Velmi pomalý PC
Napsal: 08 pro 2016 11:19
Dobrý den, mám velmi pomalý PC a nevím, jestli je to jeho stářím nebo nějakými viry. Posílám log a děkuji za kontrolu:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2016
Ran by Tomáš (administrator) on PUNTULKA (08-12-2016 10:54:34)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ATK Hotkey\ASLDRSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(RealNetworks, Inc.) C:\Program Files\Online Games Manager\ogmservice.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\MountPoints2: {033a91b4-4513-11dd-9706-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\index.html
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\MountPoints2: {bcdf5df0-ff78-11e3-bf21-001e8ce8493a} - G:\setup.exe
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\MountPoints2: {c3c61292-055a-11e0-9d1c-001e8ce8493a} - D:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-401885020-672167872-4106706270-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [704512 2009-04-11] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-09-26] (AVAST Software)
GroupPolicy\User: Restriction ? <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-19] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 188.122.222.222 188.122.222.223
Tcpip\..\Interfaces\{B6764651-0603-43B3-8D07-CF2D51D602FD}: [DhcpNameServer] 192.168.88.1 188.122.222.222 188.122.222.223
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-401885020-672167872-4106706270-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-401885020-672167872-4106706270-1000 -> {761EB9DB-05AB-4380-B2A1-E0ACEB8957A7} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
Toolbar: HKLM - No Name - {95188727-288F-4581-A48D-EAB3BD027314} - No File
Toolbar: HKU\S-1-5-21-401885020-672167872-4106706270-1000 -> No Name - {724D43A0-0D85-11D4-9908-00400523E39A} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
FireFox:
========
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\TomTom\HOME\Profiles\p9ln8pt4.default [2012-01-28]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default [2016-09-14]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\u5vszwbm.default -> hxxps://www.google.com/search
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\u5vszwbm.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\u5vszwbm.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\u5vszwbm.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\u5vszwbm.default -> is enabled.
FF Keyword.URL: Mozilla\Firefox\Profiles\u5vszwbm.default -> hxxps://www.google.com/search
FF Extension: (Firebug) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\firebug@software.joehewitt.com.xpi [2016-09-13]
FF Extension: (Firefox Hotfix) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-13]
FF Extension: (Vacuum Places Improved) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\VacuumPlacesImproved@lultimouomo-gmail.com.xpi [2016-09-13]
FF Extension: (YSlow) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\yslow@yahoo-inc.com.xpi [2016-09-13]
FF Extension: (Garmin Communicator) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2016-09-13]
FF Extension: (Html Validator) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}(160) [2013-10-20] [not signed]
FF Extension: (Flashblock) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-09-13]
FF Extension: (View Source Chart) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{68836a21-fc7d-4ea1-a065-7efabd99d414}.xpi [2016-09-13]
FF Extension: (Web Developer) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-09-13]
FF Extension: (HackBar) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2016-09-13]
FF HKLM\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Program na daně\Filler\npfiller.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> http://www.google.com
CHR StartupUrls: Default -> "www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default [2016-12-08]
CHR Extension: (Prezentace Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-10]
CHR Extension: (Dokumenty Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-10]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-10]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-11-14]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10]
CHR Extension: (Tabulky Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-11]
CHR Extension: (Avast Online Security) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-26]
CHR Extension: (FormApps Chrome Extension) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2016-09-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-11-29]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-401885020-672167872-4106706270-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TOM~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-401885020-672167872-4106706270-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - C:\Users\Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.DLL6RFUYD4C3RFIIJCCV6JMLOM - C:\Users\Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2013-01-02] (SUPERAntiSpyware.com) [File not signed]
S4 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S4 Apache2.2; E:\Apache\apache\bin\httpd.exe [24636 2008-12-10] (Apache Software Foundation) [File not signed]
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-02-05] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-26] (AVAST Software)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
S3 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
S4 mysql; E:\Apache\mysql\bin\mysqld.exe [6562432 2009-03-16] ()
R2 ogmservice; C:\Program Files\Online Games Manager\ogmservice.exe [581608 2016-06-23] (RealNetworks, Inc.)
S3 TNaviSrv; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824 2007-07-26] (TOSHIBA Corporation) [File not signed]
S3 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
S3 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [465872 2011-05-23] (Cisco Systems, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [File not signed]
S4 XAMPP; E:\Apache\service.exe [60928 2007-12-21] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [36624 2011-05-23] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [46480 2011-05-23] (Cisco Systems, Inc.)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R1 ASPI32; C:\Windows\system32\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-09-26] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-26] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184592 2016-09-26] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [66688 2016-09-26] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
R1 cdrbsdrv; C:\Windows\system32\Drivers\cdrbsdrv.sys [33408 2006-02-20] (B.H.A Corporation) [File not signed]
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-26] (DemoForge, LLC)
R1 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [30656 2006-12-13] (Eutron)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 GT680x; C:\Windows\System32\Drivers\gt680x.sys [12416 2006-06-16] ( )
S3 i1display; C:\Windows\System32\Drivers\i1display.sys [44344 2004-10-15] ()
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2014-03-18] (Logitech, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 PDIHWCTL; C:\Windows\system32\drivers\pdihwctl.sys [14416 2007-01-25] (Portrait Displays, Inc.) [File not signed]
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [252416 2007-06-01] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-12-11] () [File not signed]
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-01-12] (TeamViewer GmbH)
S3 V0420VID; C:\Windows\System32\DRIVERS\V0420Vid.sys [99648 2007-05-31] (Creative Technology Ltd.)
U3 ax8fsyre; C:\Windows\system32\Drivers\ax8fsyre.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-08 10:54 - 2016-12-08 10:55 - 00017873 _____ C:\Users\Tomáš\Desktop\FRST.txt
2016-12-08 10:54 - 2016-12-08 10:54 - 00000000 ____D C:\FRST
2016-12-08 09:18 - 2016-12-08 09:52 - 00000000 ____D C:\AdwCleaner
2016-12-08 09:12 - 2016-12-08 09:13 - 01761792 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST.exe
2016-12-08 09:08 - 2016-12-08 09:09 - 03968464 _____ C:\Users\Tomáš\Desktop\adwcleaner_6.040.exe
2016-12-05 14:27 - 2016-12-05 14:27 - 00680110 _____ C:\Users\Tomáš\Downloads\pojistne_podminky_majetek_a_odpovednost.pdf
2016-12-05 14:27 - 2016-12-05 14:27 - 00030248 _____ C:\Users\Tomáš\Downloads\spoluucast (1).pdf
2016-12-05 14:27 - 2016-12-05 14:27 - 00020917 _____ C:\Users\Tomáš\Downloads\rizika-odpovednost.pdf
2016-12-05 14:27 - 2016-12-05 14:27 - 00017719 _____ C:\Users\Tomáš\Downloads\limity-odpovednost.pdf
2016-12-05 14:26 - 2016-12-05 14:26 - 00030248 _____ C:\Users\Tomáš\Downloads\spoluucast.pdf
2016-12-05 14:26 - 2016-12-05 14:26 - 00023629 _____ C:\Users\Tomáš\Downloads\limity-budovy.pdf
2016-12-05 14:26 - 2016-12-05 14:26 - 00020145 _____ C:\Users\Tomáš\Downloads\rizika-budovy.pdf
2016-12-02 20:29 - 2016-12-02 20:29 - 00039448 _____ C:\Users\Tomáš\Downloads\Lights-Out-2016.srt
2016-12-01 18:51 - 2016-12-01 18:51 - 03023179 _____ C:\Users\Tomáš\Downloads\Český návod - BEKO MOB 20231 BG.pdf
2016-12-01 18:51 - 2016-12-01 18:51 - 00936537 _____ C:\Users\Tomáš\Downloads\Instalační návod - BEKO MOB 20231 BG.pdf
2016-12-01 18:43 - 2016-12-01 18:43 - 00087553 _____ C:\Users\Tomáš\Downloads\La-grande-bellezza(0000232825).srt
2016-12-01 14:25 - 2016-12-01 14:25 - 00089365 _____ C:\Users\Tomáš\Downloads\OznameniZmena_2012_ToFill_3 (1).pdf
2016-12-01 14:09 - 2016-12-01 14:09 - 00026843 _____ C:\Users\Tomáš\Downloads\Oznameni_zmena_5.pdf
2016-12-01 14:06 - 2016-12-01 14:06 - 00089365 _____ C:\Users\Tomáš\Downloads\OznameniZmena_2012_ToFill_3.pdf
2016-11-28 19:37 - 2016-11-28 19:37 - 00003820 _____ C:\Users\Tomáš\AppData\Local\recently-used.xbel
2016-11-17 13:05 - 2016-11-17 13:06 - 00128284 _____ C:\Users\Tomáš\Downloads\objednavka_dopyt_prahov_do_apexu.xltm
