Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Google Captcha

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Kubason
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 03 říj 2016 19:50

Google Captcha

#1 Příspěvek od Kubason »

Ahoj,
tento problém se tu již řešil, při hledání přes google chce opsat text + je tam povídání:

"Naše systémy zjistily, že vaše počítačová síť je zdrojem neobvyklého provozu. Účelem této stránky je zkontrolovat, zda požadavky odesíláte skutečně vy, a ne robot."


Dle informací z webu může jít i o nějaký fujtabl na PC, nebo jen dočasný problém se stejným přidělením IP?

Jakmile se Captcha jednou zadá tak až do restartu s tím je klid. Na pc je CCleaner a Avast, ten nic nehlásí ani po skenu.

Díky za pomoc / info co dál.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Google Captcha

#2 Příspěvek od Rudy »

Zdravím!
Bývá to dočasný problém. Google vidí váš PC jako IP routeru vašeho poskytovatele. Za ním je skryto X PC stanic a kterákoli z nich může být zdrojem toho provozu. Google se tak brání případnému DDoS útoku. Situace se změní obvykle po 1 - 2 dnech.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kubason
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 03 říj 2016 19:50

Re: Google Captcha

#3 Příspěvek od Kubason »

Děkuji za rychlé info, zkoušel jsem na síti svůj notebook a ten nemá problém (a je připojen na stejnou síť již 3. dnem), požadavek na captchu je tak pouze na tom jednom PC , kde to takto zlobí 4-5 dní, mám něco sledovat/ zkontrolovat? Přikládám log z FRST.

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
Ran by cug (administrator) on CUG-PC (05-10-2016 20:18:12)
Running from C:\Users\cug\Desktop
Loaded Profiles: cug (Available Profiles: cug)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(forum.viry.cz) C:\Users\cug\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-675778828-1303985438-1065005754-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-675778828-1303985438-1065005754-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-29] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.152.40.4 10.152.40.5
Tcpip\..\Interfaces\{4D74C6A3-4AEF-4E27-8E6D-25890F9FC353}: [DhcpNameServer] 10.152.40.4 10.152.40.5

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-29] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-18] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-29] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-18] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File

FireFox:
========
FF DefaultProfile: 4uzd58pu.default-1414499184322
FF ProfilePath: C:\Users\cug\AppData\Roaming\Mozilla\Firefox\Profiles\4uzd58pu.default-1414499184322 [2016-10-05]
FF Extension: (Adblock Plus) - C:\Users\cug\AppData\Roaming\Mozilla\Firefox\Profiles\4uzd58pu.default-1414499184322\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: (Freemake Youtube Download Button) - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-07-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-07-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-07-10]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-07-10]

