VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosba o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=148219

Stránka 1 z 1

Prosba o kontrolu

Napsal: 05 bře 2016 22:42
od Skaal
Dobrý den, dnes se mi náhle v prohlížeči chrome neustále přesměrovávají stránky na nějaké reklamy a vyskakují nová okna, prosím o kontrolu logu, nejsem schopen najít příčinu.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17909 BrowserJavaVersion: 10.80.2
Run by David at 22:38:58 on 2016-03-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3954.639 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Fujitsu\PSUtility\PSUService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
C:\KMPlayer\KMPlayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Pomocná služba pro přihlášení k účtu Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: {c7c5384f-d9e9-4db1-8c72-135ecccbc571} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 82.163.142.7 95.211.158.134
TCP: NameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} : DHCPNameServer = 82.163.142.7
TCP: Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} : DHCPNameServer = 82.163.142.7
TCP: Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} : DHCPNameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}\0556E6A796F6E605271636861647963656 : DHCPNameServer = 10.255.255.10 10.255.255.20
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}\642756567596669625164696F6D294D474 : DHCPNameServer = 192.168.20.30 147.231.150.2
TCP: Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}\D607 : DHCPNameServer = 10.0.0.138
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [LoadFUJ02E3] "C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe"
x64-Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
x64-Run: [LoadFujitsuQuickTouch] "C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe"
x64-Run: [LoadBtnHnd] "C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-16 65736]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-16 272248]
R0 FBIOSDRV;Fujitsu BIOS Driver;C:\Windows\System32\drivers\FBIOSDRV.sys [2012-1-10 21104]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-14 16152]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-3-16 1047320]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-3-16 442264]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-6-22 29168]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-3-16 89944]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-1-4 137288]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-6-13 343336]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2012-1-11 27648]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-3-2 225280]
R2 FUJ02E3Service;FUJ02E3Service;C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [2011-11-24 76104]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-1-18 161560]
R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-1-9 1324104]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-1-9 795208]
R2 PFNService;PFNService;C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2011-12-22 2213376]
R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2012-3-2 63856]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-1-18 363800]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-12-13 747008]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2013-1-18 31216]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-6-18 1268568]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\Windows\System32\drivers\dtlitescsibus.sys [2015-10-21 30264]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\System32\drivers\fuj02e3.sys [2010-10-12 7296]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-14 60416]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-2-8 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-14 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-14 787736]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-3-2 251496]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-27 646248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-10-18 38424]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2015-3-17 58056]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-7-18 114688]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-22 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-22 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-22 30208]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-20 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-03-05 11:49:00 -------- d-----w- C:\ProgramData\e773361e-3357-0
2016-03-05 11:44:12 -------- d-----w- C:\ProgramData\e773361e-3e25-0
2016-03-05 11:44:11 -------- d-----w- C:\ProgramData\ba9d7e16
2016-03-05 11:42:06 -------- d-----w- C:\ProgramData\{16d27376-512c-0}
2016-03-05 11:42:06 -------- d-----w- C:\ProgramData\{0a836d26-112c-0}
2016-03-05 11:42:05 -------- d-----w- C:\ProgramData\{2a6aa01e-212c-1}
2016-03-05 11:42:05 -------- d-----w- C:\ProgramData\{10992f4e-312c-1}
2016-03-04 08:46:19 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\offreg.6740.dll
2016-03-04 08:25:32 -------- d-----w- C:\Users\David\AppData\Roaming\MEGA6_6140226
2016-03-04 08:24:53 -------- d-----w- C:\Users\David\AppData\Roaming\MEGA_Global
2016-03-04 08:24:44 -------- d-----w- C:\Program Files (x86)\MEGA6
2016-03-01 21:59:47 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\offreg.5784.dll
2016-02-28 18:19:36 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\offreg.6236.dll
2016-02-23 19:13:31 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\offreg.4160.dll
2016-02-23 19:08:28 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA40A44-3DFA-4743-A1EC-337D53DFE1CE}\mpengine.dll
.
==================== Find3M ====================
.
2016-02-09 20:39:22 796864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-02-09 20:39:22 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-09 20:39:05 8817344 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
.
============= FINISH: 22:40:53,52 ===============

Re: Prosba o kontrolu

Napsal: 06 bře 2016 11:01
od Rudy
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 , DDS je už za zenitem.