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-08 10:53 - 2010-03-19 17:45 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-08 10:52 - 2010-03-19 17:45 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-08 10:18 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-08 10:18 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-08 10:17 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-08 10:13 - 2006-11-02 14:01 - 00032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-05 19:27 - 2012-12-08 15:16 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\vlc
2016-12-03 20:01 - 2007-01-08 22:09 - 00648240 _____ C:\Windows\system32\perfh005.dat
2016-12-03 20:01 - 2007-01-08 22:09 - 00138830 _____ C:\Windows\system32\perfc005.dat
2016-12-03 20:01 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-12-03 20:01 - 2006-11-02 11:33 - 01539946 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-01 13:25 - 2008-10-12 17:41 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\uTorrent
2016-11-30 20:14 - 2013-10-10 17:39 - 00000000 ____D C:\Torrents
2016-11-28 19:39 - 2013-10-02 16:56 - 00000000 ____D C:\Users\Tomáš\.gimp-2.8
2016-11-28 19:37 - 2013-11-17 15:53 - 00000000 ____D C:\Users\Tomáš\AppData\Local\gtk-2.0
2016-11-25 16:21 - 2008-08-03 21:55 - 00119808 _____ C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-25 12:52 - 2016-07-26 13:00 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-11-25 11:57 - 2016-02-02 11:49 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2016-11-25 11:54 - 2007-09-05 08:41 - 00000000 ____D C:\Program Files\Adobe
2016-11-25 11:22 - 2010-11-13 09:52 - 00026249 ____H C:\treeinfo.wc
2016-11-23 12:11 - 2008-08-31 09:31 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Skype
2016-11-23 12:04 - 2016-04-08 13:39 - 00000000 ___RD C:\Program Files\Skype
2016-11-23 12:04 - 2011-03-19 12:39 - 00000000 ____D C:\ProgramData\Skype
2016-11-11 18:23 - 2012-12-08 14:52 - 00054156 ____H C:\Windows\QTFont.qfn
==================== Files in the root of some directories =======
2009-09-02 17:13 - 2009-09-02 17:13 - 0000600 _____ () C:\Users\Tomáš\AppData\Roaming\PUTTY.RND
2013-04-17 15:40 - 2013-04-18 06:44 - 0000680 _____ () C:\Users\Tomáš\AppData\Local\d3d9caps.dat
2008-08-03 21:55 - 2016-11-25 16:21 - 0119808 _____ () C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-13 18:07 - 2013-05-27 20:40 - 0004096 ____H () C:\Users\Tomáš\AppData\Local\keyfile3.drm
2008-12-25 00:45 - 2013-08-31 12:37 - 0000600 _____ () C:\Users\Tomáš\AppData\Local\PUTTY.RND
2016-11-28 19:37 - 2016-11-28 19:37 - 0003820 _____ () C:\Users\Tomáš\AppData\Local\recently-used.xbel
2016-04-01 12:41 - 2016-04-01 12:41 - 0000031 _____ () C:\Users\Tomáš\AppData\Local\SQ.RemoverDelete.bat
2016-02-08 18:52 - 2016-02-08 18:52 - 0032038 _____ () C:\Users\Tomáš\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
Files to move or delete:
====================
C:\Users\Tomáš\xobglu16.dll
C:\Users\Tomáš\xobglu32.dll
Some files in TEMP:
====================
C:\Users\Tomáš\AppData\Local\Temp\libeay32.dll
C:\Users\Tomáš\AppData\Local\Temp\msvcr120.dll
C:\Users\Tomáš\AppData\Local\Temp\sqlite3.dll
C:\Users\Tomáš\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-08 10:33
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2016
Ran by Tomáš (administrator) on PUNTULKA (08-12-2016 10:54:34)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ATK Hotkey\ASLDRSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(RealNetworks, Inc.) C:\Program Files\Online Games Manager\ogmservice.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\MountPoints2: {033a91b4-4513-11dd-9706-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\index.html
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\MountPoints2: {bcdf5df0-ff78-11e3-bf21-001e8ce8493a} - G:\setup.exe
HKU\S-1-5-21-401885020-672167872-4106706270-1000\...\MountPoints2: {c3c61292-055a-11e0-9d1c-001e8ce8493a} - D:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-401885020-672167872-4106706270-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [704512 2009-04-11] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-09-26] (AVAST Software)
GroupPolicy\User: Restriction ? <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-19] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 188.122.222.222 188.122.222.223
Tcpip\..\Interfaces\{B6764651-0603-43B3-8D07-CF2D51D602FD}: [DhcpNameServer] 192.168.88.1 188.122.222.222 188.122.222.223
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-401885020-672167872-4106706270-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-401885020-672167872-4106706270-1000 -> {761EB9DB-05AB-4380-B2A1-E0ACEB8957A7} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
Toolbar: HKLM - No Name - {95188727-288F-4581-A48D-EAB3BD027314} - No File
Toolbar: HKU\S-1-5-21-401885020-672167872-4106706270-1000 -> No Name - {724D43A0-0D85-11D4-9908-00400523E39A} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
FireFox:
========
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\TomTom\HOME\Profiles\p9ln8pt4.default [2012-01-28]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default [2016-09-14]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\u5vszwbm.default -> hxxps://www.google.com/search
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\u5vszwbm.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\u5vszwbm.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\u5vszwbm.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\u5vszwbm.default -> is enabled.
FF Keyword.URL: Mozilla\Firefox\Profiles\u5vszwbm.default -> hxxps://www.google.com/search
FF Extension: (Firebug) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\firebug@software.joehewitt.com.xpi [2016-09-13]
FF Extension: (Firefox Hotfix) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-13]
FF Extension: (Vacuum Places Improved) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\VacuumPlacesImproved@lultimouomo-gmail.com.xpi [2016-09-13]
FF Extension: (YSlow) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\yslow@yahoo-inc.com.xpi [2016-09-13]
FF Extension: (Garmin Communicator) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2016-09-13]
FF Extension: (Html Validator) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}(160) [2013-10-20] [not signed]
FF Extension: (Flashblock) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-09-13]
FF Extension: (View Source Chart) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{68836a21-fc7d-4ea1-a065-7efabd99d414}.xpi [2016-09-13]
FF Extension: (Web Developer) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-09-13]
FF Extension: (HackBar) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\u5vszwbm.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2016-09-13]
FF HKLM\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Program na daně\Filler\npfiller.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> http://www.google.com
CHR StartupUrls: Default -> "www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default [2016-12-08]
CHR Extension: (Prezentace Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-10]
CHR Extension: (Dokumenty Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-10]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-10]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-11-14]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10]
CHR Extension: (Tabulky Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-11]
CHR Extension: (Avast Online Security) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-26]
CHR Extension: (FormApps Chrome Extension) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2016-09-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-11-29]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-401885020-672167872-4106706270-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TOM~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-401885020-672167872-4106706270-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - C:\Users\Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.DLL6RFUYD4C3RFIIJCCV6JMLOM - C:\Users\Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2013-01-02] (SUPERAntiSpyware.com) [File not signed]
S4 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S4 Apache2.2; E:\Apache\apache\bin\httpd.exe [24636 2008-12-10] (Apache Software Foundation) [File not signed]
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-02-05] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-26] (AVAST Software)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
S3 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
S4 mysql; E:\Apache\mysql\bin\mysqld.exe [6562432 2009-03-16] ()
R2 ogmservice; C:\Program Files\Online Games Manager\ogmservice.exe [581608 2016-06-23] (RealNetworks, Inc.)
S3 TNaviSrv; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824 2007-07-26] (TOSHIBA Corporation) [File not signed]
S3 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
S3 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [465872 2011-05-23] (Cisco Systems, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [File not signed]
S4 XAMPP; E:\Apache\service.exe [60928 2007-12-21] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [36624 2011-05-23] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [46480 2011-05-23] (Cisco Systems, Inc.)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R1 ASPI32; C:\Windows\system32\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-09-26] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-26] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184592 2016-09-26] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [66688 2016-09-26] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
R1 cdrbsdrv; C:\Windows\system32\Drivers\cdrbsdrv.sys [33408 2006-02-20] (B.H.A Corporation) [File not signed]
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-26] (DemoForge, LLC)
R1 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [30656 2006-12-13] (Eutron)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 GT680x; C:\Windows\System32\Drivers\gt680x.sys [12416 2006-06-16] ( )
S3 i1display; C:\Windows\System32\Drivers\i1display.sys [44344 2004-10-15] ()
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2014-03-18] (Logitech, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 PDIHWCTL; C:\Windows\system32\drivers\pdihwctl.sys [14416 2007-01-25] (Portrait Displays, Inc.) [File not signed]
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [252416 2007-06-01] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-12-11] () [File not signed]
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-01-12] (TeamViewer GmbH)
S3 V0420VID; C:\Windows\System32\DRIVERS\V0420Vid.sys [99648 2007-05-31] (Creative Technology Ltd.)
U3 ax8fsyre; C:\Windows\system32\Drivers\ax8fsyre.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-08 10:54 - 2016-12-08 10:55 - 00017873 _____ C:\Users\Tomáš\Desktop\FRST.txt
2016-12-08 10:54 - 2016-12-08 10:54 - 00000000 ____D C:\FRST
2016-12-08 09:18 - 2016-12-08 09:52 - 00000000 ____D C:\AdwCleaner
2016-12-08 09:12 - 2016-12-08 09:13 - 01761792 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST.exe
2016-12-08 09:08 - 2016-12-08 09:09 - 03968464 _____ C:\Users\Tomáš\Desktop\adwcleaner_6.040.exe
2016-12-05 14:27 - 2016-12-05 14:27 - 00680110 _____ C:\Users\Tomáš\Downloads\pojistne_podminky_majetek_a_odpovednost.pdf
2016-12-05 14:27 - 2016-12-05 14:27 - 00030248 _____ C:\Users\Tomáš\Downloads\spoluucast (1).pdf
2016-12-05 14:27 - 2016-12-05 14:27 - 00020917 _____ C:\Users\Tomáš\Downloads\rizika-odpovednost.pdf
2016-12-05 14:27 - 2016-12-05 14:27 - 00017719 _____ C:\Users\Tomáš\Downloads\limity-odpovednost.pdf
2016-12-05 14:26 - 2016-12-05 14:26 - 00030248 _____ C:\Users\Tomáš\Downloads\spoluucast.pdf
2016-12-05 14:26 - 2016-12-05 14:26 - 00023629 _____ C:\Users\Tomáš\Downloads\limity-budovy.pdf
2016-12-05 14:26 - 2016-12-05 14:26 - 00020145 _____ C:\Users\Tomáš\Downloads\rizika-budovy.pdf
2016-12-02 20:29 - 2016-12-02 20:29 - 00039448 _____ C:\Users\Tomáš\Downloads\Lights-Out-2016.srt
2016-12-01 18:51 - 2016-12-01 18:51 - 03023179 _____ C:\Users\Tomáš\Downloads\Český návod - BEKO MOB 20231 BG.pdf
2016-12-01 18:51 - 2016-12-01 18:51 - 00936537 _____ C:\Users\Tomáš\Downloads\Instalační návod - BEKO MOB 20231 BG.pdf
2016-12-01 18:43 - 2016-12-01 18:43 - 00087553 _____ C:\Users\Tomáš\Downloads\La-grande-bellezza(0000232825).srt
2016-12-01 14:25 - 2016-12-01 14:25 - 00089365 _____ C:\Users\Tomáš\Downloads\OznameniZmena_2012_ToFill_3 (1).pdf
2016-12-01 14:09 - 2016-12-01 14:09 - 00026843 _____ C:\Users\Tomáš\Downloads\Oznameni_zmena_5.pdf
2016-12-01 14:06 - 2016-12-01 14:06 - 00089365 _____ C:\Users\Tomáš\Downloads\OznameniZmena_2012_ToFill_3.pdf
2016-11-28 19:37 - 2016-11-28 19:37 - 00003820 _____ C:\Users\Tomáš\AppData\Local\recently-used.xbel
2016-11-17 13:05 - 2016-11-17 13:06 - 00128284 _____ C:\Users\Tomáš\Downloads\objednavka_dopyt_prahov_do_apexu.xltm
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-08 10:53 - 2010-03-19 17:45 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-08 10:52 - 2010-03-19 17:45 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-08 10:18 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-08 10:18 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-08 10:17 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-08 10:13 - 2006-11-02 14:01 - 00032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-05 19:27 - 2012-12-08 15:16 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\vlc
2016-12-03 20:01 - 2007-01-08 22:09 - 00648240 _____ C:\Windows\system32\perfh005.dat
2016-12-03 20:01 - 2007-01-08 22:09 - 00138830 _____ C:\Windows\system32\perfc005.dat
2016-12-03 20:01 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-12-03 20:01 - 2006-11-02 11:33 - 01539946 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-01 13:25 - 2008-10-12 17:41 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\uTorrent
2016-11-30 20:14 - 2013-10-10 17:39 - 00000000 ____D C:\Torrents
2016-11-28 19:39 - 2013-10-02 16:56 - 00000000 ____D C:\Users\Tomáš\.gimp-2.8
2016-11-28 19:37 - 2013-11-17 15:53 - 00000000 ____D C:\Users\Tomáš\AppData\Local\gtk-2.0
2016-11-25 16:21 - 2008-08-03 21:55 - 00119808 _____ C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-25 12:52 - 2016-07-26 13:00 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-11-25 11:57 - 2016-02-02 11:49 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2016-11-25 11:54 - 2007-09-05 08:41 - 00000000 ____D C:\Program Files\Adobe
2016-11-25 11:22 - 2010-11-13 09:52 - 00026249 ____H C:\treeinfo.wc
2016-11-23 12:11 - 2008-08-31 09:31 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Skype
2016-11-23 12:04 - 2016-04-08 13:39 - 00000000 ___RD C:\Program Files\Skype
2016-11-23 12:04 - 2011-03-19 12:39 - 00000000 ____D C:\ProgramData\Skype
2016-11-11 18:23 - 2012-12-08 14:52 - 00054156 ____H C:\Windows\QTFont.qfn
==================== Files in the root of some directories =======
2009-09-02 17:13 - 2009-09-02 17:13 - 0000600 _____ () C:\Users\Tomáš\AppData\Roaming\PUTTY.RND
2013-04-17 15:40 - 2013-04-18 06:44 - 0000680 _____ () C:\Users\Tomáš\AppData\Local\d3d9caps.dat
2008-08-03 21:55 - 2016-11-25 16:21 - 0119808 _____ () C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-13 18:07 - 2013-05-27 20:40 - 0004096 ____H () C:\Users\Tomáš\AppData\Local\keyfile3.drm
2008-12-25 00:45 - 2013-08-31 12:37 - 0000600 _____ () C:\Users\Tomáš\AppData\Local\PUTTY.RND
2016-11-28 19:37 - 2016-11-28 19:37 - 0003820 _____ () C:\Users\Tomáš\AppData\Local\recently-used.xbel
2016-04-01 12:41 - 2016-04-01 12:41 - 0000031 _____ () C:\Users\Tomáš\AppData\Local\SQ.RemoverDelete.bat
2016-02-08 18:52 - 2016-02-08 18:52 - 0032038 _____ () C:\Users\Tomáš\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
Files to move or delete:
====================
C:\Users\Tomáš\xobglu16.dll
C:\Users\Tomáš\xobglu32.dll
Some files in TEMP:
====================
C:\Users\Tomáš\AppData\Local\Temp\libeay32.dll
C:\Users\Tomáš\AppData\Local\Temp\msvcr120.dll
C:\Users\Tomáš\AppData\Local\Temp\sqlite3.dll
C:\Users\Tomáš\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-08 10:33
==================== End of FRST.txt ============================