Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Log z programu FRST

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
DušanJ
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 12 srp 2013 10:20

Log z programu FRST

#1 Příspěvek od DušanJ »

Dobrý den, můžete mi prosím zkontrolovat log z programu FRST. Poslední dobou se počítač seká a vyskakují nechtěné okna.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2016 01
Ran by Monika (administrator) on NTB-OBROVSTI (11-08-2016 14:18:16)
Running from C:\Users\Monika\Desktop
Loaded Profiles: UpdatusUser & Monika (Available Profiles: UpdatusUser & Monika & Jakub & Bětka & Anička)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ClanServers Hosting LLC) C:\Users\Monika\Documents\GameTracker\GSInGameService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(© 2015 Microsoft Corporation) C:\Users\Monika\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Zemi Interactive Inc.) C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760456 2013-08-23] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-28] (NVIDIA Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe [327680 2014-04-24] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-12] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\RunOnce: [PC-Doctor for Windows REBOOT] => [X]
HKLM-x32\...\RunOnce: [20160527] => "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" "C:\Program Files\AVAST Software\Avast\0fdebdcd-2fab-4dee-9f4b-0fe35cbbf5d7\0a05621c-0474-4b1c-a3d6-cfa6ef05e6af.dll",_stage2@16
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Monika\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Monika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [GameTracker] => C:\Users\Monika\Documents\GameTracker\GTLite.exe [4019992 2013-12-19] (ClanServers Hosting LLC)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [BingSvc] => C:\Users\Monika\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Winlogon: [Shell]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-12] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Startup: C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2015-03-07]
ShortcutTarget: IMVU.lnk -> C:\Users\Monika\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\Bětka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2015-03-31]
ShortcutTarget: IMVU.lnk -> C:\Users\Monika\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{1A9028D4-AA27-4B59-8CEB-B0522BA5B7E5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9F3561FE-5C71-44B2-898D-F03E437D9E7F}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
URLSearchHook: [S-1-5-21-4052817847-2273277663-1595149674-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {05376085-003D-4989-8A71-F01A1740F604} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {7A44216F-9BBF-41AE-9D3A-070739892850} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {83352255-10D3-44CF-8614-8B2CB325AE9B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {86522E4C-ADD2-49F9-A328-0C2FD86CCFCC} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {89C267C6-60CC-43DD-8FD0-25F1C2E32B09} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {928C17D9-5E6E-4E4F-8544-3AF55CAECD88} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D317B499-F544-4082-8A04-9D98B04A3E6B}&mid=1a3a0b3a22f647d2a1e82db1e8ace140-912bf28cefdcc12e2249a5566f71fa17a384c7a8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0915av&pr=fr&d=2015-09-27 14:00:38&v=4.1.6.294&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {C14C2763-50A7-491F-8064-BF07E5419808} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {C2ED1750-66C0-4EA1-A198-EF38842E0B17} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {CF373A4C-060B-4D55-9D42-E1F1C300BFA6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-09-27] (AVG)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-05] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-05] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-15] (AVG Secure Search)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.omniboxes.com/?type=sc&ts=143151212 ... XXW3810QXZ

FireFox:
========
FF ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxps://www.seznam.cz/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-11] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\avg-secure-search.xml [2015-06-09]
FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\bing-.xml [2016-02-12]
FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\seznam-avast.xml [2015-06-28]
FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\webssearches.xml [2015-06-28]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2015-06-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-09-27]
FF Extension: Bing Search - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-02-12]
FF Extension: Seznam lištička - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-01-30]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-11]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Web TuneUp\FireFoxExt\4.1.6.294 => not found
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\extensions\searchffv2@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\extensions\sweetsearch@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-11]
CHR Extension: (Яндекс) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aminlpmkfcdibgpgfajlgnamicjckkjf [2015-05-11]
CHR Extension: (Dokumenty Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-11]
CHR Extension: (Disk Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-11]
CHR Extension: (YouTube) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-11]
CHR Extension: (Avast Online Security) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-08-11]
CHR Extension: (Avast SafePrice) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-08-02]
CHR Extension: (Bing) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-08-11]
CHR Extension: (Tabulky Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-11]
CHR Extension: (Avast Online Security) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-08-11]
CHR Extension: (Стартовая — Яндекс) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdkihdhlegcdggknokfekoemkjjnjhgi [2016-08-11]
CHR Extension: (Skype) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-08-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-11]
CHR Extension: (Gmail) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-11]
CHR HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aminlpmkfcdibgpgfajlgnamicjckkjf] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-02-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-12]
CHR HKLM-x32\...\Chrome\Extension: [jdkihdhlegcdggknokfekoemkjjnjhgi] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-12] (AVAST Software)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 GS In-Game Service; C:\Users\Monika\Documents\GameTracker\GSInGameService.exe [1677080 2013-12-19] (ClanServers Hosting LLC)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-11] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3341384 2015-03-03] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1728592 2015-02-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-11] (AVAST Software)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118216 2013-09-10] (Intel Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-09] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-28] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-05] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-11 13:48 - 2016-08-11 14:17 - 00041449 _____ C:\Users\Monika\Desktop\Addition.txt
2016-08-11 13:47 - 2016-08-11 14:18 - 00033591 _____ C:\Users\Monika\Desktop\FRST.txt
2016-08-11 11:35 - 2016-08-11 11:35 - 00004040 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2016-08-11 11:35 - 2016-08-11 11:35 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2016-08-11 11:35 - 2016-08-11 11:35 - 00003352 _____ C:\Windows\System32\Tasks\PCDDataUploadTask
2016-08-11 11:35 - 2016-08-11 11:35 - 00003228 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2016-08-11 11:33 - 2016-08-11 11:33 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2016-08-11 11:33 - 2016-08-11 11:33 - 00000000 ____D C:\Program Files\Dell Support Center
2016-08-11 10:59 - 2016-08-11 14:18 - 00000000 ____D C:\FRST
2016-08-11 10:58 - 2016-08-11 10:58 - 02393600 _____ (Farbar) C:\Users\Monika\Desktop\FRST64.exe
2016-08-11 10:32 - 2016-08-11 10:32 - 00000000 ____D C:\Users\Monika\AppData\Local\Yandex
2016-08-11 10:27 - 2016-08-11 10:21 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\asw43B8.tmp
2016-08-11 10:27 - 2016-08-11 10:20 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\asw43CB.tmp
2016-08-11 10:27 - 2016-08-11 10:19 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\asw43CD.tmp
2016-08-11 10:27 - 2016-02-12 22:21 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\asw43CE.tmp
2016-08-11 10:27 - 2016-02-12 22:20 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\asw43CF.tmp
2016-08-11 10:27 - 2016-02-12 22:20 - 00154024 _____ (AVAST Software) C:\Windows\system32\Drivers\ngv9F4F.tmp
2016-08-11 10:27 - 2016-02-12 22:20 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw43B9.tmp
2016-08-11 10:27 - 2016-02-12 22:20 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\asw43CC.tmp
2016-08-11 10:27 - 2016-02-12 22:20 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw43CA.tmp
2016-08-11 10:27 - 2016-02-12 22:20 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\asw43B7.tmp
2016-08-11 10:26 - 2016-08-11 10:26 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-11 10:26 - 2016-08-11 10:25 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-08-11 10:26 - 2016-08-11 10:25 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-08-11 10:25 - 2016-08-11 10:25 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-11 13:36 - 2015-05-11 13:25 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-11 13:31 - 2014-09-13 22:25 - 00000958 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4052817847-2273277663-1595149674-1007UA.job
2016-08-11 13:26 - 2014-06-12 22:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-11 12:28 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-11 12:07 - 2014-06-05 14:05 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4052817847-2273277663-1595149674-1002
2016-08-11 11:54 - 2014-06-05 23:54 - 00000000 ____D C:\Users\Monika\AppData\Roaming\PCDr
2016-08-11 11:47 - 2014-12-13 10:47 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Skype
2016-08-11 11:33 - 2013-12-30 14:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-08-11 11:33 - 2013-12-30 14:14 - 00000000 ____D C:\ProgramData\PCDr
2016-08-11 11:04 - 2015-12-06 19:45 - 00000000 ____D C:\Users\Monika\AppData\Local\LogMeIn Hamachi
2016-08-11 10:58 - 2014-06-05 21:52 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{60E4D64B-8E8E-43B4-A300-5E871659C23F}
2016-08-11 10:47 - 2014-10-30 22:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-11 10:47 - 2014-10-30 22:21 - 00000000 ____D C:\ProgramData\Skype
2016-08-11 10:44 - 2015-05-11 13:38 - 00002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-11 10:44 - 2015-05-11 13:38 - 00002497 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-11 10:36 - 2015-05-11 13:25 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-11 10:32 - 2014-10-05 17:51 - 00000000 ____D C:\Users\Monika\AppData\LocalLow\Yandex
2016-08-11 10:31 - 2015-05-11 13:25 - 00003958 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-11 10:31 - 2015-05-11 13:25 - 00003722 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-11 10:26 - 2015-06-27 20:13 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-11 10:26 - 2014-06-12 22:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-08-11 10:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-08-11 10:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-08-11 10:25 - 2016-02-12 22:21 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-08-11 10:25 - 2015-06-27 20:13 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-08-11 10:23 - 2013-12-30 14:18 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-08-11 10:21 - 2013-12-30 13:53 - 01749406 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-11 10:21 - 2013-08-23 00:08 - 00740962 _____ C:\Windows\system32\perfh005.dat
2016-08-11 10:21 - 2013-08-23 00:08 - 00152146 _____ C:\Windows\system32\perfc005.dat
2016-08-11 10:17 - 2015-06-27 20:14 - 00000000 ____D C:\Windows\SysWOW64\vbox
2016-08-11 10:17 - 2015-06-27 20:14 - 00000000 ____D C:\Windows\system32\vbox
2016-08-11 10:15 - 2015-08-07 14:06 - 00003294 _____ C:\Windows\System32\Tasks\Intel(R) Rapid Start Technology Manager
2016-08-11 10:14 - 2014-06-05 13:59 - 00000000 ____D C:\Users\Monika
2016-08-11 10:14 - 2013-12-30 14:05 - 00000000 ____D C:\Users\UpdatusUser
2016-08-11 10:14 - 2013-12-30 14:05 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-11 10:14 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