Re: Prosba o kontrolu

Napsal: 06 bře 2016 11:27
od Skaal
Dobrý den, přikládám. P.S.: Po vyčištění adwcleanerem a nočním odpočinku ntb už to asi přešlo, ale i tak prosím o kontrolu, vubec netušim jak k tomu vlastně došlo.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by David (administrator) on DAVID-NTB (06-03-2016 11:20:17)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PandoraTV) C:\KMPlayer\KMPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-13] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-06-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-13] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-06-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2835022699-1091635085-3703951640-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-03] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/iq
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> clock
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-19]
CHR Extension: (Chrome Currency Converter) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk [2016-02-02]
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2016-02-04]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-02]
CHR Extension: (Manga Viewer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebalkdfejapnfbngpmhchkboajaofen [2016-03-02]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-02-17]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (Vyhledávání Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (Fun Switcher) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2015-02-09]
CHR Extension: (Read Later Fast) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2015-05-14]
CHR Extension: (Timer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2015-02-09]
CHR Extension: (Gmail Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-02-09]
CHR Extension: (Kalendář Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-02-02]
CHR Extension: (Zotero Connector) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-03-26]
CHR Extension: (Tabulky Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-02]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-03]
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-14]
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
CHR Extension: (PDF to Word Converter App) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclipofobaadknkadkpgggmjkebddjam [2015-02-09]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2015-02-09]
CHR Extension: (Převod měn) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2015-02-09]
CHR Extension: (Unit Convertor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf [2015-02-09]
CHR Extension: (The Great Suspender) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-05-26]
CHR Extension: (Steambirds: Survival) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2015-02-09]
CHR Extension: (Mapy Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-02]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-02-09]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-02-24]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-02-09]
CHR Extension: (Grass) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2016-03-05]
CHR Extension: (Graph.tk) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2015-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Psykopaint) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-03-26]
CHR Extension: (Connected Mind) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc [2015-02-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-13] (Avast Software s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-13] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 11:20 - 2016-03-06 11:20 - 00026831 _____ C:\Users\David\Desktop\FRST.txt
2016-03-06 11:20 - 2016-03-06 11:20 - 00000000 ____D C:\FRST
2016-03-06 11:18 - 2016-03-06 11:19 - 02374144 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-03-06 10:18 - 2016-03-06 10:18 - 22908888 _____ (Malwarebytes ) C:\Users\David\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-05 23:30 - 2016-03-06 00:49 - 1416899846 _____ C:\Users\David\Desktop\Drákula-Neznámá-legenda-(2014)-CZ--dabing.avi
2016-03-05 22:53 - 2016-03-05 22:53 - 01518592 _____ C:\Users\David\Desktop\adwcleaner_5.037.exe
2016-03-05 22:41 - 2016-03-05 22:41 - 00010470 _____ C:\Users\David\Desktop\attach.txt
2016-03-05 22:41 - 2016-03-05 22:40 - 00020736 _____ C:\Users\David\Desktop\dds.txt
2016-03-05 22:38 - 2016-03-05 22:38 - 00688992 ____R (Swearware) C:\Users\David\Desktop\dds.exe
2016-03-05 21:40 - 2016-03-05 21:40 - 00001076 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-05 21:23 - 2016-03-05 21:23 - 00000832 _____ C:\Users\David\AppData\Local\recently-used.xbel
2016-03-05 21:09 - 2016-03-05 23:06 - 1091749888 _____ C:\Users\David\Desktop\HOBIT-BITVA-PĚTI-ARMÁD-2014-CZ-dabing.avi
2016-03-05 20:55 - 2016-03-05 20:55 - 00023090 _____ C:\Users\David\Desktop\envy_všechny.mas
2016-03-04 12:19 - 2016-03-04 12:20 - 00000000 ____D C:\Users\David\Desktop\Cesta do vesmíru
2016-03-04 10:33 - 2016-03-05 20:55 - 00058261 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.xlsx
2016-03-04 10:25 - 2016-03-04 10:25 - 00007258 _____ C:\Users\David\Desktop\envy_všechny alig.pdf
2016-03-04 10:24 - 2016-03-04 10:24 - 00007835 _____ C:\Users\David\Desktop\envy_všechny alig.pl
2016-03-04 10:10 - 2016-03-04 10:10 - 00042272 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.csv
2016-03-04 09:51 - 2016-03-04 09:51 - 00022517 _____ C:\Users\David\Desktop\envy_všechny_alig.fas
2016-03-04 09:40 - 2016-03-04 09:40 - 00000000 _____ C:\Users\David\Desktop\envy druhej pokus.txt
2016-03-04 09:34 - 2016-03-04 09:44 - 00022863 _____ C:\Users\David\Desktop\envy_všechny.fasta
2016-03-04 09:25 - 2016-03-04 09:25 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA6_6140226
2016-03-04 09:24 - 2016-03-05 21:41 - 00000000 ____D C:\Program Files (x86)\MEGA6
2016-03-04 09:24 - 2016-03-04 09:25 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA_Global
2016-03-04 09:24 - 2016-03-04 09:24 - 00000973 _____ C:\Users\Public\Desktop\MEGA6.lnk
2016-03-04 09:24 - 2016-03-04 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA6
2016-03-04 09:23 - 2016-03-05 20:55 - 00022021 _____ C:\Users\David\Desktop\envy_všechny.txt
2016-03-04 09:23 - 2016-03-04 09:23 - 00000000 ____D C:\Users\David\Desktop\alig-2016-03-04
2016-03-04 09:22 - 2016-03-04 09:23 - 39242512 _____ C:\Users\David\Desktop\alig-2016-03-04.zip
2016-03-04 09:09 - 2016-03-04 11:38 - 1429179106 _____ C:\Users\David\Desktop\Hobit---Neočekaváná-cesta-cz.avi
2016-03-02 23:14 - 2016-03-03 00:54 - 1786076936 _____ C:\Users\David\Desktop\Hobit-Neocekavana-cesta-.2013-BDRip-CZ-Dab.avi
2016-03-02 21:23 - 2016-03-02 23:14 - 1061631414 _____ C:\Users\David\Desktop\Thor-Temný-svět-cz-(2013).avi
2016-03-02 19:53 - 2016-03-02 21:19 - 1534194616 _____ C:\Users\David\Desktop\Captain-America-První-Avenger-2011-CZ.avi
2016-03-02 19:42 - 2016-03-02 19:42 - 00603683 _____ C:\Users\David\Desktop\mcas2.ma4
2016-03-02 10:05 - 2016-03-02 10:05 - 00003928 _____ C:\Users\David\Desktop\13envu.rar
2016-03-02 10:03 - 2016-03-02 10:03 - 00405259 _____ C:\Users\David\Desktop\mcas-doma.ma4
2016-03-02 10:03 - 2016-03-02 10:03 - 00081435 _____ C:\Users\David\Desktop\strainy-doma.ma4
2016-03-01 23:21 - 2016-03-01 23:21 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (2)
2016-03-01 23:20 - 2016-03-01 23:20 - 00370551 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (2).zip
2016-03-01 23:19 - 2016-03-01 23:19 - 00000000 ____D C:\Users\David\Desktop\generálka
2016-03-01 23:15 - 2016-03-01 23:18 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (1)
2016-03-01 23:14 - 2016-03-01 23:14 - 00046835 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (1).zip
2016-03-01 22:58 - 2016-03-01 22:59 - 00024917 _____ C:\Users\David\Desktop\documents-export-2016-03-01.zip
2016-03-01 21:27 - 2016-03-02 00:26 - 1715738624 _____ C:\Users\David\Desktop\Strazci-galaxie-2014-CZ-dabing.avi
2016-03-01 19:27 - 2016-02-28 22:46 - 00000000 ____D C:\Users\David\Desktop\Legie
2016-03-01 19:21 - 2016-02-28 19:08 - 00000000 ____D C:\Users\David\Desktop\LegiePortrety
2016-03-01 19:16 - 2016-03-01 19:24 - 361254313 _____ C:\Users\David\Desktop\LegieNahled.zip
2016-03-01 19:16 - 2016-03-01 19:17 - 79731011 _____ C:\Users\David\Desktop\LegiePortrety.zip
2016-02-22 01:15 - 2016-02-24 00:40 - 00000000 ____D C:\Users\David\Desktop\filmy
2016-02-21 12:33 - 2016-02-21 12:33 - 00000000 ____D C:\Users\David\Desktop\černá zmije
2016-02-07 19:22 - 2016-02-07 19:22 - 00000000 ____D C:\Users\David\Desktop\medival virology