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\cug\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-08-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-29] (AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-10] (Freemake) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-29] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-29] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-13] (Duplex Secure Ltd.)
U3 as3up548; C:\Windows\System32\Drivers\as3up548.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-05 20:18 - 2016-10-05 20:18 - 00012739 _____ C:\Users\cug\Desktop\FRST.txt
2016-10-05 20:17 - 2016-10-05 20:18 - 00000000 ____D C:\FRST
2016-10-05 20:15 - 2016-10-05 20:15 - 00112640 _____ (forum.viry.cz) C:\Users\cug\Desktop\FRSTLauncher.exe
2016-10-05 20:14 - 2016-10-05 20:14 - 02405376 _____ (Farbar) C:\Users\cug\Desktop\FRST64.exe
2016-10-03 21:25 - 2016-10-03 21:26 - 00000000 ____D C:\Program Files\trend micro
2016-10-03 18:25 - 2016-10-03 18:25 - 00565231 _____ C:\Users\cug\Downloads\J.-K.-Rowling---Harry-Potter-and-the-Philosopher's-Stone---Eng-book.1.mobi
2016-10-03 18:23 - 2016-10-03 18:23 - 01084147 _____ C:\Users\cug\Downloads\J.-K.-Rowling---Harry-Potter-and-the-Philosopher's-Stone---Eng-book.1.pdf
2016-10-03 18:20 - 2016-10-03 18:20 - 01104492 _____ C:\Users\cug\Downloads\J.-K.-Rowling---Harry-Potter-and-the-Philosopher's-Stone---Eng-book.pdf
2016-10-02 19:08 - 2016-10-02 19:08 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-02 19:08 - 2016-10-02 19:08 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-02 19:08 - 2016-10-02 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-02 19:08 - 2016-10-02 19:08 - 00000000 ____D C:\Program Files\CCleaner
2016-10-02 19:07 - 2016-10-02 19:08 - 08244656 _____ (Piriform Ltd) C:\Users\cug\Desktop\ccsetup522.exe
2016-09-28 21:21 - 2016-09-28 21:21 - 00483728 _____ C:\Users\cug\Downloads\IMM5966_1-9V5QXFA.pdf
2016-09-28 21:21 - 2016-09-28 21:21 - 00480673 _____ C:\Users\cug\Downloads\IMM5954_1-9V5QXE5.pdf
2016-09-28 21:16 - 2016-09-28 21:16 - 00483429 _____ C:\Users\cug\Downloads\IMM5966_1-9V5RD0Z.pdf
2016-09-28 21:16 - 2016-09-28 21:16 - 00481411 _____ C:\Users\cug\Downloads\IMM5954_1-9V5RCZU.pdf
2016-09-28 16:59 - 2016-09-28 16:59 - 01836413 _____ C:\Users\cug\Downloads\draci.rar
2016-09-27 19:06 - 2016-09-27 19:08 - 00105626 _____ C:\Users\cug\Downloads\What-women-want(0000013951).srt
2016-09-27 17:30 - 2016-09-27 18:01 - 705618432 _____ C:\Users\cug\Downloads\What-Women-Want-eng.avi
2016-09-25 11:38 - 2016-09-25 13:09 - 1118085120 _____ C:\Users\cug\Downloads\Jak-vycvicit-draka-2-2014-CZ.avi
2016-09-24 18:38 - 2016-09-25 08:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 17:57 - 2016-09-22 19:13 - 881542696 _____ C:\Users\cug\Downloads\Teorie-tygra-(2016).avi
2016-09-13 16:07 - 2016-09-13 16:07 - 00000168 _____ C:\Users\cug\Downloads\tatry.vcf
2016-09-12 21:49 - 2016-09-12 21:49 - 00000000 ____D C:\Users\cug\Desktop\hawker-tempest
2016-09-12 21:44 - 2016-09-12 21:45 - 06427380 _____ C:\Users\cug\Downloads\Mistel---Osprey.pdf
2016-09-12 21:44 - 2016-09-12 21:44 - 06066810 _____ C:\Users\cug\Downloads\Osprey_Tunnel-Rat-in-Vietnam.pdf
2016-09-12 21:43 - 2016-09-12 21:43 - 05129649 _____ C:\Users\cug\Downloads\Osprey_US-macv-sog.pdf
2016-09-11 13:54 - 2016-09-11 15:29 - 1241099434 _____ C:\Users\cug\Downloads\Pán-a-paní-Smithovi_cz_Mr.-a-Mrs.-Smith.avi
2016-09-10 19:58 - 2016-09-10 19:58 - 00056468 _____ C:\Users\cug\Downloads\vstupenka_156422.pdf
2016-09-09 19:37 - 2016-09-09 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-09-08 18:48 - 2016-09-08 20:44 - 1459343492 _____ C:\Users\cug\Downloads\Rebelka-(2012)-CZ-Dab-BDRip-Animovaný-USA.avi
2016-09-07 19:28 - 2016-09-07 21:54 - 1751918582 _____ C:\Users\cug\Downloads\Co-jsme-komu-udělali-(komedie-2014---Ch.Clavier)cz---IRISA.avi
2016-09-06 20:57 - 2016-09-06 20:57 - 00000000 ____D C:\Users\cug\Downloads\SPORCL-PAVEL---Sporcelain-(CZ-2011)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-05 19:37 - 2016-02-04 17:20 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-05 19:35 - 2016-05-27 15:18 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-05 18:35 - 2016-05-27 15:18 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-05 16:09 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-05 16:09 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-05 16:01 - 2015-11-17 12:08 - 00003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1447754913
2016-10-05 16:01 - 2013-04-13 10:45 - 00000000 ____D C:\Program Files (x86)\Opera
2016-10-05 15:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-04 17:55 - 2013-09-19 22:54 - 00000000 ____D C:\Program Files (x86)\WarThunder
2016-10-04 16:55 - 2013-04-13 21:12 - 00000000 ____D C:\Users\cug\AppData\Roaming\vlc
2016-10-03 21:33 - 2013-04-14 19:59 - 00135376 _____ C:\Users\cug\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-03 21:30 - 2009-07-14 06:45 - 00455080 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-03 21:01 - 2013-06-13 09:41 - 00000000 ____D C:\ProgramData\Autodesk
2016-10-03 20:57 - 2013-06-22 14:43 - 00000000 ____D C:\Users\cug\Documents\Inventor
2016-10-03 18:30 - 2011-04-12 10:34 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-10-03 18:30 - 2011-04-12 10:34 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-10-03 18:30 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-03 18:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-03 16:31 - 2013-04-13 12:13 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-02 20:49 - 2016-02-28 11:17 - 00000000 ____D C:\Users\cug\Desktop\OSTATNI
2016-10-02 19:43 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-02 19:24 - 2013-04-15 16:32 - 00000000 ____D C:\Users\cug\Desktop\Aplikace
2016-10-02 19:23 - 2014-03-06 13:59 - 00000000 ____D C:\ProgramData\Skype
2016-10-02 19:23 - 2013-07-22 19:06 - 00000000 ____D C:\Program Files (x86)\ICQM
2016-10-02 19:16 - 2013-12-22 23:23 - 00000000 ____D C:\Program Files (x86)\HP
2016-10-02 19:13 - 2016-04-09 19:21 - 00000000 ____D C:\Users\cug\AppData\Roaming\MPC-HC
2016-10-02 19:13 - 2016-04-09 19:14 - 00000000 ____D C:\Users\cug\AppData\Roaming\Media Player Classic
2016-10-02 19:13 - 2013-05-02 16:05 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2016-10-02 19:13 - 2013-04-13 13:35 - 00000000 ____D C:\Users\cug\AppData\Roaming\DAEMON Tools Lite
2016-10-02 19:13 - 2013-04-13 11:05 - 00000000 ____D C:\Windows\Panther
2016-10-02 17:40 - 2013-04-13 15:21 - 00000000 ____D C:\Users\cug\AppData\Roaming\MediaMonkey
2016-10-01 20:34 - 2015-07-15 12:15 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-10-01 20:21 - 2014-12-12 10:05 - 00000000 ____D C:\Users\cug\Desktop\Kuba
2016-09-30 13:21 - 2016-02-28 11:14 - 00000000 ____D C:\Users\cug\Desktop\modely
2016-09-30 13:09 - 2014-10-29 15:57 - 00000000 ____D C:\Users\cug\Desktop\soubory PAJA
2016-09-25 08:32 - 2013-04-13 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-23 19:53 - 2014-03-06 13:59 - 00000000 ____D C:\Users\cug\AppData\Roaming\Skype
2016-09-14 17:37 - 2016-02-04 17:20 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 17:37 - 2015-07-15 12:15 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-09-14 17:37 - 2013-04-13 10:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 17:37 - 2013-04-13 10:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 17:37 - 2013-04-13 10:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-14 17:37 - 2013-04-13 10:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-13 19:52 - 2016-02-28 11:17 - 00000000 ____D C:\Users\cug\Desktop\svatba
2016-09-12 16:49 - 2014-11-05 22:16 - 00000000 ____D C:\Users\cug\Documents\DxO Optics Pro v8 logs
2016-09-12 16:22 - 2009-07-14 07:08 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-09 19:37 - 2013-05-19 16:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-06 21:10 - 2016-05-31 19:51 - 00000000 ____D C:\Users\cug\Desktop\stažené písničky svatba
2016-09-06 21:08 - 2014-01-10 00:54 - 00000000 ____D C:\Users\cug\Desktop\Pajuška+Kubík
2016-09-06 21:02 - 2016-02-28 11:14 - 00000000 ____D C:\Users\cug\Desktop\hory+lezeni