==================== Files in the root of some directories =======

2014-06-23 17:36 - 2014-06-24 18:47 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-06-05 22:09 - 2014-06-05 22:09 - 0000017 _____ () C:\Users\Monika\AppData\Local\resmon.resmoncfg
2013-12-30 13:39 - 2013-12-30 13:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-02 11:08 - 2015-08-02 11:08 - 0000195 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-12-30 14:13 - 2013-12-30 14:14 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-12-30 14:10 - 2013-12-30 14:11 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-12-30 14:11 - 2013-12-30 14:12 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-12-30 14:12 - 2013-12-30 14:13 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2013-12-30 14:10 - 2013-12-30 14:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\Anička\AppData\Local\Temp\InstallIMVU_504.0.exe
C:\Users\Anička\AppData\Local\Temp\lite_installer.exe
C:\Users\Anička\AppData\Local\Temp\sender.exe
C:\Users\Anička\AppData\Local\Temp\Setup-yabrowser.exe
C:\Users\Anička\AppData\Local\Temp\yupdate-exec-yabrowser.exe
C:\Users\Jakub\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Monika\AppData\Local\Temp\avguirn_08359374125.exe
C:\Users\Monika\AppData\Local\Temp\BingSvc.exe
C:\Users\Monika\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Monika\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Monika\AppData\Local\Temp\sender.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-11 10:58

==================== End of FRST.txt ============================
Přílohy
Addition.zip
(10.82 KiB) Staženo 41 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Log z programu FRST

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
DušanJ
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 12 srp 2013 10:20

Re: Log z programu FRST

#3 Příspěvek od DušanJ »

Provedl jsem jak jste psal. Po skenu jsem dal clean. Napsalo mi to, že po restartu mi vyskočí log, ale nic nevyskočilo. Dal jsem tedy opět scanovat a nic to nenašlo. Nicméně posílám log, který mi to dalo, než jsem dal clean.

# AdwCleaner v5.201 - Log vytvořen 12/08/2016 v 07:15:11
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-08-12.1 [Server]
# Operační system : Windows 8.1 (X64)
# Uživatelské jméno : Monika - NTB-OBROVSTI
# Spuštěno z : C:\Users\Monika\Downloads\adwcleaner_5.201.exe
# Nastavení : Sken
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****

Složka Nalezeno : C:\ProgramData\AVG SafeGuard toolbar
Složka Nalezeno : C:\ProgramData\AVG Secure Search
Složka Nalezeno : C:\ProgramData\AVG Security Toolbar
Složka Nalezeno : C:\ProgramData\IHProtectUpDate
Složka Nalezeno : C:\ProgramData\avg web tuneup
Složka Nalezeno : C:\ProgramData\Avg_Update_0215tb
Složka Nalezeno : C:\ProgramData\Avg_Update_0814tb
Složka Nalezeno : C:\ProgramData\Avg_Update_1114tb
Složka Nalezeno : C:\ProgramData\Avg_Update_1214tb
Složka Nalezeno : C:\ProgramData\Application Data\AVG SafeGuard toolbar
Složka Nalezeno : C:\ProgramData\Application Data\AVG Secure Search
Složka Nalezeno : C:\ProgramData\Application Data\AVG Security Toolbar
Složka Nalezeno : C:\ProgramData\Application Data\IHProtectUpDate
Složka Nalezeno : C:\ProgramData\Application Data\avg web tuneup
Složka Nalezeno : C:\ProgramData\Application Data\Avg_Update_0215tb
Složka Nalezeno : C:\ProgramData\Application Data\Avg_Update_0814tb
Složka Nalezeno : C:\ProgramData\Application Data\Avg_Update_1114tb
Složka Nalezeno : C:\ProgramData\Application Data\Avg_Update_1214tb
Složka Nalezeno : C:\Program Files (x86)\AVG Security Toolbar
Složka Nalezeno : C:\Program Files (x86)\PriceLeses
Složka Nalezeno : C:\Program Files (x86)\Common Files\AVG Secure Search
Složka Nalezeno : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Složka Nalezeno : C:\Users\Monika\AppData\Local\AVG SafeGuard toolbar
Složka Nalezeno : C:\Users\Monika\AppData\Local\avg web tuneup
Složka Nalezeno : C:\Users\Monika\AppData\LocalLow\AVG SafeGuard toolbar
Složka Nalezeno : C:\Users\Monika\AppData\Roaming\omniboxes
Složka Nalezeno : C:\Users\Jakub\AppData\Local\AVG SafeGuard toolbar
Složka Nalezeno : C:\Users\Jakub\AppData\LocalLow\AVG SafeGuard toolbar
Složka Nalezeno : C:\Users\Bětka\AppData\Local\AVG SafeGuard toolbar
Složka Nalezeno : C:\Users\Bětka\AppData\LocalLow\AVG SafeGuard toolbar
Složka Nalezeno : C:\Users\Anička\AppData\Local\AVG SafeGuard toolbar
Složka Nalezeno : C:\Users\Anička\AppData\LocalLow\AVG SafeGuard toolbar
Složka Nalezeno : C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\51ynbdjc.default\extensions\yasearch@yandex.ru
Složka Nalezeno : C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Složka Nalezeno : C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aminlpmkfcdibgpgfajlgnamicjckkjf
Složka Nalezeno : C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdkihdhlegcdggknokfekoemkjjnjhgi
Složka Nalezeno : C:\Program Files\AVG SafeGuard toolbar
Složka Nalezeno : C:\Program Files\avg web tuneup

***** [ Soubory ] *****

Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
Soubor Nalezeno : C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\webssearches.xml
Soubor Nalezeno : C:\Users\Bětka\AppData\Roaming\Mozilla\Firefox\Profiles\agpyzbhh.default\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\51ynbdjc.default\extensions\vb@yandex.ru.xpi
Soubor Nalezeno : C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\51ynbdjc.default\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage
Soubor Nalezeno : C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage-journal

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****

Zástupce Infikováno : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.omniboxes.com/?type=sc&ts=143151212 ... XXW3810QXZ )
Zástupce Infikováno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( hxxp://www.omniboxes.com/?type=sc&ts=143151212 ... XXW3810QXZ )
Zástupce Infikováno : C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.omniboxes.com/?type=sc&ts=143151212 ... XXW3810QXZ )
Zástupce Infikováno : C:\Users\Monika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.omniboxes.com/?type=sc&ts=143151212 ... XXW3810QXZ )
Zástupce Infikováno : C:\Users\Monika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.omniboxes.com/?type=sc&ts=143151212 ... XXW3810QXZ )
Zástupce Infikováno : C:\Users\Monika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://www.omniboxes.com/?type=sc&ts=143151212 ... XXW3810QXZ )
Zástupce Infikováno : C:\Users\Bětka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.omniboxes.com/?type=sc&ts=143151212 ... XXW3810QXZ )

***** [ Naplánované úlohy ] *****

Úloha Nalezeno : amiupdaterExd
Úloha Nalezeno : amiupdaterExi

***** [ Registry ] *****

Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíč Nalezeno : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Klíč Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Klíč Nalezeno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\aminlpmkfcdibgpgfajlgnamicjckkjf
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\jdkihdhlegcdggknokfekoemkjjnjhgi
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.Protector
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Klíč Nalezeno : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč Nalezeno : HKCU\Software\AVG Security Toolbar
Klíč Nalezeno : HKCU\Software\Headlight
Klíč Nalezeno : HKCU\Software\Mozilla\Extends
Klíč Nalezeno : HKCU\Software\simplytech
Klíč Nalezeno : HKCU\Software\TNT2
Klíč Nalezeno : HKCU\Software\WEBAPP
Klíč Nalezeno : HKCU\Software\DC3_FEXEC
Klíč Nalezeno : HKCU\Software\SIMPLYTECH
Klíč Nalezeno : HKLM\SOFTWARE\AVG Security Toolbar
Klíč Nalezeno : HKLM\SOFTWARE\FFPluginHp
Klíč Nalezeno : HKLM\SOFTWARE\IHProtect
Klíč Nalezeno : HKLM\SOFTWARE\omniboxesSoftware
Klíč Nalezeno : HKLM\SOFTWARE\SupDp
Klíč Nalezeno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Nalezeno : HKLM\SOFTWARE\AVG Tuneup
Klíč Nalezeno : HKLM\SOFTWARE\SUPDP
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SEARCHPROTECT
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\AVG Security Toolbar
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Headlight
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Mozilla\Extends
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\simplytech
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\TNT2
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\WEBAPP
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\DC3_FEXEC
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\SIMPLYTECH
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\SEARCHPROTECT
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
Data Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
Data Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
Data Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
Data Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.omniboxes.com/web/?type=ds&ts=14315 ... earchTerms}
Data Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.omniboxes.com/?type=hp&ts=143151212 ... XXW3810QXZ
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Nalezeno : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.omniboxes.com/?type=sc&ts=143151212 ... XXW3810QXZ
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omniboxes.com
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.omniboxes.com
Hodnota Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
Klíč Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect

***** [ Prohlížeče ] *****

[C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\prefs.js] Nalezeno : user_pref("browser.search.searchengine.searchengine.uid", "[xpconnect wrapped nsIUUIDGenerator]");
[C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\prefs.js] Nalezeno : user_pref("extensions.quick_start.enable_search1", false);
[C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\prefs.js] Nalezeno : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\51ynbdjc.default\prefs.js] Nalezeno : user_pref("extensions.vb@yandex.ru.description", "Keep all your favorite sites in one place with Visual Bookmarks. Simply click on the one of the mini webpages to visit a site. You can customize the n[...]
[C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : omniboxes
[C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Nalezeno : hxxp://www.omniboxes.com/webfavicon.ico
[C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : aminlpmkfcdibgpgfajlgnamicjckkjf
[C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : fcfenmboojpjinhpgggodefccipikbpd
[C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : jdkihdhlegcdggknokfekoemkjjnjhgi

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [19731 bytů] - [12/08/2016 07:15:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [19805 bytů] ##########
Nahoru
DušanJ
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 12 srp 2013 10:20

Re: Log z programu FRST

#4 Příspěvek od DušanJ »

Tak ten log vyjel, ale až tak po půl hodině :-(
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Log z programu FRST

#5 Příspěvek od Rudy »

To se někdy může stát. ADW ale nemazal, neklikl jste na mazání. Zkuste ještě jednou.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
DušanJ
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 12 srp 2013 10:20

Re: Log z programu FRST

#6 Příspěvek od DušanJ »

Po dojezdu jsem dal clean. Potom jsem znovu spustil ADW a ten již nic nenašel. Ale stejně se NTB chová divně. A nevím zdali to má souvislost s virem či jinou havětí. Vše tak nějak spouští hodně zpomaleně. Chtěl jsem odinstalovat IE a než se vše spustilo utekla hodina. Takže zřejmě půjde i HW chybu. Nebo že by opravdu nějaký vir, který mi řádí na pozadí systému?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Log z programu FRST

#7 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
DušanJ
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 12 srp 2013 10:20

Re: Log z programu FRST

#8 Příspěvek od DušanJ »

Dobrý den,

posílám log z programu FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2016 01
Ran by Monika (administrator) on NTB-OBROVSTI (17-08-2016 07:36:18)
Running from C:\Users\Monika\Desktop
Loaded Profiles: UpdatusUser & Monika (Available Profiles: UpdatusUser & Monika & Jakub & Bětka & Anička)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ClanServers Hosting LLC) C:\Users\Monika\Documents\GameTracker\GSInGameService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(© 2015 Microsoft Corporation) C:\Users\Monika\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760456 2013-08-23] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-28] (NVIDIA Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe [327680 2014-04-24] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-08-12] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Monika\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Monika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [GameTracker] => C:\Users\Monika\Documents\GameTracker\GTLite.exe [4019992 2013-12-19] (ClanServers Hosting LLC)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [BingSvc] => C:\Users\Monika\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\MountPoints2: {c7342a0e-7146-11e3-824b-806e6f6e6963} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL http://www.ultimatebootcd.com/
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Winlogon: [Shell]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-11] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Startup: C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2015-03-07]
ShortcutTarget: IMVU.lnk -> C:\Users\Monika\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\Bětka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2015-03-31]
ShortcutTarget: IMVU.lnk -> C:\Users\Monika\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{1A9028D4-AA27-4B59-8CEB-B0522BA5B7E5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9F3561FE-5C71-44B2-898D-F03E437D9E7F}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
URLSearchHook: [S-1-5-21-4052817847-2273277663-1595149674-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {05376085-003D-4989-8A71-F01A1740F604} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {7A44216F-9BBF-41AE-9D3A-070739892850} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {83352255-10D3-44CF-8614-8B2CB325AE9B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {86522E4C-ADD2-49F9-A328-0C2FD86CCFCC} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {89C267C6-60CC-43DD-8FD0-25F1C2E32B09} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {928C17D9-5E6E-4E4F-8544-3AF55CAECD88} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {C14C2763-50A7-491F-8064-BF07E5419808} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {C2ED1750-66C0-4EA1-A198-EF38842E0B17} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {CF373A4C-060B-4D55-9D42-E1F1C300BFA6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-11] (AVAST Software)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-08-11] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-05] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-11] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-11] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-05] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-08-11] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-11] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxps://www.seznam.cz/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\bing-.xml [2016-02-12]
FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\seznam-avast.xml [2015-06-28]
FF Extension: Bing Search - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-02-12]
FF Extension: Seznam lištička - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-01-30]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-12]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-11]
CHR Extension: (Dokumenty Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-11]
CHR Extension: (Disk Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-11]
CHR Extension: (YouTube) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-11]
CHR Extension: (Avast Online Security) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-08-11]
CHR Extension: (Avast SafePrice) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-08-02]
CHR Extension: (Tabulky Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-11]
CHR Extension: (Avast Online Security) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-08-11]
CHR Extension: (Skype) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-08-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-11]
CHR Extension: (Gmail) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-11]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-08-11] (AVAST Software)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 GS In-Game Service; C:\Users\Monika\Documents\GameTracker\GSInGameService.exe [1677080 2013-12-19] (ClanServers Hosting LLC)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-11] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3341384 2015-03-03] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1728592 2015-02-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-12] (AVAST Software)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118216 2013-09-10] (Intel Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-09] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-28] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-05] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-17 07:36 - 2016-08-17 07:36 - 00028222 _____ C:\Users\Monika\Desktop\FRST.txt
2016-08-17 07:36 - 2016-08-17 07:36 - 00000000 ____D C:\Users\Monika\Desktop\FRST-OlderVersion
2016-08-15 08:35 - 2016-08-15 08:41 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-08-15 08:35 - 2016-08-15 08:41 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-08-15 08:35 - 2016-08-15 08:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-08-15 08:35 - 2016-08-15 08:35 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-08-12 10:30 - 2016-08-12 10:30 - 00000000 ____D C:\Users\Monika\AppData\Local\CEF
2016-08-12 10:27 - 2016-08-12 10:27 - 00642632 _____ (EFD Software ) C:\Users\Monika\Downloads\hdtune_255.exe
2016-08-12 10:27 - 2016-08-12 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2016-08-12 10:27 - 2016-08-12 10:27 - 00000000 ____D C:\Program Files (x86)\HD Tune
2016-08-12 07:34 - 2016-08-12 07:34 - 00001940 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-08-12 07:33 - 2016-08-11 10:26 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-12 07:14 - 2016-08-12 07:48 - 00000000 ____D C:\AdwCleaner
2016-08-11 11:35 - 2016-08-11 11:35 - 00004040 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2016-08-11 11:35 - 2016-08-11 11:35 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2016-08-11 11:35 - 2016-08-11 11:35 - 00003352 _____ C:\Windows\System32\Tasks\PCDDataUploadTask
2016-08-11 11:35 - 2016-08-11 11:35 - 00003228 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2016-08-11 11:33 - 2016-08-11 11:33 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2016-08-11 11:33 - 2016-08-11 11:33 - 00000000 ____D C:\Program Files\Dell Support Center
2016-08-11 10:59 - 2016-08-17 07:36 - 00000000 ____D C:\FRST
2016-08-11 10:58 - 2016-08-17 07:36 - 02394624 _____ (Farbar) C:\Users\Monika\Desktop\FRST64.exe
2016-08-11 10:32 - 2016-08-11 10:32 - 00000000 ____D C:\Users\Monika\AppData\Local\Yandex
2016-08-11 10:26 - 2016-08-11 10:25 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-08-11 10:26 - 2016-08-11 10:25 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-08-11 10:25 - 2016-08-11 10:25 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-17 07:36 - 2015-06-27 20:13 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-17 07:36 - 2015-05-11 13:25 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-17 07:36 - 2014-12-13 10:47 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Skype
2016-08-17 07:30 - 2014-09-13 22:25 - 00000958 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4052817847-2273277663-1595149674-1007UA.job
2016-08-17 07:26 - 2014-06-12 22:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-17 02:32 - 2014-06-05 21:52 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{60E4D64B-8E8E-43B4-A300-5E871659C23F}
2016-08-16 22:31 - 2014-09-13 22:25 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4052817847-2273277663-1595149674-1007Core.job
2016-08-16 10:36 - 2015-05-11 13:25 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-16 04:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-08-15 14:42 - 2015-12-06 19:45 - 00000000 ____D C:\Users\Monika\AppData\Local\LogMeIn Hamachi
2016-08-15 13:35 - 2013-12-30 14:18 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-08-15 13:31 - 2013-12-30 13:53 - 01749406 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-15 13:31 - 2013-08-23 00:08 - 00740962 _____ C:\Windows\system32\perfh005.dat
2016-08-15 13:31 - 2013-08-23 00:08 - 00152146 _____ C:\Windows\system32\perfc005.dat
2016-08-15 13:31 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-15 13:27 - 2015-08-07 14:06 - 00003290 _____ C:\Windows\System32\Tasks\Intel(R) Rapid Start Technology Manager
2016-08-15 13:27 - 2013-12-30 14:05 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-15 13:27 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-15 13:26 - 2013-12-30 14:05 - 00000000 ____D C:\Users\UpdatusUser
2016-08-15 10:58 - 2014-06-05 23:54 - 00000000 ____D C:\Users\Monika\AppData\Roaming\PCDr
2016-08-15 10:57 - 2014-06-05 14:05 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4052817847-2273277663-1595149674-1002
2016-08-12 14:57 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-12 11:57 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-08-12 10:14 - 2014-10-30 22:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-12 07:34 - 2016-02-12 22:27 - 00003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1455308871
2016-08-12 07:34 - 2016-02-12 22:27 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-12 07:34 - 2015-06-27 20:13 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147098006726505
2016-08-12 07:34 - 2015-06-27 20:13 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-12 07:31 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-08-12 07:30 - 2014-06-05 13:59 - 00000000 ____D C:\Users\Monika
2016-08-12 07:29 - 2015-05-11 13:38 - 00001324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-12 07:29 - 2015-05-11 13:38 - 00001312 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-11 11:33 - 2013-12-30 14:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-08-11 11:33 - 2013-12-30 14:14 - 00000000 ____D C:\ProgramData\PCDr
2016-08-11 10:47 - 2014-10-30 22:21 - 00000000 ____D C:\ProgramData\Skype
2016-08-11 10:32 - 2014-10-05 17:51 - 00000000 ____D C:\Users\Monika\AppData\LocalLow\Yandex
2016-08-11 10:31 - 2015-05-11 13:25 - 00003958 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-11 10:31 - 2015-05-11 13:25 - 00003722 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-11 10:26 - 2015-06-27 20:13 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147098006720304
2016-08-11 10:26 - 2015-06-27 20:13 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-08-11 10:26 - 2014-06-12 22:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-08-11 10:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-08-11 10:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-08-11 10:25 - 2016-02-12 22:21 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-08-11 10:25 - 2015-06-27 20:13 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-08-11 10:17 - 2015-06-27 20:14 - 00000000 ____D C:\Windows\SysWOW64\vbox
2016-08-11 10:17 - 2015-06-27 20:14 - 00000000 ____D C:\Windows\system32\vbox

==================== Files in the root of some directories =======

2014-06-23 17:36 - 2014-06-24 18:47 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-06-05 22:09 - 2014-06-05 22:09 - 0000017 _____ () C:\Users\Monika\AppData\Local\resmon.resmoncfg
2013-12-30 13:39 - 2013-12-30 13:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-02 11:08 - 2015-08-02 11:08 - 0000195 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-12-30 14:13 - 2013-12-30 14:14 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-12-30 14:10 - 2013-12-30 14:11 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-12-30 14:11 - 2013-12-30 14:12 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-12-30 14:12 - 2013-12-30 14:13 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2013-12-30 14:10 - 2013-12-30 14:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\Anička\AppData\Local\Temp\InstallIMVU_504.0.exe
C:\Users\Anička\AppData\Local\Temp\lite_installer.exe
C:\Users\Anička\AppData\Local\Temp\sender.exe
C:\Users\Anička\AppData\Local\Temp\Setup-yabrowser.exe
C:\Users\Anička\AppData\Local\Temp\yupdate-exec-yabrowser.exe
C:\Users\Jakub\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Monika\AppData\Local\Temp\avguirn_08359374125.exe
C:\Users\Monika\AppData\Local\Temp\BingSvc.exe
C:\Users\Monika\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Monika\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Monika\AppData\Local\Temp\sender.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-15 02:47

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Log z programu FRST

#9 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [BingSvc] => C:\Users\Monika\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-12] (© 2015 Microsoft Corporation)
ShortcutTarget: IMVU.lnk -> C:\Users\Monika\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
ShortcutTarget: IMVU.lnk -> C:\Users\Monika\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
URLSearchHook: [S-1-5-21-4052817847-2273277663-1595149674-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-08-11] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-11] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-08-11] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-11] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4052817847-2273277663-1595149674-1007UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4052817847-2273277663-1595149674-1007Core.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Anička\AppData\Local\Temp
C:\Users\Jakub\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
DušanJ
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 12 srp 2013 10:20

Re: Log z programu FRST

#10 Příspěvek od DušanJ »