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 11:20 - 2013-01-26 18:02 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-03-06 10:58 - 2015-10-25 15:24 - 00146432 ___SH C:\Users\David\Documents\Thumbs.db
2016-03-06 10:54 - 2013-02-03 17:49 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-03-06 10:41 - 2016-02-02 18:16 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2016-03-06 10:39 - 2014-04-29 10:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-06 10:35 - 2015-02-04 02:51 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-06 10:10 - 2016-02-02 18:33 - 00000000 ____D C:\KMPlayer
2016-03-06 09:53 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 09:53 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-06 09:45 - 2012-01-10 20:08 - 00666444 _____ C:\Windows\system32\perfh005.dat
2016-03-06 09:45 - 2012-01-10 20:08 - 00140108 _____ C:\Windows\system32\perfc005.dat
2016-03-06 09:45 - 2009-07-14 06:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-06 09:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-06 09:40 - 2013-01-18 20:33 - 00000000 ___HD C:\Users\David\Documents\Youcam
2016-03-06 09:38 - 2015-02-04 02:51 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-06 09:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-05 23:12 - 2014-04-24 02:17 - 00000000 ____D C:\AdwCleaner
2016-03-05 22:59 - 2015-10-21 22:04 - 00000000 ____D C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2016-03-05 22:59 - 2013-02-01 22:12 - 00000000 ____D C:\Users\David\AppData\Roaming\Winamp
2016-03-05 22:58 - 2012-01-10 02:44 - 00000000 ____D C:\Windows\Panther
2016-03-05 21:34 - 2013-01-22 21:05 - 00000000 ____D C:\Users\David\.gimp-2.8
2016-03-05 20:59 - 2013-03-16 11:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-03-05 20:55 - 2014-01-25 20:41 - 00000000 ____D C:\VNTI Database
2016-03-04 09:36 - 2014-01-25 20:46 - 00000029 _____ C:\Windows\Vnti40.ini
2016-02-22 01:16 - 2015-10-21 21:55 - 00000000 ____D C:\Users\David\Desktop\Star-Wars-Galactic-Battlegrounds
2016-02-20 00:03 - 2013-01-18 20:39 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 22:58 - 2015-11-09 23:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 22:19 - 2015-09-06 09:18 - 00000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2016-02-14 21:33 - 2013-01-26 18:01 - 00000000 ____D C:\ProgramData\Skype
2016-02-09 21:39 - 2016-01-19 19:23 - 08817344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 21:39 - 2013-11-04 21:56 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 07:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-05-09 01:34 - 2015-05-11 17:25 - 0005120 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 21:45 - 2014-04-09 21:48 - 0029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE
2016-03-05 21:23 - 2016-03-05 21:23 - 0000832 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2016-01-30 02:15 - 2016-01-30 02:15 - 0000000 _____ () C:\Users\David\AppData\Local\{DEBAF0B2-1C55-4D61-AB88-CE190AB94FFC}
2013-01-22 20:26 - 2013-01-22 20:59 - 0002778 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-01 16:12