==================== Files in the root of some directories =======

2016-03-23 19:07 - 2016-03-23 19:07 - 0007160 _____ () C:\Users\cug\AppData\Local\recently-used.xbel
2013-12-22 23:23 - 2016-10-02 19:24 - 0002191 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\cug\AppData\Local\Temp\FNP_ACT_InstallerCA.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-11 09:03

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:161.13 GB) (Free:44.72 GB) NTFS
Drive d: () (Fixed) (Total:297.99 GB) (Free:4.87 GB) NTFS
Drive e: () (Fixed) (Total:304.63 GB) (Free:48.88 GB) NTFS

Available physical RAM: 5467.38 MB
Total physical RAM: 8189.24 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DAF9DAF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 702AEBBD)
Partition 1: (Not Active) - (Size=161.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=304.6 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\cug\Desktop" je 16776 MB.
 
 
***** Startup Programs *****
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\cug\AppData\Roaming\ICQM\icq.exe -CU [x]

 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
Přílohy
Addition.zip
(10.45 KiB) Staženo 94 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Google Captcha

#4 Příspěvek od Rudy »

Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kubason
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 03 říj 2016 19:50

Re: Google Captcha

#5 Příspěvek od Kubason »

# AdwCleaner v6.020 - Log soubor vytvořen 05/10/2016 na 21:21:36
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-10-03.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : cug - CUG-PC
# Beží od : C:\Users\cug\Desktop\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\cug\AppData\Local\slimware utilities inc
[-] Adresář smazán:C:\Users\Public\Documents\Downloaded Installers


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKU\S-1-5-21-675778828-1303985438-1065005754-1000\Software\SlimWare Utilities Inc
[-] Klíč smazán:HKU\S-1-5-21-675778828-1303985438-1065005754-1000\Software\Mail.Ru
[-] Klíč smazán:HKU\S-1-5-21-675778828-1303985438-1065005754-1000\Software\AppDataLow\Software

\Mail.Ru
[#] Klíč smazán po restartování:HKCU\Software\SlimWare Utilities Inc
[#] Klíč smazán po restartování:HKCU\Software\Mail.Ru
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Klíč smazán:HKLM\SOFTWARE\SlimWare Utilities Inc
[#] Klíč smazán po restartování:[x64] HKCU\Software\SlimWare Utilities Inc
[#] Klíč smazán po restartování:[x64] HKCU\Software\Mail.Ru
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\Software\Mail.Ru


Zdravím, děkuji za tip, vše proběhlo bez potíží, log zde:

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1728 Bajtů] - [05/10/2016 21:21:36]
C:\AdwCleaner\AdwCleaner[S0].txt - [2088 Bajtů] - [05/10/2016 21:20:07]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1876 Bajtů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Google Captcha

#6 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kubason
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 03 říj 2016 19:50

Re: Google Captcha

#7 Příspěvek od Kubason »

Ahoj,
tak se zdá že to je OK, dnes to už jede normálně a captchu to nechce.
Co vše tam bylo/je za potvory?
Má smysl teď dávat pryč avast a překopat to na Aviru + ZoneAlaram?
Edit: tak teď zase a opět captcha :/ ale vždy jen jednou a pak klid - tak budu sledovat...

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
Ran by cug (administrator) on CUG-PC (06-10-2016 14:39:10)
Running from C:\Users\cug\Desktop
Loaded Profiles: cug (Available Profiles: cug)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(forum.viry.cz) C:\Users\cug\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-675778828-1303985438-1065005754-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-675778828-1303985438-1065005754-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-29] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.152.40.4 10.152.40.5
Tcpip\..\Interfaces\{4D74C6A3-4AEF-4E27-8E6D-25890F9FC353}: [DhcpNameServer] 10.152.40.4 10.152.40.5

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-29] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-18] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-29] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-18] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File

FireFox:
========
FF DefaultProfile: 4uzd58pu.default-1414499184322
FF ProfilePath: C:\Users\cug\AppData\Roaming\Mozilla\Firefox\Profiles\4uzd58pu.default-1414499184322 [2016-10-06]
FF Extension: (Adblock Plus) - C:\Users\cug\AppData\Roaming\Mozilla\Firefox\Profiles\4uzd58pu.default-1414499184322\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: (Freemake Youtube Download Button) - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-07-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-07-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-07-10]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-07-10]

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\cug\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-08-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-29] (AVAST Software)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-10] (Freemake) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-29] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-29] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-13] (Duplex Secure Ltd.)
U3 as7ccvo7; C:\Windows\System32\Drivers\as7ccvo7.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-06 14:38 - 2016-10-06 14:38 - 00112640 _____ (forum.viry.cz) C:\Users\cug\Desktop\FRSTLauncher.exe
2016-10-05 21:18 - 2016-10-06 14:35 - 00000000 ____D C:\AdwCleaner
2016-10-05 21:18 - 2016-10-05 21:18 - 03861056 _____ C:\Users\cug\Desktop\adwcleaner_6.020.exe
2016-10-05 20:29 - 2016-07-27 21:41 - 01536458 _____ C:\Users\cug\Desktop\TreninkSportovnihoLezce.pdf
2016-10-05 20:23 - 2016-10-05 20:23 - 00010698 _____ C:\Users\cug\Desktop\Addition.zip
2016-10-05 20:18 - 2016-10-06 14:39 - 00012611 _____ C:\Users\cug\Desktop\FRST.txt
2016-10-05 20:17 - 2016-10-06 14:39 - 00000000 ____D C:\FRST
2016-10-05 20:14 - 2016-10-05 20:14 - 02405376 _____ (Farbar) C:\Users\cug\Desktop\FRST64.exe
2016-10-03 21:25 - 2016-10-03 21:26 - 00000000 ____D C:\Program Files\trend micro
2016-10-03 18:25 - 2016-10-03 18:25 - 00565231 _____ C:\Users\cug\Downloads\J.-K.-Rowling---Harry-Potter-and-the-Philosopher's-Stone---Eng-book.1.mobi
2016-10-03 18:23 - 2016-10-03 18:23 - 01084147 _____ C:\Users\cug\Downloads\J.-K.-Rowling---Harry-Potter-and-the-Philosopher's-Stone---Eng-book.1.pdf
2016-10-03 18:20 - 2016-10-03 18:20 - 01104492 _____ C:\Users\cug\Downloads\J.-K.-Rowling---Harry-Potter-and-the-Philosopher's-Stone---Eng-book.pdf
2016-10-02 19:08 - 2016-10-02 19:08 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-02 19:08 - 2016-10-02 19:08 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-02 19:08 - 2016-10-02 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-02 19:08 - 2016-10-02 19:08 - 00000000 ____D C:\Program Files\CCleaner
2016-10-02 19:07 - 2016-10-02 19:08 - 08244656 _____ (Piriform Ltd) C:\Users\cug\Desktop\ccsetup522.exe
2016-09-28 21:21 - 2016-09-28 21:21 - 00483728 _____ C:\Users\cug\Downloads\IMM5966_1-9V5QXFA.pdf
2016-09-28 21:21 - 2016-09-28 21:21 - 00480673 _____ C:\Users\cug\Downloads\IMM5954_1-9V5QXE5.pdf
2016-09-28 21:16 - 2016-09-28 21:16 - 00483429 _____ C:\Users\cug\Downloads\IMM5966_1-9V5RD0Z.pdf
2016-09-28 21:16 - 2016-09-28 21:16 - 00481411 _____ C:\Users\cug\Downloads\IMM5954_1-9V5RCZU.pdf
2016-09-28 16:59 - 2016-09-28 16:59 - 01836413 _____ C:\Users\cug\Downloads\draci.rar
2016-09-27 19:06 - 2016-09-27 19:08 - 00105626 _____ C:\Users\cug\Downloads\What-women-want(0000013951).srt
2016-09-27 17:30 - 2016-09-27 18:01 - 705618432 _____ C:\Users\cug\Downloads\What-Women-Want-eng.avi
2016-09-25 11:38 - 2016-09-25 13:09 - 1118085120 _____ C:\Users\cug\Downloads\Jak-vycvicit-draka-2-2014-CZ.avi
2016-09-24 18:38 - 2016-09-25 08:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 17:57 - 2016-09-22 19:13 - 881542696 _____ C:\Users\cug\Downloads\Teorie-tygra-(2016).avi
2016-09-12 21:49 - 2016-09-12 21:49 - 00000000 ____D C:\Users\cug\Desktop\hawker-tempest
2016-09-12 21:44 - 2016-09-12 21:45 - 06427380 _____ C:\Users\cug\Downloads\Mistel---Osprey.pdf
2016-09-12 21:44 - 2016-09-12 21:44 - 06066810 _____ C:\Users\cug\Downloads\Osprey_Tunnel-Rat-in-Vietnam.pdf
2016-09-12 21:43 - 2016-09-12 21:43 - 05129649 _____ C:\Users\cug\Downloads\Osprey_US-macv-sog.pdf
2016-09-11 13:54 - 2016-09-11 15:29 - 1241099434 _____ C:\Users\cug\Downloads\Pán-a-paní-Smithovi_cz_Mr.-a-Mrs.-Smith.avi
2016-09-10 19:58 - 2016-09-10 19:58 - 00056468 _____ C:\Users\cug\Downloads\vstupenka_156422.pdf
2016-09-09 19:37 - 2016-09-09 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-09-08 18:48 - 2016-09-08 20:44 - 1459343492 _____ C:\Users\cug\Downloads\Rebelka-(2012)-CZ-Dab-BDRip-Animovaný-USA.avi
2016-09-07 19:28 - 2016-09-07 21:54 - 1751918582 _____ C:\Users\cug\Downloads\Co-jsme-komu-udělali-(komedie-2014---Ch.Clavier)cz---IRISA.avi
2016-09-06 20:57 - 2016-09-06 20:57 - 00000000 ____D C:\Users\cug\Downloads\SPORCL-PAVEL---Sporcelain-(CZ-2011)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-06 14:37 - 2016-02-04 17:20 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-06 14:36 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-06 14:36 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-06 14:35 - 2016-05-27 15:18 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-06 14:29 - 2016-05-27 15:18 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-06 14:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-06 11:42 - 2013-04-13 21:12 - 00000000 ____D C:\Users\cug\AppData\Roaming\vlc
2016-10-05 20:30 - 2013-09-19 22:54 - 00000000 ____D C:\Program Files (x86)\WarThunder
2016-10-05 16:01 - 2015-11-17 12:08 - 00003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1447754913
2016-10-05 16:01 - 2013-04-13 10:45 - 00000000 ____D C:\Program Files (x86)\Opera
2016-10-03 21:33 - 2013-04-14 19:59 - 00135376 _____ C:\Users\cug\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-03 21:30 - 2009-07-14 06:45 - 00455080 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-03 21:01 - 2013-06-13 09:41 - 00000000 ____D C:\ProgramData\Autodesk
2016-10-03 20:57 - 2013-06-22 14:43 - 00000000 ____D C:\Users\cug\Documents\Inventor
2016-10-03 18:30 - 2011-04-12 10:34 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-10-03 18:30 - 2011-04-12 10:34 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-10-03 18:30 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-03 18:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-03 16:31 - 2013-04-13 12:13 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-02 20:49 - 2016-02-28 11:17 - 00000000 ____D C:\Users\cug\Desktop\OSTATNI
2016-10-02 19:43 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-02 19:24 - 2013-04-15 16:32 - 00000000 ____D C:\Users\cug\Desktop\Aplikace
2016-10-02 19:23 - 2014-03-06 13:59 - 00000000 ____D C:\ProgramData\Skype
2016-10-02 19:23 - 2013-07-22 19:06 - 00000000 ____D C:\Program Files (x86)\ICQM
2016-10-02 19:16 - 2013-12-22 23:23 - 00000000 ____D C:\Program Files (x86)\HP
2016-10-02 19:13 - 2016-04-09 19:21 - 00000000 ____D C:\Users\cug\AppData\Roaming\MPC-HC
2016-10-02 19:13 - 2016-04-09 19:14 - 00000000 ____D C:\Users\cug\AppData\Roaming\Media Player Classic
2016-10-02 19:13 - 2013-05-02 16:05 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2016-10-02 19:13 - 2013-04-13 13:35 - 00000000 ____D C:\Users\cug\AppData\Roaming\DAEMON Tools Lite
2016-10-02 19:13 - 2013-04-13 11:05 - 00000000 ____D C:\Windows\Panther
2016-10-02 17:40 - 2013-04-13 15:21 - 00000000 ____D C:\Users\cug\AppData\Roaming\MediaMonkey
2016-10-01 20:34 - 2015-07-15 12:15 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-10-01 20:21 - 2014-12-12 10:05 - 00000000 ____D C:\Users\cug\Desktop\Kuba
2016-09-30 13:21 - 2016-02-28 11:14 - 00000000 ____D C:\Users\cug\Desktop\modely
2016-09-30 13:09 - 2014-10-29 15:57 - 00000000 ____D C:\Users\cug\Desktop\soubory PAJA
2016-09-25 08:32 - 2013-04-13 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-23 19:53 - 2014-03-06 13:59 - 00000000 ____D C:\Users\cug\AppData\Roaming\Skype
2016-09-14 17:37 - 2016-02-04 17:20 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 17:37 - 2015-07-15 12:15 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-09-14 17:37 - 2013-04-13 10:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 17:37 - 2013-04-13 10:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 17:37 - 2013-04-13 10:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-14 17:37 - 2013-04-13 10:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-13 19:52 - 2016-02-28 11:17 - 00000000 ____D C:\Users\cug\Desktop\svatba
2016-09-12 16:49 - 2014-11-05 22:16 - 00000000 ____D C:\Users\cug\Documents\DxO Optics Pro v8 logs
2016-09-12 16:22 - 2009-07-14 07:08 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-09 19:37 - 2013-05-19 16:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-06 21:10 - 2016-05-31 19:51 - 00000000 ____D C:\Users\cug\Desktop\stažené písničky svatba
2016-09-06 21:08 - 2014-01-10 00:54 - 00000000 ____D C:\Users\cug\Desktop\Pajuška+Kubík
2016-09-06 21:02 - 2016-02-28 11:14 - 00000000 ____D C:\Users\cug\Desktop\hory+lezeni

==================== Files in the root of some directories =======

2016-03-23 19:07 - 2016-03-23 19:07 - 0007160 _____ () C:\Users\cug\AppData\Local\recently-used.xbel
2013-12-22 23:23 - 2016-10-02 19:24 - 0002191 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\cug\AppData\Local\Temp\FNP_ACT_InstallerCA.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-11 09:03

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:161.13 GB) (Free:44.61 GB) NTFS
Drive d: () (Fixed) (Total:297.99 GB) (Free:4.87 GB) NTFS
Drive e: () (Fixed) (Total:304.63 GB) (Free:48.88 GB) NTFS

Available physical RAM: 5834.55 MB
Total physical RAM: 8189.24 MB
Percentage of memory in use: 28%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DAF9DAF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 702AEBBD)
Partition 1: (Not Active) - (Size=161.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=304.6 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\cug\Desktop" je 16782 MB.
 
 
***** Startup Programs *****
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\cug\AppData\Roaming\ICQM\icq.exe -CU [x]

 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
Přílohy
Addition.zip
(10.51 KiB) Staženo 75 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Google Captcha

#8 Příspěvek od Rudy »

Ještě se to musí dočistit. Pár AdWarů tam bylo. Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\cug\AppData\Local\Temp
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:
Velikost slozky "C:\Users\cug\Desktop" je 16782 MB.
Tp je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\cug novou složku, do které přesuňtevšechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kubason
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 03 říj 2016 19:50

Re: Google Captcha

#9 Příspěvek od Kubason »

Áha, jo na ploše byl strašný bordák - uklizeno, a tak tady je fixlog z FRST:

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2016
Ran by cug (06-10-2016 19:29:48) Run:1
Running from C:\Users\cug\Desktop
Loaded Profiles: cug (Available Profiles: cug)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\cug\AppData\Local\Temp
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skype4com" => key removed successfully
HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => key not found. 
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\fmdownloader@gmail.com => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully

"C:\Users\cug\AppData\Local\Temp" folder move:

Could not move "C:\Users\cug\AppData\Local\Temp" => Scheduled to move on reboot.

"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}" => key removed successfully
"HKU\S-1-5-21-675778828-1303985438-1065005754-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}" => key removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-10-2016 19:31:43)

C:\Users\cug\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:31:44 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Google Captcha

#10 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kubason
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 03 říj 2016 19:50

Re: Google Captcha

#11 Příspěvek od Kubason »

Zdravím,
jede to teď pocitově svižněji, vše budu sledovat. Velmi děkuji za rychlou a profesionální pomoc! Jinak jsem potkal souseda a říkal, že ho štve google, takže asi ten problém je celkově u nás na síti, a Váš počáteční odhad byl správný... :)

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
Ran by cug (administrator) on CUG-PC (06-10-2016 19:50:49)
Running from C:\Users\cug\Desktop
Loaded Profiles: cug (Available Profiles: cug)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(forum.viry.cz) C:\Users\cug\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-675778828-1303985438-1065005754-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-675778828-1303985438-1065005754-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-29] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.152.40.4 10.152.40.5
Tcpip\..\Interfaces\{4D74C6A3-4AEF-4E27-8E6D-25890F9FC353}: [DhcpNameServer] 10.152.40.4 10.152.40.5

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-29] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-18] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-29] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-18] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF DefaultProfile: 4uzd58pu.default-1414499184322
FF ProfilePath: C:\Users\cug\AppData\Roaming\Mozilla\Firefox\Profiles\4uzd58pu.default-1414499184322 [2016-10-06]
FF Extension: (Adblock Plus) - C:\Users\cug\AppData\Roaming\Mozilla\Firefox\Profiles\4uzd58pu.default-1414499184322\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: (Freemake Youtube Download Button) - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-07-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-07-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-18] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-07-10]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-07-10]

