Pomalý počítač - nejde ani vypnout
Napsal: 21 led 2018 10:45
Ahoj,
mám velmi pomalý počítač. CCA 25 % normálního stavu. Dokonce nejde ani vypnout. Když se o to pokusím tak nekonečně dlouho běží obrazovaka "vypínání" a k vypnutí nedojde. Přilkldáám log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01
Ran by Andrejka a Tomáš (administrator) on TOMAS (21-01-2018 10:35:41)
Running from C:\Users\Andrejka a Tomáš\Desktop
Loaded Profiles: Andrejka a Tomáš (Available Profiles: Andrejka a Tomáš)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Avira Operations GmbH & Co. KG) C:\ProgramData\Avira\Launcher\Temp\avira.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\{D08E4D06-B652-4210-A6A8-D68F14340229}\.cr\avira.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\{E33EE4C5-1ADC-4D66-AD46-378C69CEB174}\.be\Avira.OE.Setup.Bundle.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\SwReporter\24.137.203\software_reporter_tool.exe
(Google) C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\SwReporter\24.137.203\software_reporter_tool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Andrejka a Tomáš\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [462848 2012-10-30] (Greenshot)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [{518c54f5-fd43-4aa6-936b-8d7fd8c85cbd}] => C:\ProgramData\Package Cache\{518c54f5-fd43-4aa6-936b-8d7fd8c85cbd}\Avira.OE.Setup.Bundle.exe [1289176 2018-01-06] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3597021740-638433563-444320614-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-12-24]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 212.111.1.10 212.111.0.10
Tcpip\..\Interfaces\{567BAC7E-A43E-47D3-B5C6-F5A5E2442CB8}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{B28756D8-90B0-463E-AB02-7F796513752B}: [DhcpNameServer] 212.111.1.10 212.111.0.10
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3597021740-638433563-444320614-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-15] (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default [2014-11-25]
FF Homepage: Mozilla\Firefox\Profiles\2fndn5vg.default -> hxxp://www.google.com
FF NewTab: Mozilla\Firefox\Profiles\2fndn5vg.default -> hxxp://www.google.com/
FF Extension: (Avira Browser Safety) - C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default\Extensions\abs@avira.com [2014-11-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2012-07-12] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-22] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2010-12-24] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-22] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-11-09] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Andrejka a Tomáš\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Limited)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @talk.google.com/O1DPlugin -> C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @talk.google.com/O3DPlugin -> C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrejka a Tomáš\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrejka a Tomáš\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Andrejka a Tomáš\AppData\Roaming\mozilla\plugins\npo1d.dll [2013-10-29] (Google)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> ""
CHR Profile: C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default [2018-01-21]
CHR Extension: (Prezentace) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-27]
CHR Extension: (Dokumenty) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-27]
CHR Extension: (Disk Google) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Chrome RDP) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbkkbcmdlboombapidmoeolnmdacpkch [2017-11-27]
CHR Extension: (Vyhledávánà Google) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Tabulky) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (TeamViewer) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2017-11-27]
CHR Extension: (Gmail) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128944 2017-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [492560 2018-01-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [492560 2018-01-06] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-08-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-08-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-08-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [33792 2010-08-02] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [196344 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153072 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-25] (Avira Operations GmbH & Co. KG)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 vwmfbus; C:\Windows\System32\DRIVERS\vwmfbus.sys [127488 2009-11-11] (MCCI Corporation)
S3 vwmfdiag; C:\Windows\System32\DRIVERS\vwmfdiag.sys [128512 2009-11-11] (MCCI Corporation)
S3 vwmfmdfl; C:\Windows\System32\DRIVERS\vwmfmdfl.sys [18944 2009-11-11] (MCCI Corporation)
S3 vwmfmdm; C:\Windows\System32\DRIVERS\vwmfmdm.sys [161280 2009-11-11] (MCCI Corporation)
S3 vwmfserd; C:\Windows\System32\DRIVERS\vwmfserd.sys [128512 2009-11-11] (MCCI Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-21 10:35 - 2018-01-21 10:38 - 000023662 _____ C:\Users\Andrejka a Tomáš\Desktop\FRST.txt
2018-01-21 10:33 - 2018-01-21 10:33 - 000112640 _____ (forum.viry.cz) C:\Users\Andrejka a Tomáš\Desktop\FRSTLauncher.exe
2018-01-21 10:26 - 2018-01-21 10:26 - 002393088 _____ (Farbar) C:\Users\Andrejka a Tomáš\Desktop\FRST64.exe
2018-01-10 19:55 - 2018-01-10 19:55 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (17).rdp
2018-01-10 19:55 - 2018-01-10 19:55 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (16).rdp
2018-01-09 10:06 - 2018-01-09 10:06 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (15).rdp
2018-01-08 20:22 - 2018-01-08 20:22 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (14).rdp
2018-01-08 20:18 - 2018-01-08 20:18 - 000006343 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-iexplore__1_-Remote_Access-CmsRdsh (2).rdp
2018-01-08 20:17 - 2018-01-08 20:17 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (13).rdp
2018-01-08 20:14 - 2018-01-08 20:14 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (12).rdp
2018-01-07 19:35 - 2018-01-07 19:35 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (11).rdp
2018-01-06 20:36 - 2018-01-06 20:36 - 000006343 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-iexplore__1_-Remote_Access-CmsRdsh (1).rdp
2018-01-06 20:35 - 2018-01-08 21:04 - 000001253 _____ C:\Users\Andrejka a Tomáš\Documents\odpovědi.txt
2018-01-06 20:29 - 2018-01-06 20:29 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (10).rdp
2018-01-06 20:13 - 2018-01-06 20:13 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (9).rdp
2018-01-06 20:06 - 2018-01-06 20:06 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (8).rdp
2018-01-06 20:04 - 2018-01-06 20:04 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (7).rdp
2018-01-06 20:00 - 2018-01-06 20:01 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (6).rdp
2018-01-06 19:42 - 2018-01-06 19:42 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (5).rdp
2018-01-03 22:41 - 2018-01-03 22:41 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (4).rdp
2017-12-30 15:19 - 2017-12-30 15:19 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (3).rdp
2017-12-30 15:17 - 2017-12-30 15:17 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (2).rdp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-21 10:35 - 2015-07-16 02:47 - 000000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2018-01-21 10:35 - 2014-11-25 13:54 - 000000000 ____D C:\FRST
2018-01-21 10:16 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-21 10:16 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-17 17:07 - 2010-12-24 23:55 - 000000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2018-01-17 17:07 - 2010-12-24 23:55 - 000000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2018-01-17 17:07 - 2010-12-24 23:23 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2018-01-17 17:06 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-10 19:56 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-01-06 20:37 - 2013-12-05 15:00 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-06 19:44 - 2014-11-25 18:54 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-30 15:21 - 2009-07-14 16:18 - 000683040 _____ C:\Windows\system32\perfh005.dat
2017-12-30 15:21 - 2009-07-14 16:18 - 000149768 _____ C:\Windows\system32\perfc005.dat
2017-12-30 15:21 - 2009-07-14 06:13 - 001629182 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-30 15:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
==================== Files in the root of some directories =======
2016-12-16 21:37 - 2016-12-16 21:37 - 007680000 _____ () C:\Program Files (x86)\GUT1277.tmp
2017-04-13 19:09 - 2017-04-13 19:09 - 007639040 _____ () C:\Program Files (x86)\GUT5AE0.tmp
2017-11-30 22:41 - 2017-11-30 22:41 - 007649280 _____ () C:\Program Files (x86)\GUT7465.tmp
2016-02-01 21:35 - 2016-02-01 21:35 - 006871040 _____ () C:\Program Files (x86)\GUT87B6.tmp
2016-12-05 21:22 - 2016-12-05 21:22 - 000000000 _____ () C:\Program Files (x86)\GUT8852.tmp
2017-06-06 17:53 - 2017-06-06 17:53 - 000000000 _____ () C:\Program Files (x86)\GUTAE1B.tmp
2015-12-07 17:32 - 2015-12-07 21:05 - 006420480 _____ () C:\Program Files (x86)\GUTD6B0.tmp
2013-07-08 11:56 - 2015-06-07 07:30 - 000009728 _____ () C:\Users\Andrejka a Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-01 10:21 - 2014-02-01 10:21 - 000000104 _____ () C:\Users\Andrejka a Tomáš\AppData\Local\fusioncache.dat
2012-07-22 13:04 - 2013-02-02 14:41 - 000007596 _____ () C:\Users\Andrejka a Tomáš\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2015-08-22 17:27 - 2016-12-06 19:38 - 000000000 ____D () C:\Users\Andrejka a Tomáš\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A [148]
AlternateDataStreams: C:\Users\Public\DRM:مايŮرŮŘłŮŮŘŞ [48]
==================== Security Center ==================
AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Andrejka a Tom ç\Desktop" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avira Systray
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launcher
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet
C:\Program Files\Dell\QuickSet\QuickSet.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTom MySports Connect.exe
C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Andrejka a Tom ç^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk
C:\PROGRA~2\BINARY~1\HDDLIF~1\HDDLIF~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
mám velmi pomalý počítač. CCA 25 % normálního stavu. Dokonce nejde ani vypnout. Když se o to pokusím tak nekonečně dlouho běží obrazovaka "vypínání" a k vypnutí nedojde. Přilkldáám log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01
Ran by Andrejka a Tomáš (administrator) on TOMAS (21-01-2018 10:35:41)
Running from C:\Users\Andrejka a Tomáš\Desktop
Loaded Profiles: Andrejka a Tomáš (Available Profiles: Andrejka a Tomáš)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Avira Operations GmbH & Co. KG) C:\ProgramData\Avira\Launcher\Temp\avira.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\{D08E4D06-B652-4210-A6A8-D68F14340229}\.cr\avira.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\{E33EE4C5-1ADC-4D66-AD46-378C69CEB174}\.be\Avira.OE.Setup.Bundle.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\SwReporter\24.137.203\software_reporter_tool.exe
(Google) C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\SwReporter\24.137.203\software_reporter_tool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Andrejka a Tomáš\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [462848 2012-10-30] (Greenshot)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [{518c54f5-fd43-4aa6-936b-8d7fd8c85cbd}] => C:\ProgramData\Package Cache\{518c54f5-fd43-4aa6-936b-8d7fd8c85cbd}\Avira.OE.Setup.Bundle.exe [1289176 2018-01-06] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3597021740-638433563-444320614-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-12-24]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 212.111.1.10 212.111.0.10
Tcpip\..\Interfaces\{567BAC7E-A43E-47D3-B5C6-F5A5E2442CB8}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{B28756D8-90B0-463E-AB02-7F796513752B}: [DhcpNameServer] 212.111.1.10 212.111.0.10
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3597021740-638433563-444320614-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-15] (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default [2014-11-25]
FF Homepage: Mozilla\Firefox\Profiles\2fndn5vg.default -> hxxp://www.google.com
FF NewTab: Mozilla\Firefox\Profiles\2fndn5vg.default -> hxxp://www.google.com/
FF Extension: (Avira Browser Safety) - C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default\Extensions\abs@avira.com [2014-11-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2012-07-12] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-22] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2010-12-24] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-22] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-11-09] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Andrejka a Tomáš\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Limited)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @talk.google.com/O1DPlugin -> C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @talk.google.com/O3DPlugin -> C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrejka a Tomáš\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrejka a Tomáš\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Andrejka a Tomáš\AppData\Roaming\mozilla\plugins\npo1d.dll [2013-10-29] (Google)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> ""
CHR Profile: C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default [2018-01-21]
CHR Extension: (Prezentace) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-27]
CHR Extension: (Dokumenty) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-27]
CHR Extension: (Disk Google) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Chrome RDP) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbkkbcmdlboombapidmoeolnmdacpkch [2017-11-27]
CHR Extension: (Vyhledávánà Google) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Tabulky) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (TeamViewer) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2017-11-27]
CHR Extension: (Gmail) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128944 2017-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [492560 2018-01-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [492560 2018-01-06] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-08-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-08-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-08-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [33792 2010-08-02] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [196344 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153072 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-25] (Avira Operations GmbH & Co. KG)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 vwmfbus; C:\Windows\System32\DRIVERS\vwmfbus.sys [127488 2009-11-11] (MCCI Corporation)
S3 vwmfdiag; C:\Windows\System32\DRIVERS\vwmfdiag.sys [128512 2009-11-11] (MCCI Corporation)
S3 vwmfmdfl; C:\Windows\System32\DRIVERS\vwmfmdfl.sys [18944 2009-11-11] (MCCI Corporation)
S3 vwmfmdm; C:\Windows\System32\DRIVERS\vwmfmdm.sys [161280 2009-11-11] (MCCI Corporation)
S3 vwmfserd; C:\Windows\System32\DRIVERS\vwmfserd.sys [128512 2009-11-11] (MCCI Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-21 10:35 - 2018-01-21 10:38 - 000023662 _____ C:\Users\Andrejka a Tomáš\Desktop\FRST.txt
2018-01-21 10:33 - 2018-01-21 10:33 - 000112640 _____ (forum.viry.cz) C:\Users\Andrejka a Tomáš\Desktop\FRSTLauncher.exe
2018-01-21 10:26 - 2018-01-21 10:26 - 002393088 _____ (Farbar) C:\Users\Andrejka a Tomáš\Desktop\FRST64.exe
2018-01-10 19:55 - 2018-01-10 19:55 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (17).rdp
2018-01-10 19:55 - 2018-01-10 19:55 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (16).rdp
2018-01-09 10:06 - 2018-01-09 10:06 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (15).rdp
2018-01-08 20:22 - 2018-01-08 20:22 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (14).rdp
2018-01-08 20:18 - 2018-01-08 20:18 - 000006343 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-iexplore__1_-Remote_Access-CmsRdsh (2).rdp
2018-01-08 20:17 - 2018-01-08 20:17 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (13).rdp
2018-01-08 20:14 - 2018-01-08 20:14 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (12).rdp
2018-01-07 19:35 - 2018-01-07 19:35 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (11).rdp
2018-01-06 20:36 - 2018-01-06 20:36 - 000006343 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-iexplore__1_-Remote_Access-CmsRdsh (1).rdp
2018-01-06 20:35 - 2018-01-08 21:04 - 000001253 _____ C:\Users\Andrejka a Tomáš\Documents\odpovědi.txt
2018-01-06 20:29 - 2018-01-06 20:29 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (10).rdp
2018-01-06 20:13 - 2018-01-06 20:13 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (9).rdp
2018-01-06 20:06 - 2018-01-06 20:06 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (8).rdp
2018-01-06 20:04 - 2018-01-06 20:04 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (7).rdp
2018-01-06 20:00 - 2018-01-06 20:01 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (6).rdp
2018-01-06 19:42 - 2018-01-06 19:42 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (5).rdp
2018-01-03 22:41 - 2018-01-03 22:41 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (4).rdp
2017-12-30 15:19 - 2017-12-30 15:19 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (3).rdp
2017-12-30 15:17 - 2017-12-30 15:17 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (2).rdp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-21 10:35 - 2015-07-16 02:47 - 000000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2018-01-21 10:35 - 2014-11-25 13:54 - 000000000 ____D C:\FRST
2018-01-21 10:16 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-21 10:16 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-17 17:07 - 2010-12-24 23:55 - 000000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2018-01-17 17:07 - 2010-12-24 23:55 - 000000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2018-01-17 17:07 - 2010-12-24 23:23 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2018-01-17 17:06 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-10 19:56 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-01-06 20:37 - 2013-12-05 15:00 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-06 19:44 - 2014-11-25 18:54 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-30 15:21 - 2009-07-14 16:18 - 000683040 _____ C:\Windows\system32\perfh005.dat
2017-12-30 15:21 - 2009-07-14 16:18 - 000149768 _____ C:\Windows\system32\perfc005.dat
2017-12-30 15:21 - 2009-07-14 06:13 - 001629182 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-30 15:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
==================== Files in the root of some directories =======
2016-12-16 21:37 - 2016-12-16 21:37 - 007680000 _____ () C:\Program Files (x86)\GUT1277.tmp
2017-04-13 19:09 - 2017-04-13 19:09 - 007639040 _____ () C:\Program Files (x86)\GUT5AE0.tmp
2017-11-30 22:41 - 2017-11-30 22:41 - 007649280 _____ () C:\Program Files (x86)\GUT7465.tmp
2016-02-01 21:35 - 2016-02-01 21:35 - 006871040 _____ () C:\Program Files (x86)\GUT87B6.tmp
2016-12-05 21:22 - 2016-12-05 21:22 - 000000000 _____ () C:\Program Files (x86)\GUT8852.tmp
2017-06-06 17:53 - 2017-06-06 17:53 - 000000000 _____ () C:\Program Files (x86)\GUTAE1B.tmp
2015-12-07 17:32 - 2015-12-07 21:05 - 006420480 _____ () C:\Program Files (x86)\GUTD6B0.tmp
2013-07-08 11:56 - 2015-06-07 07:30 - 000009728 _____ () C:\Users\Andrejka a Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-01 10:21 - 2014-02-01 10:21 - 000000104 _____ () C:\Users\Andrejka a Tomáš\AppData\Local\fusioncache.dat
2012-07-22 13:04 - 2013-02-02 14:41 - 000007596 _____ () C:\Users\Andrejka a Tomáš\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2015-08-22 17:27 - 2016-12-06 19:38 - 000000000 ____D () C:\Users\Andrejka a Tomáš\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A [148]
AlternateDataStreams: C:\Users\Public\DRM:مايŮرŮŘłŮŮŘŞ [48]
==================== Security Center ==================
AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Andrejka a Tom ç\Desktop" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avira Systray
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launcher
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet
C:\Program Files\Dell\QuickSet\QuickSet.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTom MySports Connect.exe
C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Andrejka a Tom ç^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk
C:\PROGRA~2\BINARY~1\HDDLIF~1\HDDLIF~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================