==================== End of FRST.txt ============================

Re: Prosba o kontrolu

Napsal: 06 bře 2016 12:29
od Rudy
Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosba o kontrolu

Napsal: 06 bře 2016 13:18
od Skaal
Přikládám dnešní a poté i včerejší log.

Dnešní:
# AdwCleaner v5.037 - Logfile created 06/03/2016 at 13:09:49
# Updated 28/02/2016 by Xplode
# Database : 2016-03-06.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : David - DAVID-NTB
# Running from : C:\Users\David\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lfmhcpmkbdkbgbmkjoiopeeegenkdikp

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [9652 bytes] - [05/03/2016 23:12:05]
C:\AdwCleaner\AdwCleaner[C2].txt - [924 bytes] - [06/03/2016 13:09:49]
C:\AdwCleaner\AdwCleaner[R1].txt - [1461 bytes] - [24/04/2014 02:17:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [11582 bytes] - [24/04/2014 05:46:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [1127 bytes] - [06/03/2016 12:57:35]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1216 bytes] ##########

Včerejší:
# AdwCleaner v5.037 - Logfile created 05/03/2016 at 23:12:05
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : David - DAVID-NTB
# Running from : C:\Users\David\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\Browser Stabilizer
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\ba9d7e16
[-] Folder Deleted : C:\ProgramData\d3b11a26-2693-0
[-] Folder Deleted : C:\ProgramData\d3b11a26-42f5-1
[-] Folder Deleted : C:\ProgramData\e773361e-3357-0
[-] Folder Deleted : C:\ProgramData\e773361e-3e25-0
[-] Folder Deleted : C:\ProgramData\fc61cc3bb39b4e6f
[-] Folder Deleted : C:\ProgramData\FUUn2Save
[-] Folder Deleted : C:\ProgramData\RemoveTheADApp
[-] Folder Deleted : C:\ProgramData\RoBoSaVier
[-] Folder Deleted : C:\ProgramData\{0a836d26-112c-0}
[-] Folder Deleted : C:\ProgramData\{10992f4e-312c-1}
[-] Folder Deleted : C:\ProgramData\{16d27376-512c-0}
[-] Folder Deleted : C:\ProgramData\{2a6aa01e-212c-1}
[-] Folder Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
[-] Folder Deleted : C:\Users\David\AppData\Roaming\RHEng
[-] Folder Deleted : C:\Users\David\AppData\Roaming\Opera Software\Opera Stable\Extensions\ioljdahhggdmagekkhffojlpgngehdcf

***** [ Files ] *****

[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage-journal
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
[-] File Deleted : C:\Users\David\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ioljdahhggdmagekkhffojlpgngehdcf_0.localstorage

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : {A789F657-5CB2-4D7A-1E36-73E77EFD116C}

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ba9d7e16}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{06F495FE-4BFD-43C1-A8D0-A33798B89976} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7F04F4D5-4C5B-4565-88DE-06E7C7731FAC} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884} [NameServer]

***** [ Web browsers ] *****

[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lfmhcpmkbdkbgbmkjoiopeeegenkdikp

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [9321 bytes] - [05/03/2016 23:12:05]
C:\AdwCleaner\AdwCleaner[R1].txt - [1461 bytes] - [24/04/2014 02:17:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [11582 bytes] - [24/04/2014 05:46:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9541 bytes] ##########

Re: Prosba o kontrolu

Napsal: 06 bře 2016 17:50
od Rudy
Dejte nový log FRST.

Re: Prosba o kontrolu

Napsal: 06 bře 2016 18:33
od Skaal
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by David (administrator) on DAVID-NTB (06-03-2016 18:32:08)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(PandoraTV) C:\KMPlayer\KMPlayer.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\Vector NTI 7.exe
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\VectorNTIExplorer.exe
() C:\Program Files (x86)\MEGA6\MEGA6.exe
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\Alignment.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(InforMax, Inc.) C:\Program Files (x86)\Vector NTI Suite 7\Alignment.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{3DA63EE0-F3BB-42D0-A16B-36835B495AA6}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{7624E1DB-96F6-4B26-90AF-88AE31013199}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{D5F27722-1DA7-47D3-B925-019964987884}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-13] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-06-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-13] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-06-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2835022699-1091635085-3703951640-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-03] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/iq
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> clock
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-19]
CHR Extension: (Chrome Currency Converter) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk [2016-02-02]
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2016-02-04]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-02]
CHR Extension: (Manga Viewer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebalkdfejapnfbngpmhchkboajaofen [2016-03-02]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-02-17]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (Vyhledávání Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (Fun Switcher) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2015-02-09]
CHR Extension: (Read Later Fast) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2015-05-14]
CHR Extension: (Timer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2015-02-09]
CHR Extension: (Gmail Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-02-09]
CHR Extension: (Kalendář Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-02-02]
CHR Extension: (Zotero Connector) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-03-26]
CHR Extension: (Tabulky Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-02]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-03]
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-14]
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
CHR Extension: (PDF to Word Converter App) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclipofobaadknkadkpgggmjkebddjam [2015-02-09]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2015-02-09]
CHR Extension: (Převod měn) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2015-02-09]
CHR Extension: (Unit Convertor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf [2015-02-09]
CHR Extension: (The Great Suspender) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-05-26]
CHR Extension: (Steambirds: Survival) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2015-02-09]
CHR Extension: (Mapy Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-02]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-02-09]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-02-24]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-02-09]
CHR Extension: (Grass) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2016-03-05]
CHR Extension: (Graph.tk) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2015-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Psykopaint) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-03-26]
CHR Extension: (Connected Mind) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc [2015-02-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-13] (Avast Software s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-13] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 18:28 - 2016-03-06 18:29 - 00007018 _____ C:\Users\David\Desktop\_exdata.gb
2016-03-06 15:29 - 2016-03-06 15:29 - 00018304 _____ C:\Users\David\Desktop\sample.tab
2016-03-06 15:02 - 2016-03-06 15:06 - 00018763 _____ C:\Users\David\Desktop\envy_všechny_bez_ehrs_alig.fas
2016-03-06 14:58 - 2016-03-06 14:58 - 00019052 _____ C:\Users\David\Desktop\envy_všechny_bez_ehrs.fasta
2016-03-06 14:51 - 2016-03-06 14:58 - 00018350 _____ C:\Users\David\Desktop\envy_všechny_bez_ehrs.txt
2016-03-06 14:22 - 2016-03-06 14:22 - 00332953 _____ C:\Users\David\Desktop\REL results.pdf
2016-03-06 14:09 - 2016-03-06 14:09 - 00007589 _____ C:\Users\David\Desktop\123.fas
2016-03-06 13:53 - 2016-03-06 13:53 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA6_6140226
2016-03-06 13:53 - 2016-03-06 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageMagick 6.7.5 Q16
2016-03-06 13:52 - 2016-03-06 13:52 - 39197788 _____ (Center for Evolutionary Medicine and Informatics ) C:\Users\David\Desktop\MEGA6.06_setup.exe
2016-03-06 13:40 - 2016-03-06 13:40 - 04463589 _____ C:\Users\David\Desktop\seminář.pptx
2016-03-06 13:40 - 2016-03-06 13:40 - 00000165 ____H C:\Users\David\Desktop\~$seminář.pptx
2016-03-06 13:38 - 2016-03-06 13:38 - 03830050 _____ C:\Users\David\Desktop\ehr.pptx
2016-03-06 12:13 - 2016-03-06 13:07 - 979516740 _____ C:\Users\David\Desktop\Capitan-Amerika-2-Zimny-vojak-2015-Cz-dabing.avi
2016-03-06 11:21 - 2016-03-06 11:24 - 00037064 _____ C:\Users\David\Desktop\Addition.txt
2016-03-06 11:20 - 2016-03-06 18:32 - 00026816 _____ C:\Users\David\Desktop\FRST.txt
2016-03-06 11:20 - 2016-03-06 18:32 - 00000000 ____D C:\FRST
2016-03-06 11:18 - 2016-03-06 11:19 - 02374144 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-03-06 10:18 - 2016-03-06 10:18 - 22908888 _____ (Malwarebytes ) C:\Users\David\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-05 23:30 - 2016-03-06 00:49 - 1416899846 _____ C:\Users\David\Desktop\Drákula-Neznámá-legenda-(2014)-CZ--dabing.avi
2016-03-05 22:53 - 2016-03-05 22:53 - 01518592 _____ C:\Users\David\Desktop\adwcleaner_5.037.exe
2016-03-05 22:41 - 2016-03-05 22:41 - 00010470 _____ C:\Users\David\Desktop\attach.txt
2016-03-05 22:41 - 2016-03-05 22:40 - 00020736 _____ C:\Users\David\Desktop\dds.txt
2016-03-05 22:38 - 2016-03-05 22:38 - 00688992 ____R (Swearware) C:\Users\David\Desktop\dds.exe
2016-03-05 21:40 - 2016-03-05 21:40 - 00001076 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-05 21:23 - 2016-03-05 21:23 - 00000832 _____ C:\Users\David\AppData\Local\recently-used.xbel
2016-03-05 21:09 - 2016-03-05 23:06 - 1091749888 _____ C:\Users\David\Desktop\HOBIT-BITVA-PĚTI-ARMÁD-2014-CZ-dabing.avi
2016-03-05 20:55 - 2016-03-05 20:55 - 00023090 _____ C:\Users\David\Desktop\envy_všechny.mas
2016-03-04 12:19 - 2016-03-04 12:20 - 00000000 ____D C:\Users\David\Desktop\Cesta do vesmíru
2016-03-04 10:33 - 2016-03-05 20:55 - 00058261 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.xlsx
2016-03-04 10:25 - 2016-03-04 10:25 - 00007258 _____ C:\Users\David\Desktop\envy_všechny alig.pdf
2016-03-04 10:24 - 2016-03-04 10:24 - 00007835 _____ C:\Users\David\Desktop\envy_všechny alig.pl
2016-03-04 10:10 - 2016-03-04 10:10 - 00042272 _____ C:\Users\David\Desktop\upload.409710228231702.1_REL_report.csv
2016-03-04 09:51 - 2016-03-04 09:51 - 00022517 _____ C:\Users\David\Desktop\envy_všechny_alig.fas
2016-03-04 09:40 - 2016-03-04 09:40 - 00000000 _____ C:\Users\David\Desktop\envy druhej pokus.txt
2016-03-04 09:34 - 2016-03-04 09:44 - 00022863 _____ C:\Users\David\Desktop\envy_všechny.fasta
2016-03-04 09:24 - 2016-03-06 13:53 - 00000000 ____D C:\Program Files (x86)\MEGA6
2016-03-04 09:24 - 2016-03-06 13:52 - 00000973 _____ C:\Users\Public\Desktop\MEGA6.lnk
2016-03-04 09:24 - 2016-03-06 13:52 - 00000000 ____D C:\Users\David\AppData\Roaming\MEGA_Global
2016-03-04 09:24 - 2016-03-06 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA6
2016-03-04 09:23 - 2016-03-05 20:55 - 00022021 _____ C:\Users\David\Desktop\envy_všechny.txt
2016-03-04 09:23 - 2016-03-04 09:23 - 00000000 ____D C:\Users\David\Desktop\alig-2016-03-04
2016-03-04 09:22 - 2016-03-04 09:23 - 39242512 _____ C:\Users\David\Desktop\alig-2016-03-04.zip
2016-03-04 09:09 - 2016-03-04 11:38 - 1429179106 _____ C:\Users\David\Desktop\Hobit---Neočekaváná-cesta-cz.avi
2016-03-02 23:14 - 2016-03-03 00:54 - 1786076936 _____ C:\Users\David\Desktop\Hobit-Neocekavana-cesta-.2013-BDRip-CZ-Dab.avi
2016-03-02 21:23 - 2016-03-02 23:14 - 1061631414 _____ C:\Users\David\Desktop\Thor-Temný-svět-cz-(2013).avi
2016-03-02 19:53 - 2016-03-02 21:19 - 1534194616 _____ C:\Users\David\Desktop\Captain-America-První-Avenger-2011-CZ.avi
2016-03-02 19:42 - 2016-03-02 19:42 - 00603683 _____ C:\Users\David\Desktop\mcas2.ma4
2016-03-02 10:05 - 2016-03-02 10:05 - 00003928 _____ C:\Users\David\Desktop\13envu.rar
2016-03-02 10:03 - 2016-03-02 10:03 - 00405259 _____ C:\Users\David\Desktop\mcas-doma.ma4
2016-03-02 10:03 - 2016-03-02 10:03 - 00081435 _____ C:\Users\David\Desktop\strainy-doma.ma4
2016-03-01 23:21 - 2016-03-01 23:21 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (2)
2016-03-01 23:20 - 2016-03-01 23:20 - 00370551 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (2).zip
2016-03-01 23:19 - 2016-03-01 23:19 - 00000000 ____D C:\Users\David\Desktop\generálka
2016-03-01 23:15 - 2016-03-01 23:18 - 00000000 ____D C:\Users\David\Desktop\documents-export-2016-03-01 (1)
2016-03-01 23:14 - 2016-03-01 23:14 - 00046835 _____ C:\Users\David\Desktop\documents-export-2016-03-01 (1).zip
2016-03-01 22:58 - 2016-03-01 22:59 - 00024917 _____ C:\Users\David\Desktop\documents-export-2016-03-01.zip
2016-03-01 21:27 - 2016-03-02 00:26 - 1715738624 _____ C:\Users\David\Desktop\Strazci-galaxie-2014-CZ-dabing.avi
2016-03-01 19:27 - 2016-02-28 22:46 - 00000000 ____D C:\Users\David\Desktop\Legie
2016-03-01 19:21 - 2016-02-28 19:08 - 00000000 ____D C:\Users\David\Desktop\LegiePortrety
2016-03-01 19:16 - 2016-03-01 19:24 - 361254313 _____ C:\Users\David\Desktop\LegieNahled.zip
2016-03-01 19:16 - 2016-03-01 19:17 - 79731011 _____ C:\Users\David\Desktop\LegiePortrety.zip
2016-02-22 01:15 - 2016-02-24 00:40 - 00000000 ____D C:\Users\David\Desktop\filmy
2016-02-21 12:33 - 2016-02-21 12:33 - 00000000 ____D C:\Users\David\Desktop\černá zmije
2016-02-07 19:22 - 2016-02-07 19:22 - 00000000 ____D C:\Users\David\Desktop\medival virology

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 18:29 - 2014-01-25 20:41 - 00000000 ____D C:\VNTI Database
2016-03-06 18:10 - 2013-02-03 17:49 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-03-06 18:09 - 2016-02-02 18:33 - 00000000 ____D C:\KMPlayer
2016-03-06 17:39 - 2014-04-29 10:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-06 17:34 - 2015-02-04 02:51 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-06 13:51 - 2014-01-25 20:46 - 00000029 _____ C:\Windows\Vnti40.ini
2016-03-06 13:21 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 13:21 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-06 13:18 - 2012-01-10 20:08 - 00666444 _____ C:\Windows\system32\perfh005.dat
2016-03-06 13:18 - 2012-01-10 20:08 - 00140108 _____ C:\Windows\system32\perfc005.dat
2016-03-06 13:18 - 2009-07-14 06:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-06 13:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-06 13:13 - 2013-01-18 20:33 - 00000000 ___HD C:\Users\David\Documents\Youcam
2016-03-06 13:11 - 2015-02-04 02:51 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-06 13:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-06 13:09 - 2014-04-24 02:17 - 00000000 ____D C:\AdwCleaner
2016-03-06 12:56 - 2013-01-26 18:02 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-03-06 10:58 - 2015-10-25 15:24 - 00146432 ___SH C:\Users\David\Documents\Thumbs.db
2016-03-06 10:41 - 2016-02-02 18:16 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2016-03-05 22:59 - 2015-10-21 22:04 - 00000000 ____D C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2016-03-05 22:59 - 2013-02-01 22:12 - 00000000 ____D C:\Users\David\AppData\Roaming\Winamp
2016-03-05 22:58 - 2012-01-10 02:44 - 00000000 ____D C:\Windows\Panther
2016-03-05 21:34 - 2013-01-22 21:05 - 00000000 ____D C:\Users\David\.gimp-2.8
2016-03-05 20:59 - 2013-03-16 11:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-22 01:16 - 2015-10-21 21:55 - 00000000 ____D C:\Users\David\Desktop\Star-Wars-Galactic-Battlegrounds
2016-02-20 00:03 - 2013-01-18 20:39 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 22:58 - 2015-11-09 23:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 22:19 - 2015-09-06 09:18 - 00000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2016-02-14 21:33 - 2013-01-26 18:01 - 00000000 ____D C:\ProgramData\Skype
2016-02-09 21:39 - 2016-01-19 19:23 - 08817344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 21:39 - 2013-11-04 21:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 21:39 - 2013-11-04 21:56 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 07:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-05-09 01:34 - 2015-05-11 17:25 - 0005120 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 21:45 - 2014-04-09 21:48 - 0029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE
2016-03-05 21:23 - 2016-03-05 21:23 - 0000832 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2016-01-30 02:15 - 2016-01-30 02:15 - 0000000 _____ () C:\Users\David\AppData\Local\{DEBAF0B2-1C55-4D61-AB88-CE190AB94FFC}
2013-01-22 20:26 - 2013-01-22 20:59 - 0002778 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-01 16:12

==================== End of FRST.txt ============================

Re: Prosba o kontrolu

Napsal: 06 bře 2016 19:17
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Vnti40.ini
C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosba o kontrolu

Napsal: 06 bře 2016 19:43
od Skaal
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by David (2016-03-06 19:41:36) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: E - E:\CloneCampaigns.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {83cb2639-79be-11e5-a181-685d43d7c1f1} - F:\Autorun.exe
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\...\MountPoints2: {d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} - E:\CloneCampaigns.exe
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2835022699-1091635085-3703951640-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-05] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Extension: (Cool Hodin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-02-02]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Vnti40.ini
C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
C:\Program Files (x86)\Google\GoogleToolbarNotifier => moved successfully
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => key removed successfully
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83cb2639-79be-11e5-a181-685d43d7c1f1}" => key removed successfully
HKCR\CLSID\{83cb2639-79be-11e5-a181-685d43d7c1f1} => key not found.
"HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1}" => key removed successfully
HKCR\CLSID\{d8d7fa0d-75ca-11e5-a4fb-685d43d7c1f1} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp" => key removed successfully
HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending" => key removed successfully
HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot" => key removed successfully
HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared" => key removed successfully
HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKU\S-1-5-21-2835022699-1091635085-3703951640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => not found.
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => not found.
C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => not found.
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Vnti40.ini => moved successfully
C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

==== End of Fixlog 19:41:39 ====

Re: Prosba o kontrolu

Napsal: 06 bře 2016 20:16
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosba o kontrolu

Napsal: 06 bře 2016 21:38
od Skaal
Děkuji moc, reklamy už mě neruší!

Re: Prosba o kontrolu

Napsal: 06 bře 2016 21:42
od Rudy
To jsem rád. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz