VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Avast hlasi malware

https://forum.viry.cz:443/viewtopic.php?t=151478

Stránka 1 z 1

Avast hlasi malware

Napsal: 22 úno 2017 09:57
od Atrej36
Dobry den, potrebujem pomoct, avast mi zacal detekovat malware vbs:malware gen, win32:malware gen, pri surfovani akychkolvek stranok, nepravidelne, raz pri otvoreni z detekuje inokedy nie. avira ani eset nic nehlasia. ak som si spravne vsimol doslo okolo polnoci k aktualizacii databazi a priblizne v tom case zacali detekcie.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-02-2017
Ran by Zoltán Bronz (administrator) on LAPTOP-JVJ09D41 (22-02-2017 09:48:51)
Running from C:\Users\Zoltán Bronz\Desktop
Loaded Profiles: Zoltán Bronz (Available Profiles: Zoltán Bronz)
Platform: Windows 10 Home Version 1607 (X64) Language: SlovenÄŤina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\HP\HP OMEN Mouse X9000\hid.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16122.10291.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Zoltán Bronz\Desktop\FRSTLauncher.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9186816 2017-01-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP OMEN Mouse X9000] => C:\Program Files (x86)\HP\HP OMEN Mouse X9000\hid.exe [429056 2016-02-04] ()
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3001536 2016-12-16] (Sony Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{745b2ef7-d53c-454b-ad96-4e6b77998bb0}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0E838E3D-0A67-48AB-9A74-A8E5A966D01E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2151822035-1449553926-59665662-1001 -> {0E838E3D-0A67-48AB-9A74-A8E5A966D01E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2151822035-1449553926-59665662-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-12-07] (Ubisoft)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe [310240 2017-02-22] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe [488928 2017-02-22] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-12-08] (Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe [350688 2017-02-22] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [505024 2016-12-16] (Sony Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-26] (Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2017-01-23] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266872 2016-08-19] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-12-08] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2017-01-17] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2017-01-17] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2017-01-17] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2017-01-17] (ESET)
S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2017-01-17] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2017-01-17] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2017-01-17] (ESET)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-12-08] (Intel Corporation)
S3 HPOMENMS; C:\WINDOWS\system32\drivers\HPOMENMS.sys [48872 2016-01-29] ( )
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys [11036640 2017-02-22] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6724368 2016-02-06] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7308560 2016-09-13] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmwu.inf_amd64_6cdbe0c0630ed4a3\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-12-08] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2016-01-20] (Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2016-01-20] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [58984 2016-02-22] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72824 2016-08-19] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [32832 2016-07-31] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-22 09:48 - 2017-02-22 09:49 - 00015402 _____ C:\Users\Zoltán Bronz\Desktop\FRST.txt
2017-02-22 09:44 - 2017-02-22 09:48 - 00000000 ____D C:\FRST
2017-02-22 09:44 - 2017-02-22 09:44 - 02422784 _____ (Farbar) C:\Users\Zoltán Bronz\Desktop\FRST64.exe
2017-02-22 09:43 - 2017-02-22 09:43 - 00112640 _____ (forum.viry.cz) C:\Users\Zoltán Bronz\Desktop\FRSTLauncher.exe
2017-02-22 09:42 - 2017-02-22 09:42 - 00112640 _____ (forum.viry.cz) C:\Users\Zoltán Bronz\Downloads\FRSTLauncher.exe
2017-02-22 09:14 - 2017-02-22 09:14 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\ESET
2017-02-22 09:10 - 2017-02-22 09:10 - 00002107 _____ C:\Users\Public\Desktop\ESET Ochrana online platieb.lnk
2017-02-22 09:10 - 2017-02-22 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-02-22 09:10 - 2017-02-22 09:10 - 00000000 ____D C:\ProgramData\ESET
2017-02-22 09:10 - 2017-02-22 09:10 - 00000000 ____D C:\Program Files\ESET
2017-02-22 08:55 - 2017-02-22 09:09 - 03124352 _____ (ESET) C:\Users\Zoltán Bronz\Downloads\eset_smart_security_live_installer_rt_sk.exe
2017-02-22 08:41 - 2017-02-22 08:51 - 00000000 ____D C:\AdwCleaner
2017-02-22 07:31 - 2017-02-22 08:41 - 04015056 _____ C:\Users\Zoltán Bronz\Downloads\adwcleaner_6.043.exe
2017-02-22 07:19 - 2017-02-22 07:19 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\AviraSpeedup
2017-02-22 07:08 - 2017-02-22 07:08 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-02-22 07:05 - 2017-02-22 07:05 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\Avira
2017-02-22 07:04 - 2017-02-22 09:07 - 00000000 ____D C:\ProgramData\Avira
2017-02-22 07:04 - 2017-02-22 09:07 - 00000000 ____D C:\Program Files (x86)\Avira
2017-02-22 06:51 - 2017-02-22 08:44 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-22 06:51 - 2017-02-22 06:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-22 02:11 - 2017-02-22 02:11 - 00000000 _____ C:\autoexec.bat
2017-02-22 01:45 - 2017-02-22 01:45 - 00150032 _____ C:\WINDOWS\SysWOW64\libEGL.dll
2017-02-22 01:45 - 2017-02-22 01:45 - 00122384 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2017-02-22 01:45 - 2017-02-22 01:45 - 00120848 _____ C:\WINDOWS\SysWOW64\libGLESv2.dll
2017-02-22 01:45 - 2017-02-22 01:45 - 00110088 _____ C:\WINDOWS\SysWOW64\libGLESv1_CM.dll
2017-02-17 14:36 - 2017-02-17 14:36 - 00336403 _____ C:\Users\Zoltán Bronz\Downloads\wnetwatcher.zip
2017-02-11 10:10 - 2017-02-11 10:10 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-11 10:10 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-11 10:10 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-11 10:10 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-11 10:10 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-03 02:19 - 2017-02-03 02:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-03 02:18 - 2017-02-03 02:18 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2017-02-03 02:17 - 2017-02-22 07:03 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-03 02:15 - 2017-02-03 02:15 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\AvgSetupLog
2017-02-03 02:15 - 2017-02-03 02:15 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\Avg
2017-02-03 02:15 - 2017-02-03 02:15 - 00000000 ____D C:\ProgramData\Avg
2017-01-29 15:29 - 2017-01-29 15:29 - 00000000 ____D C:\Users\Zoltán Bronz\Documents\Diablo III
2017-01-29 15:10 - 2017-01-29 15:10 - 00000932 _____ C:\Users\Public\Desktop\Diablo III.lnk
2017-01-29 15:10 - 2017-01-29 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2017-01-29 15:06 - 2017-01-29 15:27 - 00000000 ____D C:\Program Files (x86)\Diablo III
2017-01-29 15:06 - 2017-01-29 15:06 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-01-29 15:05 - 2017-01-30 22:09 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\Battle.net
2017-01-29 15:05 - 2017-01-30 22:09 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-29 15:05 - 2017-01-29 15:05 - 00000936 _____ C:\Users\Public\Desktop\Battle.net.lnk
2017-01-29 15:05 - 2017-01-29 15:05 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\Blizzard Entertainment
2017-01-29 15:05 - 2017-01-29 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-01-29 15:04 - 2017-01-29 15:06 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\Battle.net
2017-01-29 15:03 - 2017-01-29 15:04 - 00000000 ____D C:\ProgramData\Battle.net
2017-01-26 07:45 - 2017-01-26 07:44 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-01-26 07:45 - 2017-01-26 07:44 - 08104122 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-01-26 07:45 - 2017-01-26 07:44 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 03014136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-01-26 07:45 - 2017-01-26 07:44 - 02706856 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 02201592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 01435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 01003512 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00866096 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00859912 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00854208 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00726120 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00511728 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-01-26 07:45 - 2017-01-26 07:44 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 01615656 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 01529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 00438688 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-01-26 07:45 - 2017-01-26 07:43 - 00112488 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
2017-01-26 02:03 - 2017-01-26 02:03 - 01307648 _____ C:\Users\Zoltán Bronz\AppData\Local\file__0.localstorage
2017-01-25 01:20 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 01:20 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-25 01:16 - 2017-01-25 01:16 - 00000982 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-01-25 01:16 - 2017-01-25 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-01-25 01:16 - 2017-01-25 01:16 - 00000000 ____D C:\Program Files\CPUID
2017-01-23 17:01 - 2017-01-23 17:01 - 00000000 ____D C:\ProgramData\Samsung
2017-01-23 17:00 - 2017-01-23 17:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2017-01-23 17:00 - 2017-01-23 17:01 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\Samsung
2017-01-23 17:00 - 2017-01-23 17:01 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-01-23 17:00 - 2017-01-23 17:00 - 00143664 ____N C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
2017-01-23 17:00 - 2017-01-23 17:00 - 00143664 ____N C:\WINDOWS\system32\SecUPDUtilSvc.exe
2017-01-23 17:00 - 2016-03-24 04:56 - 02817536 ____N C:\WINDOWS\system32\DlgSearchEngine.dll
2017-01-23 17:00 - 2016-03-24 04:56 - 02078208 ____N C:\WINDOWS\SysWOW64\DlgSearchEngine.dll
2017-01-23 17:00 - 2015-09-25 02:13 - 00225600 _____ C:\WINDOWS\system32\SBuySupplies.exe
2017-01-23 17:00 - 2015-03-12 03:43 - 00158016 _____ C:\WINDOWS\system32\us00aci.exe
2017-01-23 17:00 - 2015-03-12 03:43 - 00089600 _____ (SS) C:\WINDOWS\system32\us00aci.dll
2017-01-23 17:00 - 2015-03-12 03:43 - 00022528 _____ () C:\WINDOWS\system32\us00alm.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-22 09:32 - 2016-10-09 02:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-22 09:13 - 2016-10-09 02:16 - 01532334 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-22 09:12 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-22 09:11 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-22 09:08 - 2016-10-09 02:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-22 09:08 - 2016-10-09 02:13 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-22 09:08 - 2016-10-05 16:52 - 00000000 __SHD C:\Users\Zoltán Bronz\IntelGraphicsProfiles
2017-02-22 09:08 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-22 08:58 - 2016-05-06 02:42 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-22 08:36 - 2017-01-20 22:50 - 00000000 ____D C:\Users\Zoltán Bronz\Documents\Might & Magic Heroes VI
2017-02-22 08:36 - 2016-05-06 02:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-22 08:32 - 2016-11-03 22:58 - 00000000 ____D C:\ProgramData\install_backup
2017-02-22 08:32 - 2016-10-05 16:54 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\CyberLink
2017-02-22 08:32 - 2016-08-15 21:07 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-02-22 08:32 - 2016-08-15 21:06 - 00000000 ____D C:\ProgramData\CyberLink
2017-02-22 08:21 - 2016-10-09 02:09 - 00363592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-22 06:50 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-22 06:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-22 06:50 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 06:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-22 02:50 - 2016-10-06 20:50 - 00000392 _____ C:\WINDOWS\Tasks\HPCeeScheduleForZoltán Bronz.job
2017-02-22 02:34 - 2016-10-07 11:41 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-22 02:11 - 2016-10-09 02:17 - 00000000 ____D C:\Users\Zoltán Bronz
2017-02-22 02:02 - 2016-10-09 02:22 - 00003982 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1475746492
2017-02-22 02:02 - 2016-10-06 10:34 - 00001127 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-22 02:02 - 2016-10-06 10:34 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-22 01:46 - 2016-10-20 07:52 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\MPC-HC
2017-02-22 01:46 - 2016-10-10 14:29 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\uTorrent
2017-02-22 01:45 - 2016-12-17 01:04 - 00280072 _____ C:\WINDOWS\system32\igfxCPL.cpl
2017-02-22 01:45 - 2016-10-09 02:14 - 00122384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-02-22 01:45 - 2016-10-09 02:14 - 00113168 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-02-22 01:45 - 2016-10-06 21:04 - 00113168 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2017-02-16 06:47 - 2016-10-09 02:22 - 00003312 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForZoltán Bronz
2017-02-09 23:46 - 2016-10-05 21:00 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Local\CrashDumps
2017-02-09 23:30 - 2016-10-07 07:23 - 00000000 ____D C:\WarThunder
2017-02-06 20:48 - 2016-11-09 02:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-11-09 02:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 02:12 - 2016-08-15 21:15 - 00000000 ____D C:\ProgramData\McAfee
2017-02-03 02:12 - 2016-08-15 21:15 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-02-03 02:11 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-03 02:10 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-01-30 22:00 - 2016-10-06 10:10 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-01-26 07:47 - 2016-10-09 02:15 - 00040510 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-01-26 07:47 - 2016-10-09 02:15 - 00002105 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bang & Olufsen Audio Control.lnk
2017-01-26 07:47 - 2016-08-15 20:39 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-01-26 07:46 - 2016-10-09 02:14 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-01-26 07:44 - 2016-10-06 21:08 - 05556224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-01-26 07:44 - 2016-10-06 21:08 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-01-26 07:44 - 2016-10-06 21:08 - 03202040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-01-26 07:44 - 2016-10-06 21:08 - 02995000 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-01-26 07:44 - 2016-10-06 21:08 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-01-26 07:44 - 2016-10-06 21:08 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-01-26 07:44 - 2016-05-06 11:14 - 00000000 ____D C:\SWSetup
2017-01-24 02:38 - 2016-10-05 16:54 - 00000000 ___RD C:\Users\Zoltán Bronz\OneDrive
2017-01-23 19:23 - 2017-01-19 18:43 - 00000000 ____D C:\Users\Zoltán Bronz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Might & Magic - Heroes 5.5
2017-01-23 17:49 - 2016-05-06 02:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

==================== Files in the root of some directories =======

2017-01-26 02:03 - 2017-01-26 02:03 - 1307648 _____ () C:\Users\Zoltán Bronz\AppData\Local\file__0.localstorage

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-13 08:24

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows) (Fixed) (Total:237.24 GB) (Free:137.6 GB) NTFS
Drive d: (DATA) (Fixed) (Total:918.77 GB) (Free:680.92 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:12.74 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)]

Available physical RAM: 12696.54 MB
Total physical RAM: 16273.78 MB
Percentage of memory in use: 21%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 238.5 GB) (Disk ID: 99C5DC12)
Disk: 1 (Size: 931.5 GB) (Disk ID: AB454D4D)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForZoltán Bronz.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personálny firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zolt n Bronz\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Re: Avast hlasi malware

Napsal: 22 úno 2017 18:36
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Avast hlasi malware

Napsal: 22 úno 2017 19:16
od Atrej36
# AdwCleaner v6.043 - *Logfile created 22/02/2017 *at 19:12:19
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-22.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Zoltán Bronz - LAPTOP-JVJ09D41
# *Running from : C:\Users\Zoltán Bronz\Desktop\adwcleaner_6.043.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****



***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1016 *Bytes] - [22/02/2017 08:51:12]
C:\AdwCleaner\AdwCleaner[C2].txt - [862 *Bytes] - [22/02/2017 19:12:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1196 *Bytes] - [22/02/2017 08:50:59]
C:\AdwCleaner\AdwCleaner[S1].txt - [1342 *Bytes] - [22/02/2017 19:12:11]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1083 *Bytes] ##########




tak asi avastaci nieco nedomysleli :D

Re: Avast hlasi malware

Napsal: 22 úno 2017 20:11
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End

Re: Avast hlasi malware

Napsal: 22 úno 2017 21:28
od Atrej36
predpokladam, ze som mal spravit toto :)

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-02-2017 01
Ran by Zoltán Bronz (22-02-2017 21:24:27) Run:1
Running from C:\Users\Zoltán Bronz\Desktop
Loaded Profiles: Zoltán Bronz (Available Profiles: Zoltán Bronz)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2151822035-1449553926-59665662-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21337479 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 253216913 B
Edge => 815 B
Chrome => 0 B
Firefox => 0 B
Opera => 353982838 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 76620 B
systemprofile32 => 128 B
LocalService => 818 B
NetworkService => 0 B
Zoltán Bronz => 178403801 B

RecycleBin => 0 B
EmptyTemp: => 769.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:24:33 ====

Re: Avast hlasi malware

Napsal: 22 úno 2017 22:05
od Rudy
Ano. Bylo smazáno. Nastala nějaká změna?

Re: Avast hlasi malware

Napsal: 22 úno 2017 22:26
od Atrej36
som jeden z tych, ktoreho trochu vystrasil avast :), preto som si nechal skontrolovat pc, teraz sa uz vie, ze problem je na strane avastu a islo o falosne detekcie, dakujem za kontrolu a precistenie :thumbsup:

Re: Avast hlasi malware

Napsal: 23 úno 2017 09:57
od Rudy
OK, to chápu. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz