Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu, děkuji. :-)

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Prosím o kontrolu, děkuji. :-)

#1 Příspěvek od matastol »

Prosím jenom o preventivní kontrolu logu a ještě mám dotaz, dnes mi proběhla aktualizace antiviru Norton Internet Security která si vyžádala restart PC. Vše proběhlo v pořádku akorát jsem si všimnul při čištění CCleanerem tak se mi vždy objeví tento klíč - Chybí TypeLib reference. IBackupLocationsShellFolderImpl - {00020424-0000-0000-C000-000000000046} HKCR\Interface\{F0E3A5D7-80C7-4228-90FE-61DF01C417A5} Když dám opravit CCleaner ho odstraní ale při další kontrole je tam znovu. Na internetu jsem zjistil že to má něco společného s tím nortonem tak jenom jestli je to OK. Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2015-07-24 10:28:32
Microsoft Windows 8.1
System drive C: has 303 GB (86%) free of 350 GB
Total RAM: 3911 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:38, on 24. 7. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Seznam.cz\bin\postak.exe
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [TrayStatus] "C:\Program Files (x86)\TrayStatus\TrayStatus.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Spotify] "C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Sidebar70.lnk = C:\Program Files\Windows Sidebar\sidebar.exe
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk = ?
O4 - Startup: YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - Global Startup: KudySel.lnk = C:\Program Files (x86)\GFE\KudySel\KudySel.Client.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\DfSdkS64.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Ashampoo HDD Control 3 Service (HDDC3Service) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\HDDC3Service.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Security (NS) - Symantec Corporation - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11913 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskhostex.exe
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {f5be1644-dd09-4b1e-b0f4074f698ae64a}
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\HDDC3Service.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe" /s "NS" /m "C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe" /c /a /s UserSession
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe" /c /a /s UserSession2
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\WINDOWS\system32\igfxext.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
igfxEM.exe
igfxHK.exe
"C:\WINDOWS\system32\GWX\GWX.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files (x86)\TrayStatus\TrayStatus.exe"
"C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe"
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\YoWindow\yowindow.exe" -mt
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskhost.exe
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3237514440-2733116083-671441667-100114_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3237514440-2733116083-671441667-100114 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

"C:\RSIT\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default

prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\extensions\
cs@dictionaries.addons.mozilla.org
foxmarks@kei.com
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10 1042744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]
Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05 931640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10 798008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-05 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-05 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05 931640]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10 1042744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10 798008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-10-01 448912]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-01-24 134784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"TrayStatus"=C:\Program Files (x86)\TrayStatus\TrayStatus.exe [2011-05-18 283032]
"Spotify Web Helper"=C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-05-20 2018360]
"Seznam Postak"=C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2014-10-29 479744]
"Spotify"=C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe [2015-05-20 7112248]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"= []
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2013-02-05 111216]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2013-12-27 570880]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2014-01-24 134784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
KudySel.lnk - C:\Program Files (x86)\GFE\KudySel\KudySel.Client.exe

C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sidebar70.lnk - C:\Program Files\Windows Sidebar\sidebar.exe
Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk - C:\WINDOWS\system32\RunDll32.exe
YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-24 09:16:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-07-20 20:04:03 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-07-20 20:04:03 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-07-20 20:04:03 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-07-20 20:04:03 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-07-15 14:31:00 ----A---- C:\WINDOWS\system32\win32k.sys
2015-07-15 14:30:59 ----A---- C:\WINDOWS\system32\authui.dll
2015-07-15 14:30:58 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2015-07-15 14:30:58 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-07-15 14:30:58 ----A---- C:\WINDOWS\system32\msi.dll
2015-07-15 14:30:57 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2015-07-15 14:30:57 ----A---- C:\WINDOWS\system32\msiexec.exe
2015-07-15 14:30:54 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2015-07-15 14:30:54 ----A---- C:\WINDOWS\system32\msv1_0.dll
2015-07-15 14:30:54 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-07-15 14:30:54 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2015-07-15 14:30:54 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2015-07-15 14:30:53 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2015-07-15 14:30:53 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2015-07-15 14:30:53 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-07-15 14:30:53 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-07-15 14:30:53 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-07-15 14:30:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2015-07-15 14:30:53 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2015-07-15 14:30:53 ----A---- C:\WINDOWS\system32\certcli.dll
2015-07-15 14:30:26 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-15 14:30:26 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-07-15 14:30:26 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-15 14:30:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-07-15 14:30:21 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-07-15 14:30:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-07-15 14:30:17 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-07-15 14:30:17 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-15 14:30:17 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-07-15 14:30:17 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-07-15 14:30:17 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-07-15 14:30:17 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-07-15 14:30:16 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-07-15 14:30:16 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-07-15 14:30:16 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-07-15 14:30:16 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-07-15 14:30:16 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-07-15 14:30:16 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-07-15 14:29:36 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-07-15 14:29:35 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-07-15 14:29:23 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-07-15 14:29:22 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-07-15 14:29:20 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-07-15 14:29:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-07-15 14:29:20 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-07-15 14:29:20 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-07-15 14:28:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-07-15 14:28:39 ----A---- C:\WINDOWS\system32\wininet.dll
2015-07-15 14:28:39 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\system32\msrating.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\system32\ieui.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-07-15 14:28:38 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-07-15 14:28:37 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-07-15 14:28:37 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-07-15 14:28:37 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-07-15 14:28:37 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-07-15 14:28:37 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-07-15 14:28:37 ----A---- C:\WINDOWS\system32\jscript.dll
2015-07-15 14:28:37 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-07-15 14:28:26 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2015-07-15 14:28:26 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-07-15 14:28:26 ----A---- C:\WINDOWS\system32\ole32.dll
2015-07-15 14:28:26 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-07-14 18:49:13 ----D---- C:\Program Files (x86)\Adobe
2015-07-09 17:23:58 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-07-09 17:23:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-07-09 17:23:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-07-09 17:23:56 ----A---- C:\WINDOWS\system32\invagent.dll
2015-07-09 17:23:56 ----A---- C:\WINDOWS\system32\devinv.dll
2015-07-09 17:23:56 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-09 17:23:56 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-07-09 17:23:56 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-07-09 17:23:53 ----A---- C:\WINDOWS\system32\wups2.dll
2015-07-09 17:23:53 ----A---- C:\WINDOWS\system32\wups.dll
2015-07-09 17:23:52 ----A---- C:\WINDOWS\SYSWOW64\wups.dll

======List of files/folders modified in the last 1 month======

2015-07-24 10:28:38 ----D---- C:\WINDOWS\Prefetch
2015-07-24 10:28:35 ----D---- C:\Program Files\trend micro
2015-07-24 10:16:39 ----D---- C:\WINDOWS\SysWOW64
2015-07-24 10:15:08 ----HD---- C:\ProgramData
2015-07-24 10:00:04 ----D---- C:\WINDOWS\system32\sru
2015-07-24 09:41:12 ----D---- C:\WINDOWS\Temp
2015-07-24 09:38:49 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-24 09:38:43 ----D---- C:\WINDOWS\system32\drivers
2015-07-24 09:37:18 ----D---- C:\Users\Martin\AppData\Roaming\ClassicShell
2015-07-24 09:24:32 ----SHD---- C:\System Volume Information
2015-07-24 09:23:31 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-07-24 09:22:27 ----D---- C:\Windows
2015-07-24 09:20:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-24 09:20:55 ----HD---- C:\WINDOWS\ELAMBKUP
2015-07-24 09:18:06 ----D---- C:\WINDOWS\SoftwareDistribution
2015-07-24 09:18:06 ----D---- C:\WINDOWS\debug
2015-07-24 09:16:46 ----RD---- C:\Program Files (x86)
2015-07-24 09:09:34 ----D---- C:\WINDOWS\system32\Tasks
2015-07-24 09:03:45 ----D---- C:\WINDOWS\system32\drivers\NSx64
2015-07-24 08:46:10 ----D---- C:\Users\Martin\AppData\Roaming\Atheros
2015-07-23 16:09:50 ----D---- C:\Users\Martin\AppData\Roaming\AIMP3
2015-07-23 16:09:44 ----D---- C:\WINDOWS\Inf
2015-07-23 16:05:23 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2015-07-23 15:49:01 ----D---- C:\Program Files (x86)\Mp3tag
2015-07-23 15:48:04 ----D---- C:\Users\Martin\AppData\Roaming\Mp3tag
2015-07-23 12:42:56 ----RD---- C:\WINDOWS\System32
2015-07-23 12:42:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-23 10:56:40 ----D---- C:\WINDOWS\system32\config
2015-07-23 10:44:40 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-23 10:44:36 ----D---- C:\WINDOWS\WinSxS
2015-07-23 10:43:03 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-23 10:01:33 ----SHD---- C:\WINDOWS\Installer
2015-07-23 08:04:14 ----D---- C:\Users\Martin\AppData\Roaming\Webshare
2015-07-22 12:15:12 ----D---- C:\Users\Martin\AppData\Roaming\GPX Editor
2015-07-21 19:49:16 ----D---- C:\WINDOWS\AppReadiness
2015-07-20 20:06:54 ----D---- C:\WINDOWS\CbsTemp
2015-07-17 17:19:09 ----D---- C:\WINDOWS\rescache
2015-07-16 13:19:58 ----D---- C:\WINDOWS\system32\MRT
2015-07-15 20:42:54 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-07-15 20:42:54 ----D---- C:\Program Files\Internet Explorer
2015-07-15 20:42:54 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-15 16:55:04 ----D---- C:\Program Files (x86)\YoWindow
2015-07-15 14:42:50 ----D---- C:\ProgramData\Microsoft Help
2015-07-15 14:27:36 ----D---- C:\WINDOWS\system32\catroot2
2015-07-14 19:55:03 ----HD---- C:\Program Files\WindowsApps
2015-07-14 19:33:23 ----D---- C:\Users\Martin\AppData\Roaming\Adobe
2015-07-14 18:49:04 ----D---- C:\ProgramData\Adobe
2015-07-13 23:10:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-12 20:30:36 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-07-12 20:30:36 ----SD---- C:\WINDOWS\system32\GWX
2015-07-09 22:29:10 ----D---- C:\Users\Martin\AppData\Roaming\Audacity
2015-07-09 17:25:34 ----D---- C:\WINDOWS\system32\cs-CZ
2015-07-09 17:24:09 ----SD---- C:\WINDOWS\system32\CompatTel
2015-07-09 17:24:09 ----D---- C:\WINDOWS\system32\wbem
2015-07-09 17:24:09 ----D---- C:\WINDOWS\system32\appraiser
2015-07-09 17:24:09 ----D---- C:\WINDOWS\apppatch
2015-07-09 17:14:21 ----D---- C:\Záloha Firefoxu
2015-07-07 21:28:05 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2015-07-07 21:27:35 ----D---- C:\ProgramData\Skype
2015-07-07 21:27:25 ----RD---- C:\Program Files (x86)\Skype
2015-07-03 08:43:04 ----A---- C:\WINDOWS\system32\MRT.exe
2015-06-25 20:10:25 ----D---- C:\Program Files\CCleaner
2015-06-25 16:08:55 ----D---- C:\Program Files (x86)\AIMP3

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-01-24 35016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 SymEFASI;Symantec Extended File Attributes (SI); C:\WINDOWS\system32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS [2015-07-11 1620720]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [2015-06-17 1648880]
R1 ccSet_NS;NS Settings Manager; C:\WINDOWS\system32\drivers\NSx64\1605020.00F\ccSetx64.sys [2015-07-11 173808]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [2013-09-27 162392]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2015-05-27 489776]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20150723.001\IDSvia64.sys [2015-06-20 692984]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\WINDOWS\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS [2015-07-11 50936]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NSx64\1605020.00F\Ironx64.SYS [2015-07-11 297720]
R1 SymNetS;Symantec Network Security WFP Driver; C:\WINDOWS\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS [2015-07-11 576248]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 athr;@oem17.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2015-05-12 4282904]
R3 b57xdbd;@oem27.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem27.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-01-24 597704]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-05-27 145200]
R3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem24.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 MEIx64;@oem28.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150723.009\ENG64.SYS [2015-06-23 138488]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150723.009\EX64.SYS [2015-06-23 2146040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 Ps2Kb2Hid;@oem29.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2013-02-05 26736]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\WINDOWS\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS [2015-07-11 926448]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [2015-07-24 111344]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 SymELAM;Symantec ELAM Driver; C:\WINDOWS\system32\drivers\NSx64\1605020.00F\SymELAM.sys [2015-07-11 24192]
S3 AthBTPort;@oem12.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-01-24 89800]
S3 BTATH_A2DP;@oem9.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-01-24 355528]
S3 btath_avdt;@oem9.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-01-24 118984]
S3 BTATH_HCRP;@oem22.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-01-24 179432]
S3 BTATH_LWFLT;@oem34.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-01-24 77464]
S3 BTATH_RCP;@oem36.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-01-24 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-08-01 38296]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2014-01-24 319104]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 HDDC3Service;Ashampoo HDD Control 3 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\HDDC3Service.exe [2014-11-17 318336]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-10-01 319376]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-21 635104]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2010-05-21 110736]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-03-05 131144]
R2 NS;Norton Security; C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe [2015-07-16 282016]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-10-19 259136]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-12 193824]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2013-02-05 96880]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-09-05 658576]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-10-09 469648]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\DfSdkS64.exe [2009-08-24 544768]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-02-05 655624]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-08 148136]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu, děkuji. :-)

#2 Příspěvek od Márty84 »

Zdravim :)

Pokud Norton funguje jak ma, ten nalez CCleaneru bych neresil.


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


V logu vidim MBAM....

:arrow: Udelejte novou kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Re: Prosím o kontrolu, děkuji. :-)

#3 Příspěvek od matastol »

MBAM jsem udělal sken včera a nenašel vůbec nic. Dnes mi proběhla ta samá aktualizace u nortona na druhém notebooku a v CCleaneru to dělá úplně to samé takže jsem dal ignorovat asi to má něco ten norton. Tady je sken AdwCleaner. :)

# AdwCleaner v4.208 - Log vytvořen 27/07/2015 v 14:56:26
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-26.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Martin - DOMACI
# Spuštěno z : C:\Users\Martin\Desktop\adwcleaner_4.208.exe
# Nastavení : Sken

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\Users\Martin\AppData\Roaming\RHEng

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0 (x86 cs)


*************************

AdwCleaner[R0].txt - [660 bytů] - [27/07/2015 14:56:26]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [717 bytů] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu, děkuji. :-)

#4 Příspěvek od Márty84 »

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Re: Prosím o kontrolu, děkuji. :-)

#5 Příspěvek od matastol »

# AdwCleaner v4.208 - Log vytvořen 27/07/2015 v 15:05:06
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-26.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Martin - DOMACI
# Spuštěno z : C:\Users\Martin\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Users\Martin\AppData\Roaming\RHEng

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0 (x86 cs)


*************************

AdwCleaner[R0].txt - [794 bytů] - [27/07/2015 14:56:26]
AdwCleaner[R1].txt - [851 bytů] - [27/07/2015 15:04:29]
AdwCleaner[S0].txt - [776 bytů] - [27/07/2015 15:05:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [833 bytů] ##########
Nahoru
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Re: Prosím o kontrolu, děkuji. :-)

#6 Příspěvek od matastol »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
Ran by Martin (administrator) on DOMACI (27-07-2015 15:23:06)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\HDDC3Service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\ns.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\ns.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
() C:\Program Files (x86)\Seznam.cz\bin\postak.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Repkasoft) C:\Program Files (x86)\YoWindow\yowindow.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-10-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-02-05] (Dritek System Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-01-24] (Qualcomm®Atheros®)
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [283032 2011-05-18] (Binary Fortress Software)
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [Spotify Web Helper] => C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-05-20] (Spotify Ltd)
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [Seznam Postak] => C:\Program Files (x86)\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [Spotify] => C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe [7112248 2015-05-20] (Spotify Ltd)
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-11-09]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\KudySel.lnk [2015-05-10]
ShortcutTarget: KudySel.lnk -> C:\Program Files (x86)\GFE\KudySel\KudySel.Client.exe (No File)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar834.lnk [2015-07-27]
ShortcutTarget: Sidebar834.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk [2015-03-27]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk [2015-03-07]
ShortcutTarget: YoWindow.lnk -> C:\Program Files (x86)\YoWindow\yowindow.exe (Repkasoft)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3237514440-2733116083-671441667-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:tabs
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3237514440-2733116083-671441667-1001 -> {EF186E28-429F-44C4-9B6A-F0E57DC23D77} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-05] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3237514440-2733116083-671441667-1001 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3237514440-2733116083-671441667-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{610EBF8D-9486-4978-A5D0-78A707EA9EFC}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ED73EA69-0DF3-49AB-BC9D-A2BEFC4473AF}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\cs@dictionaries.addons.mozilla.org [2014-11-10]
FF Extension: Xmarks - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\foxmarks@kei.com [2015-05-13]
FF Extension: WOT - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09]
FF Extension: MEGA - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\firefox@mega.co.nz.xpi [2015-03-29]
FF Extension: To Google Translate - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2014-10-21]
FF Extension: RAMBack - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\ramback@pavlov.net.xpi [2014-10-21]
FF Extension: Tab Scope - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\tabscope@xuldev.org.xpi [2014-10-21]
FF Extension: Google Translator for Firefox - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\translator@zoli.bod.xpi [2014-10-21]
FF Extension: Linkification - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi [2015-04-01]
FF Extension: Speed Dial - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-10-21]
FF Extension: BBCodeXtra - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\{af79f858-4b25-4ca4-822b-b5db1be628fc}.xpi [2014-10-21]
FF Extension: Video DownloadHelper - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF Extension: Adblock Plus - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-21]
FF Extension: Tab Mix Plus - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-10-21]
FF Extension: DownThemAll! - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\n2iiw0q5.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-10-21]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn [2015-07-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-01-24] (Windows (R) Win 7 DDK provider) [File not signed]
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-10-09] (Acer Incorporated)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated)
R2 HDDC3Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\HDDC3Service.exe [318336 2014-11-17] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe [282016 2015-07-16] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-10-19] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-02-05] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4282904 2015-05-12] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [1648880 2015-06-17] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-01-24] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20150724.001\IDSvia64.sys [692984 2015-06-20] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150726.020\ENG64.SYS [138488 2015-06-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150726.020\EX64.SYS [2146040 2015-06-23] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-02-05] (Dritek System Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-27 15:23 - 2015-07-27 15:23 - 00024108 _____ C:\Users\Martin\Desktop\FRST.txt
2015-07-27 15:22 - 2015-07-27 15:23 - 00000000 ____D C:\FRST
2015-07-27 15:19 - 2015-07-26 11:43 - 02146816 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-07-27 15:19 - 2015-03-07 09:19 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2015-07-27 08:28 - 2015-07-27 15:00 - 00043627 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-27 08:25 - 2015-07-27 15:06 - 00000154 _____ C:\WINDOWS\setupact.log
2015-07-27 08:25 - 2015-07-27 08:25 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-25 19:46 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-07-25 19:46 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-07-25 19:46 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-07-25 19:46 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-07-25 19:46 - 2015-06-10 00:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-07-25 19:46 - 2015-06-10 00:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-07-25 19:46 - 2015-06-10 00:38 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-07-25 19:46 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-07-24 09:16 - 2015-07-24 09:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-24 09:09 - 2015-07-24 09:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2015-07-23 15:49 - 2015-07-23 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-07-23 10:01 - 2015-07-23 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPS Track Editor
2015-07-20 20:04 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-07-20 20:04 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-20 20:04 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-20 20:04 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-17 17:23 - 2015-07-17 17:23 - 00000000 ____D C:\Users\Martin\AppData\Local\CEF
2015-07-15 14:31 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-07-15 14:30 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-07-15 14:30 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-07-15 14:30 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-15 14:30 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-07-15 14:30 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-07-15 14:30 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-15 14:30 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-07-15 14:30 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-15 14:30 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-07-15 14:30 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-07-15 14:30 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-07-15 14:30 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-07-15 14:30 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-15 14:30 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-15 14:30 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-15 14:30 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-07-15 14:30 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-07-15 14:30 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-07-15 14:30 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-07-15 14:30 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-07-15 14:30 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-07-15 14:30 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-07-15 14:30 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-07-15 14:30 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-07-15 14:30 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-15 14:30 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-07-15 14:30 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-07-15 14:30 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-07-15 14:30 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-15 14:30 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-15 14:30 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-15 14:30 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-15 14:30 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-07-15 14:30 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-07-15 14:30 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-15 14:30 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-15 14:30 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-15 14:29 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-07-15 14:29 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-15 14:29 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-07-15 14:29 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-15 14:29 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-15 14:29 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-15 14:29 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-07-15 14:29 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-15 14:28 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-07-15 14:28 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-07-15 14:28 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-07-15 14:28 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-07-15 14:28 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-07-15 14:28 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-07-15 14:28 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-07-15 14:28 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-07-15 14:28 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-07-15 14:28 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-07-15 14:28 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-07-15 14:28 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-07-15 14:28 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-07-15 14:28 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-07-15 14:28 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-07-15 14:28 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-15 14:28 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-15 14:28 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-07-15 14:28 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-07-15 14:28 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-07-15 14:28 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-07-15 14:28 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-07-15 14:28 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-07-15 14:28 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-07-15 14:28 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-07-15 14:28 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-07-15 14:28 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-07-15 14:28 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-07-15 14:28 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-07-15 14:28 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-07-15 14:28 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-07-15 14:28 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-07-15 14:28 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-15 14:28 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-15 14:28 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-07-15 14:28 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-15 14:28 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-14 18:49 - 2015-07-15 18:33 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-14 18:49 - 2015-07-14 18:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-09 17:23 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-09 17:23 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-07-09 17:23 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-07-09 17:23 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-07-09 17:23 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-07-09 17:23 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-07-09 17:23 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-07-09 17:23 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-07-09 17:23 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-07-09 17:23 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-07-09 17:23 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-27 15:09 - 2014-08-17 19:42 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-27 15:07 - 2014-12-03 16:03 - 00000000 ____D C:\Users\Martin\AppData\Local\Sidebar7
2015-07-27 15:06 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-27 15:05 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-27 15:02 - 2014-11-04 21:03 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9861336D-1282-42FE-9AFF-6AF756A10892}
2015-07-27 15:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-27 08:41 - 2014-08-05 08:58 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3237514440-2733116083-671441667-1001
2015-07-27 08:35 - 2014-08-05 08:58 - 00000000 ____D C:\Users\Martin\AppData\Roaming\ClassicShell
2015-07-27 08:31 - 2014-08-17 21:52 - 00000000 ____D C:\Záloha Firefoxu
2015-07-25 20:46 - 2014-08-05 09:24 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2015-07-25 19:47 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-25 19:44 - 2014-12-19 15:00 - 00000000 ____D C:\Program Files\CCleaner
2015-07-25 19:09 - 2015-03-28 21:32 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-24 19:59 - 2014-08-05 09:26 - 00000000 ____D C:\Users\Martin\AppData\Roaming\AIMP3
2015-07-24 19:26 - 2014-09-06 15:03 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Webshare
2015-07-24 13:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-24 11:02 - 2015-03-07 13:04 - 00000000 ____D C:\Program Files (x86)\YoWindow
2015-07-24 10:52 - 2014-08-05 19:15 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Mp3tag
2015-07-24 10:47 - 2014-08-05 11:03 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Audacity
2015-07-24 10:28 - 2014-08-23 21:56 - 00000000 ____D C:\Program Files\trend micro
2015-07-24 09:39 - 2014-12-02 16:38 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-24 09:38 - 2014-12-02 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-24 09:38 - 2014-12-02 16:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-24 09:20 - 2014-08-04 23:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-24 09:20 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-07-24 09:03 - 2015-02-28 16:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-07-24 09:03 - 2015-02-28 15:57 - 00003216 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-07-24 09:03 - 2015-02-28 15:55 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2015-07-24 08:57 - 2015-02-28 15:57 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-07-24 08:57 - 2015-02-28 15:57 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-07-24 08:46 - 2014-11-15 21:08 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Atheros
2015-07-23 15:49 - 2014-08-05 19:15 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2015-07-23 13:11 - 2014-10-11 17:14 - 00000199 ___SH C:\Users\Martin\Documents\_@ZmeSortData.zme
2015-07-23 12:42 - 2014-09-24 18:23 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-23 12:42 - 2014-09-24 17:39 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2015-07-23 12:42 - 2014-09-24 17:39 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2015-07-23 12:41 - 2014-08-05 08:54 - 00000000 ____D C:\Users\Martin\Documents\Bluetooth Folder
2015-07-23 09:02 - 2014-08-04 23:35 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-22 12:15 - 2015-05-09 10:20 - 00000000 ____D C:\Users\Martin\AppData\Roaming\GPX Editor
2015-07-20 21:06 - 2013-08-22 16:44 - 00425296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-07-20 21:00 - 2014-11-16 15:21 - 00007603 _____ C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2015-07-20 19:18 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-17 17:29 - 2014-08-05 10:38 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2015-07-17 17:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-07-16 13:23 - 2014-08-05 11:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-15 19:57 - 2014-08-17 19:42 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-15 19:56 - 2014-09-06 19:15 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2015-07-15 18:01 - 2015-05-17 12:19 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 14:42 - 2014-08-05 09:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-14 19:33 - 2014-08-05 08:52 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Adobe
2015-07-14 18:49 - 2014-08-05 10:32 - 00000000 ____D C:\ProgramData\Adobe
2015-07-13 23:10 - 2014-09-24 21:08 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2014-09-24 21:08 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-12 20:30 - 2015-03-28 21:32 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-09 17:24 - 2015-04-08 14:44 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-07-09 17:24 - 2014-09-24 21:02 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-07-07 21:28 - 2014-09-03 19:18 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2015-07-07 21:27 - 2014-09-03 19:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-07 21:27 - 2014-09-03 19:18 - 00000000 ____D C:\ProgramData\Skype
2015-07-03 08:43 - 2014-08-05 11:13 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-08-05 20:38 - 2014-08-05 20:38 - 0000268 ___RH () C:\Users\Martin\AppData\Roaming\Plants
2014-08-05 20:39 - 2014-08-05 20:39 - 0000268 ___RH () C:\Users\Martin\AppData\Roaming\Plug-In Settings
2014-08-05 20:38 - 2014-08-05 20:38 - 0000268 ___RH () C:\Users\Martin\AppData\Roaming\Plug-Ins
2014-11-17 14:05 - 2014-11-17 14:05 - 0000120 _____ () C:\Users\Martin\AppData\Roaming\System Monitor II_UptimeRecord.ini
2014-08-11 13:20 - 2015-06-17 18:16 - 0009216 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-06 08:18 - 2015-02-08 15:50 - 0045168 _____ () C:\Users\Martin\AppData\Local\HWVendorDetection.log
2014-10-03 14:20 - 2014-10-03 14:20 - 0000001 _____ () C:\Users\Martin\AppData\Local\llftool.4.40.agreement
2014-11-16 15:21 - 2015-07-20 21:00 - 0007603 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2014-08-06 14:32 - 2014-08-06 14:32 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-08-05 20:39 - 2014-08-05 20:39 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-08-05 20:38 - 2014-09-22 17:37 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-08-05 20:38 - 2014-09-22 17:37 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-08-05 20:38 - 2014-08-05 20:38 - 0000268 ___RH () C:\ProgramData\Podcasting
2014-08-05 20:39 - 2014-08-05 20:39 - 0000268 ___RH () C:\ProgramData\Pop Flute
2014-08-05 20:38 - 2014-08-05 20:38 - 0000268 ___RH () C:\ProgramData\Pop Kit

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-24 14:17




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:342.21 GB) (Free:298.88 GB) NTFS
Drive d: (Disk) (Fixed) (Total:341.54 GB) (Free:193 GB) NTFS

Available physical RAM: 2567.39 MB
Total physical RAM: 3911.27 MB
Percentage of memory in use: 34%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 698.6 GB) (Disk ID: AC3CBAF4)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Martin\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Re: Prosím o kontrolu, děkuji. :-)

#7 Příspěvek od matastol »

Addition
Přílohy
Addition.rar
(9.14 KiB) Staženo 75 x
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu, děkuji. :-)

#8 Příspěvek od Márty84 »

:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)

SearchScopes: HKU\S-1-5-21-3237514440-2733116083-671441667-1001 -> {EF186E28-429F-44C4-9B6A-F0E57DC23D77} URL =

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Re: Prosím o kontrolu, děkuji. :-)

#9 Příspěvek od matastol »

Fix result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
Ran by Martin at 2015-07-27 17:09:24 Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)

SearchScopes: HKU\S-1-5-21-3237514440-2733116083-671441667-1001 -> {EF186E28-429F-44C4-9B6A-F0E57DC23D77} URL =

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3237514440-2733116083-671441667-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
"HKU\S-1-5-21-3237514440-2733116083-671441667-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EF186E28-429F-44C4-9B6A-F0E57DC23D77}" => key removed successfully
HKCR\CLSID\{EF186E28-429F-44C4-9B6A-F0E57DC23D77} => key not found.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully
NMIndexingService => service removed successfully
AdobeARMservice => service removed successfully
SkypeUpdate => service removed successfully
AdobeFlashPlayerUpdateSvc => service removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 32.9 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 17:10:07 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu, děkuji. :-)

#10 Příspěvek od Márty84 »

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte jako spravce
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run

:arrow: Procistete znovu CCleanerem.


A pokud neni nejaky problem, je to vse.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Re: Prosím o kontrolu, děkuji. :-)

#11 Příspěvek od matastol »

Dobrý den
Mám problém ten poslední soubor nemůžu stáhnout nejde vypnout funkce v nortonu nepomůže ani restart nějak po těch blokacích se mi to přeplo na agresivní mod a nemůžu s tím hýbat! Nevíte co s tím?

Obrázek
Nahoru
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Re: Prosím o kontrolu, děkuji. :-)

#12 Příspěvek od matastol »

Mám takový pocit že s tím souvisí ten soubor na ploše před tím to šlo, můžu je odstranit ?

Obrázek
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu, děkuji. :-)

#13 Příspěvek od Márty84 »

matastol píše:Mám takový pocit že s tím souvisí ten soubor na ploše před tím to šlo, můžu je odstranit ?
Soubory muzete odstranit.

matastol píše:Mám problém ten poslední soubor nemůžu stáhnout
Pokud myslite DelFix, tak ten ma za ukol jen uklidit po pouzitych programech. Neni nezbytny.


Co se tyka nastaveni Nortona, nikdy jsem ho nepouzival, takze nevim, kde se tam co nastavuje. Ale dole Norton pise, ze mate restartovat a pak to treba pujde.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Re: Prosím o kontrolu, děkuji. :-)

#14 Příspěvek od matastol »

No právě už jsem restartoval několikrát a nic! Jinak soubory jsem odstranil ale tohle stále nejde tak nevim dnes už to asi nevyřeším mrknu na to po dovči, jinak děkuji za váš čas :)
Nahoru
Uživatelský avatar
matastol
Návštěvník
Návštěvník
Příspěvky: 459
Registrován: 09 bře 2008 10:32
Bydliště: ČR

Re: Prosím o kontrolu, děkuji. :-)

#15 Příspěvek od matastol »

Tak super povedlo se, po několika restartech jsem PC na 5 min vypnul a znovu zapnul a je vše OK, měj te se a díky ! :D
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“