x5c67ce02"
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugincontainer.exe"
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\2\plugin.exe" u
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugincontainer.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\WmiApSrv.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
gfebackendlauncher
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe"

C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
C:\windows\Explorer.EXE
igfxHK.exe
igfxTray.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
ClassicStartMenu.exe -startup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
\??\C:\windows\system32\conhost.exe 0x4
"C:\windows\system32\igfxEM.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\windows\system32\GWX\GWX.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\6\plugin.exe" u
"C:\Program Files (x86)\Common Files\4776dc07-f30f-4d0b-87a6-e2d583c890d4\updater.exe"
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\3\plugin.exe" u
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7\plugin.exe"
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7\plugin.exe"
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\3\plugin.exe"
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\12\plugin.exe" u
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\5\plugin.exe" u
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\8\plugin.exe" u
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\12\plugin.exe"
"C:\windows\system32\wwahost.exe" -ServerName:McAfeeCentral.wwa
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Ladislav\Downloads\Windows-KB890830-x64-V5.27.exe"
c:\7f89b5c585135ce991fb236af47f73f6\mrtstub.exe
"C:\windows\system32\MRT.exe"
taskhost.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8008.0.319812100\1310230060" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8008.11.231720399\1997439102" --font-cache-shared-handle=6368 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8008.15.1368695785\772172802" --font-cache-shared-handle=9356 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="8008.17.880388252\115448174" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\2\plugin.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8008.31.41307176\1457537888" --font-cache-shared-handle=7124 /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A8_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8008.32.1446526997\1392770987" --font-cache-shared-handle=7924 /prefetch:673131151
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe263_ Global\UsGthrCtrlFltPipeMssGthrPipe263 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Ladislav\Downloads\RSITx64.exe"
C:\windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d06e1a6d8b209e.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d090eb86de0eaa.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d0c43181a69b88.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d0e4806b4e67da.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2e22e1c9-9ddb-40da-85c7-0753217fff76}]
Razor Web

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-14 2233632]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"RtsFT"=C:\windows\RTFTrack.exe [2014-02-27 6340312]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-08-25 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-08-25 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-08-25 10842096]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785280]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"NokiaPCInternetAccess"=C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe [2009-05-26 651264]
"Google Update"=C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01 144200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-15 5515496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VisualDiscovery]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-05 05:34:19 ----D---- C:\Program Files\trend micro
2015-09-05 05:34:04 ----D---- C:\rsit
2015-09-05 04:22:39 ----D---- C:\7f89b5c585135ce991fb236af47f73f6
2015-08-27 16:27:01 ----A---- C:\windows\system32\drivers\aswD21.tmp
2015-08-27 16:27:01 ----A---- C:\windows\system32\drivers\aswD20.tmp
2015-08-27 16:27:00 ----A---- C:\windows\system32\drivers\aswD0F.tmp
2015-08-27 16:27:00 ----A---- C:\windows\system32\drivers\aswD0E.tmp
2015-08-27 16:27:00 ----A---- C:\windows\system32\drivers\aswCFE.tmp
2015-08-27 16:27:00 ----A---- C:\windows\system32\drivers\aswCFD.tmp
2015-08-27 16:27:00 ----A---- C:\windows\system32\drivers\aswCFC.tmp
2015-08-27 16:27:00 ----A---- C:\windows\system32\drivers\aswCBC.tmp
2015-08-27 16:26:57 ----A---- C:\windows\system32\aswBoot.exe
2015-08-27 16:26:51 ----A---- C:\windows\avastSS.scr
2015-08-19 21:06:37 ----A---- C:\windows\system32\mshtml.dll
2015-08-19 21:06:36 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-08-13 07:48:24 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 07:48:24 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:26:35 ----A---- C:\windows\system32\drivers\WdFilter.sys
2015-08-12 08:26:32 ----A---- C:\windows\system32\drivers\WdBoot.sys
2015-08-12 08:26:31 ----A---- C:\windows\system32\drivers\WdNisDrv.sys
2015-08-12 08:24:33 ----A---- C:\windows\system32\wuaueng.dll
2015-08-12 08:24:32 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-08-12 08:24:32 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-08-12 08:24:32 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-08-12 08:24:32 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-08-12 08:24:32 ----A---- C:\windows\system32\wuwebv.dll
2015-08-12 08:24:32 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-08-12 08:24:32 ----A---- C:\windows\system32\wudriver.dll
2015-08-12 08:24:32 ----A---- C:\windows\system32\wucltux.dll
2015-08-12 08:24:32 ----A---- C:\windows\system32\wuauclt.exe
2015-08-12 08:24:32 ----A---- C:\windows\system32\wuapp.exe
2015-08-12 08:24:32 ----A---- C:\windows\system32\wuapi.dll
2015-08-12 08:24:16 ----A---- C:\windows\system32\ieframe.dll
2015-08-12 08:24:13 ----A---- C:\windows\system32\jscript9.dll
2015-08-12 08:24:12 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-08-12 08:24:10 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-08-12 08:24:09 ----A---- C:\windows\system32\wininet.dll
2015-08-12 08:24:09 ----A---- C:\windows\system32\ieui.dll
2015-08-12 08:24:08 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-08-12 08:24:08 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-08-12 08:24:07 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-08-12 08:24:07 ----A---- C:\windows\system32\urlmon.dll
2015-08-12 08:24:07 ----A---- C:\windows\system32\actxprxy.dll
2015-08-12 08:24:06 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-08-12 08:24:06 ----A---- C:\windows\system32\msfeeds.dll
2015-08-12 08:24:06 ----A---- C:\windows\system32\iertutil.dll
2015-08-12 08:24:05 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-08-12 08:24:05 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-08-12 08:24:05 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2015-08-12 08:24:05 ----A---- C:\windows\system32\webcheck.dll
2015-08-12 08:24:05 ----A---- C:\windows\system32\vbscript.dll
2015-08-12 08:24:05 ----A---- C:\windows\system32\jscript.dll
2015-08-12 08:24:05 ----A---- C:\windows\system32\inetcomm.dll
2015-08-12 08:24:05 ----A---- C:\windows\system32\iepeers.dll
2015-08-12 08:24:04 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-08-12 08:24:04 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-08-12 08:24:04 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-08-12 08:24:04 ----A---- C:\windows\system32\ieapfltr.dll
2015-08-12 08:22:31 ----A---- C:\windows\system32\ntoskrnl.exe
2015-08-12 08:22:30 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-08-12 08:22:30 ----A---- C:\windows\system32\sysmain.dll
2015-08-12 08:22:30 ----A---- C:\windows\system32\ntdll.dll
2015-08-12 08:22:30 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-08-12 08:22:24 ----A---- C:\windows\system32\Windows.UI.Xaml.dll
2015-08-12 08:22:21 ----A---- C:\windows\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 08:22:08 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2015-08-12 08:22:08 ----A---- C:\windows\SYSWOW64\davclnt.dll
2015-08-12 08:22:08 ----A---- C:\windows\system32\WebClnt.dll
2015-08-12 08:22:08 ----A---- C:\windows\system32\davclnt.dll
2015-08-12 08:22:06 ----A---- C:\windows\system32\invagent.dll
2015-08-12 08:22:06 ----A---- C:\windows\system32\generaltel.dll
2015-08-12 08:22:06 ----A---- C:\windows\system32\appraiser.dll
2015-08-12 08:22:05 ----A---- C:\windows\system32\devinv.dll
2015-08-12 08:22:05 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-08-12 08:22:05 ----A---- C:\windows\system32\aeinv.dll
2015-08-12 08:22:05 ----A---- C:\windows\system32\acmigration.dll
2015-08-12 08:18:18 ----A---- C:\windows\system32\csrsrv.dll
2015-08-12 08:18:18 ----A---- C:\windows\system32\basesrv.dll
2015-08-12 08:18:13 ----A---- C:\windows\SYSWOW64\netcfgx.dll
2015-08-12 08:18:13 ----A---- C:\windows\system32\netcfgx.dll
2015-08-12 08:18:13 ----A---- C:\windows\system32\drivers\ndis.sys
2015-08-12 08:18:12 ----A---- C:\windows\system32\msxml6.dll
2015-08-12 08:18:12 ----A---- C:\windows\system32\msxml3.dll
2015-08-12 08:18:11 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-08-12 08:18:11 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-08-12 08:18:03 ----A---- C:\windows\system32\mstscax.dll
2015-08-12 08:18:02 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-08-12 08:18:01 ----A---- C:\windows\SYSWOW64\rdvidcrl.dll
2015-08-12 08:18:01 ----A---- C:\windows\system32\rdvidcrl.dll
2015-08-12 08:17:58 ----A---- C:\windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 08:17:01 ----A---- C:\windows\system32\drivers\tcpip.sys
2015-08-12 08:17:01 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2015-08-12 08:17:00 ----A---- C:\windows\SYSWOW64\notepad.exe
2015-08-12 08:17:00 ----A---- C:\windows\system32\notepad.exe
2015-08-12 08:17:00 ----A---- C:\windows\notepad.exe
2015-08-12 08:16:59 ----A---- C:\windows\system32\win32k.sys
2015-08-12 08:16:58 ----A---- C:\windows\system32\DWrite.dll
2015-08-12 08:16:57 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-08-12 08:16:57 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-08-12 08:16:57 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-08-12 08:16:57 ----A---- C:\windows\system32\FntCache.dll
2015-08-12 08:16:57 ----A---- C:\windows\system32\atmlib.dll
2015-08-12 08:16:57 ----A---- C:\windows\system32\atmfd.dll

======List of files/folders modified in the last 1 month======

2015-09-05 05:34:19 ----RD---- C:\Program Files
2015-09-05 05:27:12 ----D---- C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4
2015-09-05 05:21:42 ----D---- C:\Users\Ladislav\AppData\Roaming\ClassicShell
2015-09-05 05:00:00 ----D---- C:\windows\system32\sru
2015-09-05 04:30:10 ----D---- C:\windows\system32\Tasks
2015-09-05 04:29:47 ----D---- C:\windows\Prefetch
2015-09-05 04:24:33 ----AD---- C:\Windows
2015-09-05 04:14:49 ----D---- C:\windows\SoftwareDistribution
2015-09-05 04:14:49 ----D---- C:\windows\Inf
2015-09-05 04:14:49 ----D---- C:\windows\debug
2015-09-05 04:13:48 ----RD---- C:\Program Files (x86)
2015-09-05 03:12:06 ----SHD---- C:\System Volume Information
2015-09-05 02:46:33 ----D---- C:\windows\system32\config
2015-09-05 02:45:33 ----D---- C:\windows\Temp
2015-09-05 02:42:24 ----D---- C:\windows\Microsoft.NET
2015-09-04 21:10:41 ----D---- C:\AdwCleaner
2015-09-01 08:35:40 ----D---- C:\windows\Tasks
2015-08-30 06:06:04 ----SHD---- C:\windows\Installer
2015-08-27 16:27:21 ----D---- C:\windows\system32\DriverStore
2015-08-27 16:27:14 ----D---- C:\windows\system32\drivers
2015-08-27 16:26:57 ----RAD---- C:\windows\System32
2015-08-27 15:55:31 ----D---- C:\windows\AppReadiness
2015-08-27 15:55:29 ----HD---- C:\Program Files\WindowsApps
2015-08-20 10:07:59 ----D---- C:\ProgramData\LU
2015-08-20 10:04:47 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-08-20 09:57:40 ----D---- C:\windows\WinSxS
2015-08-20 09:57:39 ----D---- C:\windows\SysWOW64
2015-08-19 21:06:55 ----D---- C:\windows\CbsTemp
2015-08-17 17:13:52 ----D---- C:\windows\rescache
2015-08-16 11:39:19 ----RSD---- C:\windows\assembly
2015-08-14 07:50:25 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 07:50:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 23:09:38 ----D---- C:\windows\system32\drivers\en-US
2015-08-13 23:09:37 ----SD---- C:\windows\system32\CompatTel
2015-08-13 23:09:37 ----D---- C:\windows\system32\appraiser
2015-08-13 23:09:37 ----D---- C:\windows\apppatch
2015-08-13 23:09:37 ----D---- C:\Program Files\Windows Defender
2015-08-13 23:09:37 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-13 23:09:36 ----D---- C:\Program Files\Internet Explorer
2015-08-13 23:09:36 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 19:10:53 ----D---- C:\windows\system32\MRT
2015-08-13 06:25:12 ----D---- C:\ProgramData\Microsoft Help
2015-08-13 06:20:53 ----A---- C:\windows\win.ini
2015-08-12 08:15:35 ----D---- C:\windows\system32\catroot2
2015-08-08 15:55:08 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-08-27 65224]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-08-27 274808]
R0 MBI;@oem11.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-08-27 93528]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-08-27 1048344]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-08-27 447944]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-08-27 28656]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-08-27 90968]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-08-27 150672]
R3 ACPIVPC;@oem38.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-08-25 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem12.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2014-01-10 12655392]
R3 RSUSBVSTOR;@oem36.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
R3 RtkBtFilter;@oem15.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2014-01-14 558296]
R3 RTL8168;@oem9.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 rtsuvc;@oem34.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-02-27 9109720]
R3 RTWlanE;@oem19.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2013-12-26 2982104]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-24 34544]
R3 SynTP;@oem14.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-12-24 532720]
R3 TXEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem40.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 nmwcd;@oem43.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem47.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 ssudmdm;@oem42.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-01 343336]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-01-22 84992]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-08-25 198192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-14 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-14 16894752]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-01-10 922912]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-08-25 288240]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 Service Mgr RazorWeb;Service Mgr RazorWeb; C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugincontainer.exe [2015-08-21 1202952]
R2 Update Mgr RazorWeb;Update Mgr RazorWeb; C:\Program Files (x86)\Common Files\4776dc07-f30f-4d0b-87a6-e2d583c890d4\updater.exe [2015-09-05 715528]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-08-25 67856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [2015-01-15 619776]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-08-25 305136]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakujuce okna a nežiaduca reklama

#2 Příspěvek od Márty84 »

Zdravim :)

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
kocure
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 17 led 2007 18:32
Bydliště: BB-SK
Kontaktovat uživatele:
Kontaktovat uživatele kocure

Re: Vyskakujuce okna a nežiaduca reklama

#3 Příspěvek od kocure »

problem pretrvava

# AdwCleaner v5.005 - Logfile created 05/09/2015 at 11:22:02
# Updated 31/08/2015 by Xplode
# Database : 2015-09-04.4 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : Ladislav - LADISLAV
# Running from : C:\Users\Ladislav\Desktop\adwcleaner_5.005.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : Service Mgr RazorWeb
[!] Service Not Deleted : Service Mgr RazorWeb
[-] Service Deleted : Update Mgr RazorWeb

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Razor Web
[!] Folder Not Deleted : C:\Program Files (x86)\Razor Web
[-] Folder Deleted : C:\Program Files (x86)\Common Files\4776dc07-f30f-4d0b-87a6-e2d583c890d4
[!] Folder Not Deleted : C:\Program Files (x86)\Common Files\4776dc07-f30f-4d0b-87a6-e2d583c890d4
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4
[!] Folder Not Deleted : C:\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4
[-] Folder Deleted : C:\Users\Ladislav\AppData\Local\pokki
[-] Folder Deleted : C:\Users\Ladislav\AppData\Roaming\RPEng

***** [ Files ] *****

[-] File Deleted : C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
[-] File Deleted : C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
[-] File Deleted : C:\windows\Reimage.ini
[-] File Deleted : C:\windows\Sysnative\VisualDiscoveryOff.ini
[-] File Deleted : C:\windows\SysWOW64\VisualDiscovery.ini
[-] File Deleted : C:\windows\SysWOW64\VisualDiscoveryOff.ini

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2E22E1C9-9DDB-40DA-85C7-0753217FFF76}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E22E1C9-9DDB-40DA-85C7-0753217FFF76}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKLM\SOFTWARE\Reimage
[-] Key Deleted : HKLM\SOFTWARE\RazorWeb
[-] Key Deleted : HKLM\SOFTWARE\LENOVO\VisualDiscovery
[!] Key Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[!] Key Not Deleted : [x64] HKCU\Software\Pokki

***** [ Web browsers ] *****

[-] [C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.searchnu.com/406

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [4146 bytes] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakujuce okna a nežiaduca reklama

#4 Příspěvek od Márty84 »

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
kocure
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 17 led 2007 18:32
Bydliště: BB-SK
Kontaktovat uživatele:
Kontaktovat uživatele kocure

Re: Vyskakujuce okna a nežiaduca reklama

#5 Příspěvek od kocure »

vysledok scanu

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 5.9.2015
Čas skenování: 11:58
Protokol: sss.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.05.03
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ladislav

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 604410
Uplynulý čas: 2 hod, 56 min, 7 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 53
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\4776dc07-f30f-4d0b-87a6-e2d583c890d4\updater.bak.vir, , [ac9b131991fa93a320327424c63fdb25],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\4776dc07-f30f-4d0b-87a6-e2d583c890d4\updater.exe.vir, , [9daa53d90a81a591ada50a8eb64f9a66],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\4776dc07-f30f-4d0b-87a6-e2d583c890d4\updater.upd.vir, , [b097d3590685290d9fb38a0eca3b5da3],
PUP.Optional.BrowserWatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir, , [b691d3597d0e0630e69277cbfc04cc34],
PUP.Optional.BrowserWatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir, , [ef581418b9d25dd9aecab88a6c9430d0],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir, , [6cdb0527c3c843f32813234f05fc0ef2],
PUP.Optional.Elex, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir, , [c384de4e078489adc62a6e474eb3de22],
PUP.Optional.XTab, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir, , [a6a13fed3358cf67e1de5669ac556898],
PUP.Optional.SupTab, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir, , [1f28a18b2368a690b9916ced10f0a759],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugincontainer.bak.vir, , [f94ebd6f157694a277dbedab9f669868],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugincontainer.exe.vir, , [60e7c8642c5f52e45af87e1ab055c53b],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\12\Plugin.exe.vir, , [57f0e448117aa591bd954e4aee17a957],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\12\resources\plugin.dll.vir, , [a3a4b27a6625ef47e46eedab30d548b8],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\12bak\Plugin.exe.vir, , [9bac7fad2863bc7a034f5048b94c8d73],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\12bak\resources\plugin.dll.vir, , [79cea28ac1cafd39ed65adeb07fe2bd5],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\2\Plugin.exe.vir, , [1b2cf4381b706ec8450d712761a4f010],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\2bak\Plugin.exe.vir, , [cc7b86a6e4a7a492d67ca6f217ee3fc1],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\3\Plugin.exe.vir, , [0b3c52da1b708aac95bd2c6cd035649c],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\3bak\Plugin.exe.vir, , [0443be6e5932191daea4adeb80856c94],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\5\Plugin.exe.vir, , [93b463c9f893b97dd280593fe223af51],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\5bak\Plugin.exe.vir, , [da6dc765eaa1280ee86ab4e4877e5ea2],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\6\Plugin.exe.vir, , [c483c765e4a750e62c262a6e010459a7],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\6bak\Plugin.exe.vir, , [98afbc703952c670f0621b7d24e1867a],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7\Plugin.exe.vir, , [ba8dae7e4f3c5dd967eb06929273ae52],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7\resources\38.0.5.dll.vir, , [272065c7d2b944f2aaa814843cc96b95],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7\resources\39.0.0.dll.vir, , [e3643eeecebd7bbbbc9632664fb6a25e],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7\resources\40.0.0.dll.vir, , [85c29a920a8192a45ff38513da2bdd23],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7bak\Plugin.exe.vir, , [06414fdd414ad264d57d6a2e9c69c937],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7bak\resources\38.0.5.dll.vir, , [14333af22e5d88ae2032f6a2f3128878],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7bak\resources\39.0.0.dll.vir, , [92b5002cb5d6a78fcb87910782832fd1],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\7bak\resources\40.0.0.dll.vir, , [3611cd5f88032f07064c039535d09967],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\8\Plugin.exe.vir, , [e5621616dab172c461f10a8e6d98e61a],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\ProgramData\4776dc07-f30f-4d0b-87a6-e2d583c890d4\plugins\8bak\Plugin.exe.vir, , [e95e85a77813bd795cf617810df8847c],
PUP.Optional.WindowsProtectManger, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [ba8dec4059325bdbe3e11d3c619f55ab],
PUP.Optional.RazorWeb, C:\AdwCleaner\Quarantine\C\Users\Ladislav\AppData\Roaming\RPEng\69F9E4D562954CA1BE67D436A85727EB\setup.exe.vir, , [56f1a686d2b942f4440e722625e05fa1],
PUP.Optional.SuperFish, C:\AdwCleaner\Quarantine\C\windows\System32\drivers\VDWFP64.sys.vir, , [262183a90c7f84b2e4e3bad72dd859a7],
PUP.Optional.Somoto, C:\Program Files\Adware-Removal-Tool\Quarantine\Google Chrome\Default\File System\004\t\00\00000000, , [53f46cc0c7c462d48d692d2258a9af51],
PUP.Optional.Somoto, C:\Program Files\Adware-Removal-Tool\Quarantine\Google Chrome\Default\File System\004\t\00\00000001, , [ff48c3696229bb7b24d2f35cd62b8e72],
PUP.Optional.Somoto, C:\Program Files\Adware-Removal-Tool\Quarantine\Google Chrome\Default\File System\004\t\00\00000002, , [f1565bd1b5d6e15501f5ce8151b0f10f],
PUP.Optional.Somoto, C:\Program Files\Adware-Removal-Tool\Quarantine\Google Chrome\Default\File System\004\t\00\00000003, , [bd8a88a4d2b91f171bdb153a42bf9d63],
PUP.Optional.Somoto, C:\Program Files\Adware-Removal-Tool\Quarantine\Google Chrome\Default\File System\004\t\00\00000004, , [da6dfa321774cd69886e6fe00cf5758b],
PUP.Optional.RazorWeb, C:\Users\Ladislav\AppData\Local\Temp\{77B01C52-2B5F-4047-86F1-1A100BD743A7}.dll, , [a99e4be1f7940432252df8a0f5107b85],
PUP.Optional.RazorWeb, C:\Users\Ladislav\AppData\Local\Temp\{A1E68A37-5307-4409-96D5-81DB6E84E38B}.dll, , [97b071bbfd8e86b0d280d5c3cf36dd23],
PUP.Optional.RazorWeb, C:\Users\Ladislav\AppData\Local\Temp\{EC11383D-E7FB-475B-B00E-539800ECD62E}.dll, , [281ff23ad7b4b68020320e8ad62f29d7],
PUP.Optional.RazorWeb, C:\Users\Ladislav\AppData\Local\Temp\{F68EC210-17ED-4FD6-A2D4-8B7B2FCCEF49}.dll, , [2d1a7cb0d4b71b1b054d0692f51031cf],
PUP.Optional.RazorWeb, C:\Users\Ladislav\AppData\Local\Temp\{FF5F415E-B2D7-43C8-8845-7816B99C434E}.dll, , [9ea99498a9e24aecb79bb3e5b550cc34],
PUP.Optional.RazorWeb, C:\Users\Ladislav\AppData\Local\Temp\{19BD4B72-7838-488D-AE0D-6B3EE7E09336}.dll, , [f552dc50a6e5da5cbd95d9bf0bfa4eb2],
PUP.Optional.RazorWeb, C:\Users\Ladislav\AppData\Local\Temp\{3107CA01-6A54-405E-80A0-0495C931AC5F}.dll, , [400742ea810a45f1aaa87820729319e7],
PUP.Optional.RazorWeb, C:\Users\Ladislav\AppData\Local\Temp\{6706222B-238F-42E4-96B0-D3C201204F0B}.dll, , [9cab6ac2a0ebe94db2a05345848124dc],
PUP.Optional.OpenCandy, C:\Users\Ladislav\Downloads\GOMPLAYERENSETUP.EXE, , [3e091d0f3d4e66d0cc4c3b4d877eb24e],
Trojan.Agent, C:\Windows\hosts, , [e4637daf0586023431f2e4bc3bc838c8],
PUP.Optional.PricePeep, C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage, , [390e04288a015fd7c5512f77c242a35d],
PUP.Optional.PricePeep, C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal, , [1532e24a8704fc3ae531772f48bc06fa],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakujuce okna a nežiaduca reklama

#6 Příspěvek od Márty84 »

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
kocure
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 17 led 2007 18:32
Bydliště: BB-SK
Kontaktovat uživatele:
Kontaktovat uživatele kocure

Re: Vyskakujuce okna a nežiaduca reklama

#7 Příspěvek od kocure »

problem sa neodstranil...

tu je log
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 5.9.2015
Čas skenování: 16:03
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.05.04
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ladislav

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 604652
Uplynulý čas: 2 hod, 51 min, 40 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
PUP.Optional.PricePeep, C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage, , [ba8eb17bfe8dad89b08efea8758f0af6],
PUP.Optional.PricePeep, C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal, , [66e2c567b4d788ae3fff5e486b99fa06],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakujuce okna a nežiaduca reklama

#8 Příspěvek od Márty84 »

:arrow: Nalezy nechte odstranit, pak muzete MBAM odinstalovat.


:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
kocure
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 17 led 2007 18:32
Bydliště: BB-SK
Kontaktovat uživatele:
Kontaktovat uživatele kocure

Re: Vyskakujuce okna a nežiaduca reklama

#9 Příspěvek od kocure »

log zoek,ten prvy odkaz nefungoval


Zoek.exe v5.0.0.0 Updated 04-September-2015
Tool run by Ladislav on so 05.09.2015 at 22:11:10,96.
Microsoft Windows 8.1 so službou Bing 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ladislav\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5.9.2015 22:13:23 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Freemake deleted successfully
C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X6 deleted successfully
C:\PROGRA~3\Freemake deleted successfully
C:\Users\Ladislav\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Ladislav\AppData\Local\EmieSiteList deleted successfully
C:\Users\Ladislav\AppData\Local\EmieUserList deleted successfully
C:\Users\Ladislav\AppData\Local\PackageStaging deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1677144030-1501987465-2753303347-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Freemake not found
C:\PROGRA~2\New Folder not found
C:\PROGRA~2\Seznam.cz not found
C:\windows\sysWoW64\config\systemprofile\.android deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\Users\Ladislav\AppData\Local\BTServer.log deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27.08.2015 16:26]

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.85

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[12.04.2015 05:34]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12.04.2015 05:34]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01.05.2015 11:17]

Avast Online Security - Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Fix ======================

C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.reklaam00.reklaam.co_0.localstorage deleted successfully
C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.reklaam00.reklaam.co_0.localstorage-journal deleted successfully
C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage deleted successfully
C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal deleted successfully
C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage deleted successfully
C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.sk/"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.sk/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
{B24900CE-8471-4D83-A48C-F455A6F2C614} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Preferences.old was reset successfully
C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1677144030-1501987465-2753303347-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B24900CE-8471-4D83-A48C-F455A6F2C614} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B24900CE-8471-4D83-A48C-F455A6F2C614} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ladislav\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Ladislav\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Ladislav\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Ladislav\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5845 folders=143 273878049 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ladislav\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Ladislav\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on so 05.09.2015 at 22:52:35,78 ======================
Nahoru
Uživatelský avatar
kocure
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 17 led 2007 18:32
Bydliště: BB-SK
Kontaktovat uživatele:
Kontaktovat uživatele kocure

Re: Vyskakujuce okna a nežiaduca reklama

#10 Příspěvek od kocure »

problém stále pretrvava :(
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakujuce okna a nežiaduca reklama

#11 Příspěvek od Márty84 »

Junkware stahnete treba odtud http://www.stahuj.centrum.cz/utility_a_ ... oval-tool/

Vyskakuje to ve vsech prohlizecich?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
kocure
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 17 led 2007 18:32
Bydliště: BB-SK
Kontaktovat uživatele:
Kontaktovat uživatele kocure

Re: Vyskakujuce okna a nežiaduca reklama

#12 Příspěvek od kocure »

v IE problem sa uz problem nevyskytuje no v chrome po par klikoch stale otvara nove karty s neziaducimi strankami

log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 8.1 Connected x64
Ran by Ladislav on so 05.09.2015 at 23:25:53,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\Ladislav\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Ladislav\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Ladislav\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Ladislav\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 05.09.2015 at 23:33:57,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Nahoru
Uživatelský avatar
kocure
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 17 led 2007 18:32
Bydliště: BB-SK
Kontaktovat uživatele:
Kontaktovat uživatele kocure

Re: Vyskakujuce okna a nežiaduca reklama

#13 Příspěvek od kocure »

Po odinstalovani chromu,vycistenim ccleanerom a opatovnej instalcii sa problem nevyskytuje ani v tomto prehliadaci.Dakujem pekne za rady a trpezlivost!!!
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakujuce okna a nežiaduca reklama

#14 Příspěvek od Márty84 »

Bohuzel, nekdy je preinstalace prohlizece jedina moznost. Je to tam tak zazrane, ze to nejde opravit ani skriptem.

Nicmene doporucuji to docistit, aby to nebylo za chvili zpet.


:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
kocure
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 17 led 2007 18:32
Bydliště: BB-SK
Kontaktovat uživatele:
Kontaktovat uživatele kocure

Re: Vyskakujuce okna a nežiaduca reklama

#15 Příspěvek od kocure »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
Ran by Ladislav (administrator) on LADISLAV (06-09-2015 12:26:34)
Running from C:\Users\Ladislav\Desktop
Loaded Profiles: Ladislav (Available Profiles: Ladislav)
Platform: Windows 8.1 Connected (X64) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2233632 2014-01-14] (NVIDIA Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-02-27] (Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-08-25] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-08-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-27] (AVAST Software)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [NokiaPCInternetAccess] => C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe [651264 2009-05-26] (Nokia)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [Google Update] => C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc.)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-27] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2AB2ECA3-C5A8-4245-8550-AD42A23AB9BD}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7A0A494D-FE1E-45ED-B316-E26251B3F0E1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E9D07EEE-1E14-4DEB-8D70-7253FD568D17}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-27] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-27] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-1677144030-1501987465-2753303347-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ladislav\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1677144030-1501987465-2753303347-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ladislav\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-15]

Chrome:
=======
CHR Profile: C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-06]
CHR Extension: (Google Docs) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-06]
CHR Extension: (Google Drive) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-06]
CHR Extension: (YouTube) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-06]
CHR Extension: (Google Search) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-06]
CHR Extension: (Avast SafePrice) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (Avast Online Security) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-06]
CHR Extension: (Google Mail Checker) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-09-06]
CHR Extension: (Grass) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2015-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-06]
CHR Extension: (Gmail) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-27] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [84992 2014-01-22] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-25] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16894752 2014-01-14] (NVIDIA Corporation)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-08-25] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-08-25] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-08-25] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-27] (AVAST Software)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-14] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9109720 2014-02-27] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2982104 2013-12-26] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-06 12:26 - 2015-09-06 12:28 - 00023477 _____ C:\Users\Ladislav\Desktop\FRST.txt
2015-09-06 12:26 - 2015-09-06 12:26 - 00000000 ____D C:\FRST
2015-09-06 11:14 - 2015-09-06 11:14 - 02188800 _____ (Farbar) C:\Users\Ladislav\Desktop\FRST64.exe
2015-09-06 07:54 - 2015-09-06 08:05 - 00005656 _____ C:\windows\WindowsUpdate.log
2015-09-06 07:51 - 2015-09-06 08:03 - 00000265 _____ C:\windows\setupact.log
2015-09-06 07:51 - 2015-09-06 07:51 - 00003508 _____ C:\windows\PFRO.log
2015-09-06 07:51 - 2015-09-06 07:51 - 00000000 _____ C:\windows\setuperr.log
2015-09-06 07:50 - 2015-09-06 07:50 - 00000085 _____ C:\windows\wininit.ini
2015-09-06 07:36 - 2015-09-06 07:36 - 00002302 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-06 07:36 - 2015-09-06 07:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-06 06:09 - 2015-09-06 06:09 - 00694742 _____ C:\Users\Ladislav\Downloads\adobe_flash_player (3).rar
2015-09-05 23:33 - 2015-09-05 23:33 - 00001205 _____ C:\Users\Ladislav\Desktop\JRT.txt
2015-09-05 23:19 - 2015-09-05 23:19 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Ladislav\Downloads\JRT.exe
2015-09-05 22:50 - 2015-09-06 11:43 - 00002709 _____ C:\Users\Ladislav\AppData\Local\BTServer.log
2015-09-05 22:50 - 2015-09-05 22:10 - 00024064 _____ C:\windows\zoek-delete.exe
2015-09-05 22:13 - 2015-09-05 22:52 - 00011962 _____ C:\zoek-results.log
2015-09-05 22:10 - 2015-09-05 22:51 - 00000000 ____D C:\zoek_backup
2015-09-05 19:03 - 2015-09-05 14:56 - 00009558 _____ C:\Users\Ladislav\Desktop\sss – kópia.txt
2015-09-05 14:56 - 2015-09-05 14:56 - 00009558 _____ C:\Users\Ladislav\Desktop\sss.txt
2015-09-05 11:51 - 2015-09-05 11:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-05 11:48 - 2015-09-05 11:49 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ladislav\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-05 10:09 - 2015-09-05 10:10 - 01654272 _____ C:\Users\Ladislav\Downloads\adwcleaner_5.005 (1).exe
2015-09-05 09:40 - 2015-09-05 09:40 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-05 09:34 - 2015-09-06 07:51 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-05 09:34 - 2015-09-06 07:50 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-05 09:34 - 2015-09-05 09:34 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2015-09-05 09:28 - 2015-09-05 09:29 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ladislav\Downloads\SpyBot.Search.And.Destroy.v2.4.40.exe
2015-09-05 05:34 - 2015-09-05 05:35 - 00000000 ____D C:\rsit
2015-09-05 05:34 - 2015-09-05 05:34 - 00000000 ____D C:\Program Files\trend micro
2015-09-05 05:33 - 2015-09-05 05:33 - 01222144 _____ C:\Users\Ladislav\Downloads\RSITx64.exe
2015-09-05 05:25 - 2015-09-05 05:25 - 00694731 _____ C:\Users\Ladislav\Downloads\adobe_flash_player (2).rar
2015-09-05 04:22 - 2015-09-05 04:22 - 00000000 ____D C:\7f89b5c585135ce991fb236af47f73f6
2015-09-05 04:20 - 2015-09-05 04:22 - 51076312 _____ (Microsoft Corporation) C:\Users\Ladislav\Downloads\Windows-KB890830-x64-V5.27.exe
2015-09-04 19:00 - 2015-09-04 19:00 - 00694754 _____ C:\Users\Ladislav\Downloads\adobe_flash_player (1).rar
2015-09-04 05:08 - 2015-09-04 05:08 - 00694756 _____ C:\Users\Ladislav\Downloads\adobe_flash_player.rar
2015-09-02 16:33 - 2015-09-02 16:33 - 00000774 _____ C:\Users\Ladislav\Downloads\adobe_flash_player.appref-ms
2015-09-01 13:32 - 2015-09-05 04:29 - 00000536 _____ C:\Users\Ladislav\Downloads\debug.log
2015-09-01 08:35 - 2015-09-01 08:35 - 00000924 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d0e4806b4e67da.job
2015-08-27 16:26 - 2015-08-27 16:26 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-08-27 16:26 - 2015-08-27 16:26 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-08-19 21:06 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-19 21:06 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-08-13 07:48 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 07:48 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:26 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2015-08-12 08:26 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys
2015-08-12 08:26 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2015-08-12 08:24 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-12 08:24 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-12 08:24 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-12 08:24 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-12 08:24 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-12 08:24 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-08-12 08:24 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-08-12 08:24 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-08-12 08:24 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-08-12 08:24 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-12 08:24 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-12 08:24 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-08-12 08:24 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-12 08:24 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-12 08:24 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-12 08:24 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-12 08:24 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-12 08:24 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-12 08:24 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-08-12 08:24 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-08-12 08:24 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-08-12 08:24 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-08-12 08:24 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-08-12 08:24 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-08-12 08:24 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-08-12 08:24 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-08-12 08:24 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-12 08:24 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-12 08:24 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-12 08:24 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-08-12 08:24 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-08-12 08:24 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-08-12 08:24 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-12 08:24 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-08-12 08:24 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-08-12 08:24 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-12 08:24 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2015-08-12 08:24 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-12 08:24 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-08-12 08:24 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-08-12 08:24 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-08-12 08:24 - 2015-06-09 20:27 - 00411133 _____ C:\windows\system32\ApnDatabase.xml
2015-08-12 08:22 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-12 08:22 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-12 08:22 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-12 08:22 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-12 08:22 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-12 08:22 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-12 08:22 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-12 08:22 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-12 08:22 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-12 08:22 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-12 08:22 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-08-12 08:22 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-12 08:22 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-12 08:22 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-12 08:22 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-08-12 08:22 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-08-12 08:22 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2015-08-12 08:22 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 08:18 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2015-08-12 08:18 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2015-08-12 08:18 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2015-08-12 08:18 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-12 08:18 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-08-12 08:18 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-12 08:18 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-12 08:18 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-12 08:18 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-12 08:18 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:18 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-12 08:18 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-08-12 08:18 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-08-12 08:17 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-12 08:17 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-12 08:17 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-08-12 08:17 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2015-08-12 08:17 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 08:17 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 08:16 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-12 08:16 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-12 08:16 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-08-12 08:16 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-12 08:16 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-12 08:16 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-12 08:16 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-08-12 08:16 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-08-11 16:47 - 2015-08-11 16:47 - 00000000 ____D C:\Users\Ladislav\Desktop\Nový priečinok

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-06 12:25 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\sru
2015-09-06 12:06 - 2014-12-25 16:40 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-06 11:17 - 2015-01-08 14:30 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\ClassicShell
2015-09-06 08:09 - 2014-12-25 16:40 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1677144030-1501987465-2753303347-1001
2015-09-06 08:02 - 2015-06-22 20:08 - 00001283 _____ C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2015-09-06 08:02 - 2014-08-25 23:41 - 00000000 ____D C:\ProgramData\LU
2015-09-06 07:56 - 2014-03-18 11:53 - 00863592 _____ C:\windows\system32\PerfStringBackup.INI
2015-09-06 07:53 - 2014-12-25 16:40 - 00000958 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-06 07:53 - 2014-12-25 16:38 - 00000000 ___DO C:\Users\Ladislav\OneDrive
2015-09-06 07:51 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-09-06 07:50 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-09-06 07:36 - 2014-12-25 16:40 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Google
2015-09-06 07:36 - 2014-12-25 16:40 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-06 07:22 - 2014-12-25 16:39 - 00003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{67378135-B651-4680-ADF8-469C87A4F7B7}
2015-09-05 23:28 - 2014-08-25 23:30 - 00002560 _____ C:\windows\system32\VfService.trf
2015-09-05 21:59 - 2013-08-22 17:36 - 00000000 ___HD C:\windows\ELAMBKUP
2015-09-05 11:23 - 2014-12-25 16:30 - 00000000 ____D C:\Users\Ladislav
2015-09-05 11:22 - 2015-02-02 20:37 - 00000000 ____D C:\AdwCleaner
2015-09-05 09:00 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2015-09-04 21:27 - 2014-12-25 16:34 - 00000000 ____D C:\Users\Ladislav\AppData\Local\VirtualStore
2015-09-01 08:35 - 2015-07-22 05:50 - 00000924 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d0c43181a69b88.job
2015-08-30 06:01 - 2014-12-25 16:40 - 00003934 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 06:01 - 2014-12-25 16:40 - 00003698 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-27 16:27 - 2015-02-15 08:09 - 01048344 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-08-27 16:27 - 2015-02-15 08:09 - 00003924 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-08-27 16:26 - 2015-02-15 08:09 - 00447944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-08-27 16:26 - 2015-02-15 08:09 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2015-08-27 16:26 - 2015-02-15 08:09 - 00150672 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-08-27 16:26 - 2015-02-15 08:09 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-08-27 16:26 - 2015-02-15 08:09 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-08-27 16:26 - 2015-02-15 08:09 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2015-08-27 16:26 - 2015-02-15 08:09 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2015-08-23 19:01 - 2015-03-12 19:54 - 00000000 ____D C:\Users\Ladislav\Documents\OBRAZY_STAREHO_SVETA
2015-08-19 21:06 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2015-08-17 17:13 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2015-08-14 07:51 - 2013-08-22 16:44 - 00570056 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-14 07:50 - 2015-01-15 16:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 07:50 - 2015-01-15 16:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 23:09 - 2015-04-17 21:28 - 00000000 ____D C:\windows\system32\appraiser
2015-08-13 23:09 - 2015-03-12 21:44 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-13 23:09 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:09 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:09 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 23:09 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 19:10 - 2014-12-25 10:33 - 00000000 ____D C:\windows\system32\MRT
2015-08-13 18:30 - 2015-03-12 19:59 - 00000938 _____ C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-08-13 18:30 - 2015-03-12 19:59 - 00000000 ____D C:\Users\Ladislav\Documents\GomPlayer
2015-08-13 07:48 - 2015-01-15 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 07:44 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 07:44 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 06:25 - 2015-01-08 14:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 06:20 - 2013-08-22 15:25 - 00000167 _____ C:\windows\win.ini
2015-08-09 15:09 - 2015-08-05 09:36 - 00000000 ____D C:\Users\Ladislav\Documents\Podlavické výmole
2015-08-08 15:55 - 2015-06-12 19:50 - 00794088 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-06-12 19:50 - 00179688 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-09-05 22:50 - 2015-09-06 11:43 - 0002709 _____ () C:\Users\Ladislav\AppData\Local\BTServer.log
2015-01-04 10:41 - 2015-01-15 17:38 - 0004608 _____ () C:\Users\Ladislav\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-25 22:32 - 2014-08-25 22:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-06 06:20

==================== End of FRST.txt ============================
Přílohy
Addition1.rar
(9.4 KiB) Staženo 73 x
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“