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\cug\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-08-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-29] (AVAST Software)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-10] (Freemake) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-29] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-29] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-13] (Duplex Secure Ltd.)
U3 aeu0w6dt; C:\Windows\System32\Drivers\aeu0w6dt.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-06 19:50 - 2016-10-06 19:51 - 00011234 _____ C:\Users\cug\Desktop\FRST.txt
2016-10-06 19:29 - 2016-10-06 19:31 - 00033248 _____ C:\Users\cug\Desktop\Fixlog.txt
2016-10-06 17:17 - 2016-10-06 14:58 - 3291672327 _____ C:\Users\cug\Downloads\Kniha.dzungli_2016.FullHD.HEVC.6ch.CZ.dab.mkv
2016-10-06 14:38 - 2016-10-06 14:38 - 00112640 _____ (forum.viry.cz) C:\Users\cug\Desktop\FRSTLauncher.exe
2016-10-05 21:18 - 2016-10-06 16:18 - 00000000 ____D C:\AdwCleaner
2016-10-05 21:18 - 2016-10-05 21:18 - 03861056 _____ C:\Users\cug\Desktop\adwcleaner_6.020.exe
2016-10-05 20:29 - 2016-07-27 21:41 - 01536458 _____ C:\Users\cug\Desktop\TreninkSportovnihoLezce.pdf
2016-10-05 20:23 - 2016-10-06 14:43 - 00010758 _____ C:\Users\cug\Desktop\Addition.zip
2016-10-05 20:17 - 2016-10-06 19:50 - 00000000 ____D C:\FRST
2016-10-05 20:14 - 2016-10-05 20:14 - 02405376 _____ (Farbar) C:\Users\cug\Desktop\FRST64.exe
2016-10-03 21:25 - 2016-10-03 21:26 - 00000000 ____D C:\Program Files\trend micro
2016-10-03 18:25 - 2016-10-03 18:25 - 00565231 _____ C:\Users\cug\Downloads\J.-K.-Rowling---Harry-Potter-and-the-Philosopher's-Stone---Eng-book.1.mobi
2016-10-03 18:23 - 2016-10-03 18:23 - 01084147 _____ C:\Users\cug\Downloads\J.-K.-Rowling---Harry-Potter-and-the-Philosopher's-Stone---Eng-book.1.pdf
2016-10-03 18:20 - 2016-10-03 18:20 - 01104492 _____ C:\Users\cug\Downloads\J.-K.-Rowling---Harry-Potter-and-the-Philosopher's-Stone---Eng-book.pdf
2016-10-02 19:08 - 2016-10-02 19:08 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-02 19:08 - 2016-10-02 19:08 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-02 19:08 - 2016-10-02 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-02 19:08 - 2016-10-02 19:08 - 00000000 ____D C:\Program Files\CCleaner
2016-10-02 19:07 - 2016-10-02 19:08 - 08244656 _____ (Piriform Ltd) C:\Users\cug\Desktop\ccsetup522.exe
2016-09-28 21:21 - 2016-09-28 21:21 - 00483728 _____ C:\Users\cug\Downloads\IMM5966_1-9V5QXFA.pdf
2016-09-28 21:21 - 2016-09-28 21:21 - 00480673 _____ C:\Users\cug\Downloads\IMM5954_1-9V5QXE5.pdf
2016-09-28 21:16 - 2016-09-28 21:16 - 00483429 _____ C:\Users\cug\Downloads\IMM5966_1-9V5RD0Z.pdf
2016-09-28 21:16 - 2016-09-28 21:16 - 00481411 _____ C:\Users\cug\Downloads\IMM5954_1-9V5RCZU.pdf
2016-09-28 16:59 - 2016-09-28 16:59 - 01836413 _____ C:\Users\cug\Downloads\draci.rar
2016-09-27 19:06 - 2016-09-27 19:08 - 00105626 _____ C:\Users\cug\Downloads\What-women-want(0000013951).srt
2016-09-27 17:30 - 2016-09-27 18:01 - 705618432 _____ C:\Users\cug\Downloads\What-Women-Want-eng.avi
2016-09-25 11:38 - 2016-09-25 13:09 - 1118085120 _____ C:\Users\cug\Downloads\Jak-vycvicit-draka-2-2014-CZ.avi
2016-09-24 18:38 - 2016-09-25 08:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 17:57 - 2016-09-22 19:13 - 881542696 _____ C:\Users\cug\Downloads\Teorie-tygra-(2016).avi
2016-09-12 21:44 - 2016-09-12 21:45 - 06427380 _____ C:\Users\cug\Downloads\Mistel---Osprey.pdf
2016-09-12 21:44 - 2016-09-12 21:44 - 06066810 _____ C:\Users\cug\Downloads\Osprey_Tunnel-Rat-in-Vietnam.pdf
2016-09-12 21:43 - 2016-09-12 21:43 - 05129649 _____ C:\Users\cug\Downloads\Osprey_US-macv-sog.pdf
2016-09-11 13:54 - 2016-09-11 15:29 - 1241099434 _____ C:\Users\cug\Downloads\Pán-a-paní-Smithovi_cz_Mr.-a-Mrs.-Smith.avi
2016-09-10 19:58 - 2016-09-10 19:58 - 00056468 _____ C:\Users\cug\Downloads\vstupenka_156422.pdf
2016-09-09 19:37 - 2016-09-09 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-09-08 18:48 - 2016-09-08 20:44 - 1459343492 _____ C:\Users\cug\Downloads\Rebelka-(2012)-CZ-Dab-BDRip-Animovaný-USA.avi
2016-09-07 19:28 - 2016-09-07 21:54 - 1751918582 _____ C:\Users\cug\Downloads\Co-jsme-komu-udělali-(komedie-2014---Ch.Clavier)cz---IRISA.avi
2016-09-06 20:57 - 2016-09-06 20:57 - 00000000 ____D C:\Users\cug\Downloads\SPORCL-PAVEL---Sporcelain-(CZ-2011)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-06 19:39 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-06 19:39 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-06 19:37 - 2016-02-04 17:20 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-06 19:32 - 2013-04-13 12:13 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-06 19:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-06 18:28 - 2013-04-13 21:12 - 00000000 ____D C:\Users\cug\AppData\Roaming\vlc
2016-10-06 17:28 - 2016-04-09 19:14 - 00000000 ____D C:\Users\cug\AppData\Roaming\Media Player Classic
2016-10-06 17:19 - 2011-04-12 10:34 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-10-06 17:19 - 2011-04-12 10:34 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-10-06 17:19 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-06 17:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-05 20:30 - 2013-09-19 22:54 - 00000000 ____D C:\Program Files (x86)\WarThunder
2016-10-05 16:01 - 2015-11-17 12:08 - 00003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1447754913
2016-10-05 16:01 - 2013-04-13 10:45 - 00000000 ____D C:\Program Files (x86)\Opera
2016-10-03 21:33 - 2013-04-14 19:59 - 00135376 _____ C:\Users\cug\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-03 21:30 - 2009-07-14 06:45 - 00455080 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-03 21:01 - 2013-06-13 09:41 - 00000000 ____D C:\ProgramData\Autodesk
2016-10-03 20:57 - 2013-06-22 14:43 - 00000000 ____D C:\Users\cug\Documents\Inventor
2016-10-02 20:49 - 2016-02-28 11:17 - 00000000 ____D C:\Users\cug\Desktop\OSTATNI
2016-10-02 19:43 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-02 19:24 - 2013-04-15 16:32 - 00000000 ____D C:\Users\cug\Desktop\Aplikace
2016-10-02 19:23 - 2014-03-06 13:59 - 00000000 ____D C:\ProgramData\Skype
2016-10-02 19:23 - 2013-07-22 19:06 - 00000000 ____D C:\Program Files (x86)\ICQM
2016-10-02 19:16 - 2013-12-22 23:23 - 00000000 ____D C:\Program Files (x86)\HP
2016-10-02 19:13 - 2016-04-09 19:21 - 00000000 ____D C:\Users\cug\AppData\Roaming\MPC-HC
2016-10-02 19:13 - 2013-05-02 16:05 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2016-10-02 19:13 - 2013-04-13 13:35 - 00000000 ____D C:\Users\cug\AppData\Roaming\DAEMON Tools Lite
2016-10-02 19:13 - 2013-04-13 11:05 - 00000000 ____D C:\Windows\Panther
2016-10-02 17:40 - 2013-04-13 15:21 - 00000000 ____D C:\Users\cug\AppData\Roaming\MediaMonkey
2016-10-01 20:34 - 2015-07-15 12:15 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-10-01 20:21 - 2014-12-12 10:05 - 00000000 ____D C:\Users\cug\Desktop\Kuba
2016-09-25 08:32 - 2013-04-13 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-23 19:53 - 2014-03-06 13:59 - 00000000 ____D C:\Users\cug\AppData\Roaming\Skype
2016-09-14 17:37 - 2016-02-04 17:20 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 17:37 - 2015-07-15 12:15 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-09-14 17:37 - 2013-04-13 10:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 17:37 - 2013-04-13 10:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 17:37 - 2013-04-13 10:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-14 17:37 - 2013-04-13 10:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-12 16:49 - 2014-11-05 22:16 - 00000000 ____D C:\Users\cug\Documents\DxO Optics Pro v8 logs
2016-09-12 16:22 - 2009-07-14 07:08 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-09 19:37 - 2013-05-19 16:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-06 21:02 - 2016-02-28 11:14 - 00000000 ____D C:\Users\cug\Desktop\hory+lezeni

==================== Files in the root of some directories =======

2016-03-23 19:07 - 2016-03-23 19:07 - 0007160 _____ () C:\Users\cug\AppData\Local\recently-used.xbel
2013-12-22 23:23 - 2016-10-02 19:24 - 0002191 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-11 09:03

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:161.13 GB) (Free:58.25 GB) NTFS
Drive d: () (Fixed) (Total:297.99 GB) (Free:4.87 GB) NTFS
Drive e: () (Fixed) (Total:304.63 GB) (Free:32.71 GB) NTFS

Available physical RAM: 6347.44 MB
Total physical RAM: 8189.24 MB
Percentage of memory in use: 22%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DAF9DAF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 702AEBBD)
Partition 1: (Not Active) - (Size=161.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=304.6 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\cug\Desktop" je 229 MB.
 
 
***** Startup Programs *****
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\cug\AppData\Roaming\ICQM\icq.exe -CU [x]

 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
Přílohy
Addition.zip
(7.66 KiB) Staženo 81 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Google Captcha

#12 Příspěvek od Rudy »

Logy jsou již OK. Je to skutečně tak, Google vidí jen IP routeru poskytovatele (IP vašeho, ani jiného PC na síti nevidí, neboť je skrytá za routerem a navíc se mění - je dynamická).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“