Tak po skončení mi žádný log nevyběhl. Ale jeden se uložil na plochu a ten dávám jako přílohu. Nicméně jsem dal opět hledat a přikládám log z programu FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-08-2016
Ran by Monika (administrator) on NTB-OBROVSTI (19-08-2016 12:18:01)
Running from C:\Users\Monika\Desktop
Loaded Profiles: UpdatusUser & Monika (Available Profiles: UpdatusUser & Monika & Jakub & Bětka & Anička)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ClanServers Hosting LLC) C:\Users\Monika\Documents\GameTracker\GSInGameService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Zemi Interactive Inc.) C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\OptionalFeatures.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760456 2013-08-23] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-28] (NVIDIA Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe [327680 2014-04-24] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-08-12] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2016-06-23] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Monika\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Monika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [GameTracker] => C:\Users\Monika\Documents\GameTracker\GTLite.exe [4019992 2013-12-19] (ClanServers Hosting LLC)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\MountPoints2: {c7342a0e-7146-11e3-824b-806e6f6e6963} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL http://www.ultimatebootcd.com/
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\...\Winlogon: [Shell]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-11] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Startup: C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2015-03-07]
ShortcutTarget: IMVU.lnk -> C:\Users\Monika\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\Bětka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2015-03-31]
ShortcutTarget: IMVU.lnk -> C:\Users\Monika\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{1A9028D4-AA27-4B59-8CEB-B0522BA5B7E5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9F3561FE-5C71-44B2-898D-F03E437D9E7F}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-4052817847-2273277663-1595149674-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
URLSearchHook: [S-1-5-21-4052817847-2273277663-1595149674-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {05376085-003D-4989-8A71-F01A1740F604} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {7A44216F-9BBF-41AE-9D3A-070739892850} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {83352255-10D3-44CF-8614-8B2CB325AE9B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {86522E4C-ADD2-49F9-A328-0C2FD86CCFCC} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {89C267C6-60CC-43DD-8FD0-25F1C2E32B09} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {928C17D9-5E6E-4E4F-8544-3AF55CAECD88} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {C14C2763-50A7-491F-8064-BF07E5419808} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {C2ED1750-66C0-4EA1-A198-EF38842E0B17} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-4052817847-2273277663-1595149674-1002 -> {CF373A4C-060B-4D55-9D42-E1F1C300BFA6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-05] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-05] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\bing-.xml [2016-02-12]
FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\searchplugins\seznam-avast.xml [2015-06-28]
FF Extension: Bing Search - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-02-12]
FF Extension: Seznam lištička - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\9obj0o4o.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-01-30]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-12]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-11]
CHR Extension: (Dokumenty Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-11]
CHR Extension: (Disk Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-11]
CHR Extension: (YouTube) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-11]
CHR Extension: (Avast Online Security) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-08-11]
CHR Extension: (Avast SafePrice) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-08-02]
CHR Extension: (Tabulky Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-11]
CHR Extension: (Avast Online Security) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-08-11]
CHR Extension: (Skype) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-08-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-11]
CHR Extension: (Gmail) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-11]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-08-11] (AVAST Software)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 GS In-Game Service; C:\Users\Monika\Documents\GameTracker\GSInGameService.exe [1677080 2013-12-19] (ClanServers Hosting LLC)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-11] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3341384 2015-03-03] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1728592 2015-02-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-12] (AVAST Software)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118216 2013-09-10] (Intel Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-09] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-28] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-05] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 07:58 - 2016-08-19 07:58 - 00010174 _____ C:\Users\Monika\Desktop\Fixlog.txt
2016-08-17 07:36 - 2016-08-19 12:18 - 00025057 _____ C:\Users\Monika\Desktop\FRST.txt
2016-08-17 07:36 - 2016-08-19 07:58 - 00000000 ____D C:\Users\Monika\Desktop\FRST-OlderVersion
2016-08-17 07:36 - 2016-08-17 07:37 - 00038746 _____ C:\Users\Monika\Desktop\Addition.txt
2016-08-15 08:35 - 2016-08-15 08:41 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-08-15 08:35 - 2016-08-15 08:41 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-08-15 08:35 - 2016-08-15 08:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-08-15 08:35 - 2016-08-15 08:35 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-08-12 10:30 - 2016-08-12 10:30 - 00000000 ____D C:\Users\Monika\AppData\Local\CEF
2016-08-12 10:27 - 2016-08-12 10:27 - 00642632 _____ (EFD Software ) C:\Users\Monika\Downloads\hdtune_255.exe
2016-08-12 10:27 - 2016-08-12 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2016-08-12 10:27 - 2016-08-12 10:27 - 00000000 ____D C:\Program Files (x86)\HD Tune
2016-08-12 07:34 - 2016-08-12 07:34 - 00001940 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-08-12 07:33 - 2016-08-11 10:26 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-12 07:14 - 2016-08-12 07:48 - 00000000 ____D C:\AdwCleaner
2016-08-11 11:35 - 2016-08-11 11:35 - 00004040 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2016-08-11 11:35 - 2016-08-11 11:35 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2016-08-11 11:35 - 2016-08-11 11:35 - 00003352 _____ C:\Windows\System32\Tasks\PCDDataUploadTask
2016-08-11 11:35 - 2016-08-11 11:35 - 00003228 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2016-08-11 11:33 - 2016-08-11 11:33 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2016-08-11 11:33 - 2016-08-11 11:33 - 00000000 ____D C:\Program Files\Dell Support Center
2016-08-11 10:59 - 2016-08-19 12:17 - 00000000 ____D C:\FRST
2016-08-11 10:58 - 2016-08-19 07:58 - 02394624 _____ (Farbar) C:\Users\Monika\Desktop\FRST64.exe
2016-08-11 10:32 - 2016-08-11 10:32 - 00000000 ____D C:\Users\Monika\AppData\Local\Yandex
2016-08-11 10:26 - 2016-08-11 10:25 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-08-11 10:26 - 2016-08-11 10:25 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-08-11 10:25 - 2016-08-11 10:25 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 11:26 - 2014-06-12 22:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-19 10:58 - 2014-06-05 23:54 - 00000000 ____D C:\Users\Monika\AppData\Roaming\PCDr
2016-08-19 09:29 - 2014-12-13 10:47 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Skype
2016-08-19 08:14 - 2013-12-30 14:18 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-08-19 08:10 - 2013-12-30 13:53 - 01749406 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-19 08:10 - 2013-08-23 00:08 - 00740962 _____ C:\Windows\system32\perfh005.dat
2016-08-19 08:10 - 2013-08-23 00:08 - 00152146 _____ C:\Windows\system32\perfc005.dat
2016-08-19 08:10 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-19 08:07 - 2015-12-06 19:45 - 00000000 ____D C:\Users\Monika\AppData\Local\LogMeIn Hamachi
2016-08-19 08:06 - 2015-08-07 14:06 - 00003294 _____ C:\Windows\System32\Tasks\Intel(R) Rapid Start Technology Manager
2016-08-19 08:06 - 2013-12-30 14:05 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-19 08:06 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-19 07:58 - 2014-10-30 22:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-19 06:39 - 2014-06-05 21:52 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{60E4D64B-8E8E-43B4-A300-5E871659C23F}
2016-08-17 07:57 - 2014-06-05 14:05 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4052817847-2273277663-1595149674-1002
2016-08-17 07:51 - 2014-06-05 21:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-08-17 07:36 - 2015-06-27 20:13 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-16 04:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-08-15 13:26 - 2013-12-30 14:05 - 00000000 ____D C:\Users\UpdatusUser
2016-08-12 14:57 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-12 11:57 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-08-12 07:34 - 2016-02-12 22:27 - 00003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1455308871
2016-08-12 07:34 - 2016-02-12 22:27 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-12 07:34 - 2015-06-27 20:13 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147098006726505
2016-08-12 07:34 - 2015-06-27 20:13 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-12 07:31 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-08-12 07:30 - 2014-06-05 13:59 - 00000000 ____D C:\Users\Monika
2016-08-12 07:29 - 2015-05-11 13:38 - 00001324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-12 07:29 - 2015-05-11 13:38 - 00001312 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-11 11:33 - 2013-12-30 14:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-08-11 11:33 - 2013-12-30 14:14 - 00000000 ____D C:\ProgramData\PCDr
2016-08-11 10:47 - 2014-10-30 22:21 - 00000000 ____D C:\ProgramData\Skype
2016-08-11 10:32 - 2014-10-05 17:51 - 00000000 ____D C:\Users\Monika\AppData\LocalLow\Yandex
2016-08-11 10:26 - 2015-06-27 20:13 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147098006720304
2016-08-11 10:26 - 2015-06-27 20:13 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-11 10:26 - 2015-06-27 20:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-08-11 10:26 - 2014-06-12 22:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-08-11 10:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-08-11 10:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-08-11 10:25 - 2016-02-12 22:21 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-08-11 10:25 - 2015-06-27 20:13 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-08-11 10:17 - 2015-06-27 20:14 - 00000000 ____D C:\Windows\SysWOW64\vbox
2016-08-11 10:17 - 2015-06-27 20:14 - 00000000 ____D C:\Windows\system32\vbox

==================== Files in the root of some directories =======

2014-06-23 17:36 - 2014-06-24 18:47 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-06-05 22:09 - 2014-06-05 22:09 - 0000017 _____ () C:\Users\Monika\AppData\Local\resmon.resmoncfg
2015-08-02 11:08 - 2015-08-02 11:08 - 0000195 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-12-30 14:13 - 2013-12-30 14:14 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-12-30 14:10 - 2013-12-30 14:11 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-12-30 14:11 - 2013-12-30 14:12 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-12-30 14:12 - 2013-12-30 14:13 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2013-12-30 14:10 - 2013-12-30 14:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\Monika\AppData\Local\Temp\avguirn_08359374125.exe
C:\Users\Monika\AppData\Local\Temp\BingSvc.exe
C:\Users\Monika\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Monika\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Monika\AppData\Local\Temp\sender.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-15 02:47

==================== End of FRST.txt ============================
Přílohy
Fixlog.zip
(10.05 KiB) Staženo 46 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Log z programu FRST

#11 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
DušanJ
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 12 srp 2013 10:20

Re: Log z programu FRST

#12 Příspěvek od DušanJ »

Zdravím, stále se systém chová divně. Zkusím Upgrade na Win 10. Jestli nepomůže, dám čistou instalaci a potom napíši co zabralo. Jinak NTB se jeví jako řádně odvšivený.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Log z programu FRST

#13 Příspěvek od Rudy »

Na ta nechtěná okna použijte tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Pak proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
DušanJ
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 12 srp 2013 10:20

Re: Log z programu FRST

#14 Příspěvek od DušanJ »

Zdravím, moc děkuji za pomoc, ale nakonec zvítězila čistá nová instalace. Šlo o to, že na ntb byl systém Win8. Tak jsem udělal upgrade na W10 a zlobilo to pořád. Tak jsem to kompletně celé smáznul a je tam čistá instalace. Ještě jednou děkuji za pomoc.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Log z programu FRST

#15 Příspěvek od Rudy »

Také řešení. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“