Zdravím, pc reaguje v poslední době zvláštně(pomalejší bez zjevného duvodu), proto bych Vás rád požádal o preventivku, přikládám logz RSIT
moc dekuji a preji prijemny den
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-02-2017
Ran by tomas (administrator) on LENOVO-PC (21-02-2017 23:34:43)
Running from C:\Users\tomas\Downloads
Loaded Profiles: tomas (Available Profiles: tomas)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McT2659.tmp
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\maxthonupdatesvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(© 2015 Microsoft Corporation) C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program64\Zps.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\EXCEL.EXE
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-02] (Microsoft Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2016-12-19] (ZONER software)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.33.0.11 10.33.0.2
Tcpip\..\Interfaces\{228c1ea3-94b4-4511-b247-edc39ba9bfe1}: [DhcpNameServer] 195.113.56.8 195.113.0.2
Tcpip\..\Interfaces\{5c9ba3be-fcce-44a8-90f0-50cb2d02bedb}: [DhcpNameServer] 10.33.0.11 10.33.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-21] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-21] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: uzqwx9gr.default
FF ProfilePath: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default [2017-01-11]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Amazon
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-ww
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Extension: (Bing Search) - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-09-10]
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\extensions\arthurj8283@gmail.com => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default [2017-02-21]
CHR Extension: (Google Docs) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-06]
CHR Extension: (Google Drive) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-30]
CHR Extension: (YouTube) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-30]
CHR Extension: (Adobe Acrobat) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-11]
CHR Extension: (Avast SafePrice) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-17]
CHR Extension: (Google Docs Offline) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (AdBlock) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-21]
CHR Extension: (Avast Online Security) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-20]
CHR Extension: (Google Scholar Button) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-19]
CHR HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0167001487679359mcinstcleanup; C:\WINDOWS\TEMP\016700~1.EXE [922152 2016-03-02] (McAfee, Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [100528 2017-02-17] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-27] (AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LDrvSvc; c:\program files (x86)\ostotosoft\drivertalent\LDrvSvc.dll [172200 2016-07-28] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-13] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-04] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2451880 2016-03-21] (Maxthon)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2016-01-25] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-02-19] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [279488 2016-01-25] (McAfee, Inc.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2017-01-05] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-01-05] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-01-05] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-19] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7504560 2013-11-20] (Broadcom Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [79248 2016-01-29] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-04] (Disc Soft Ltd)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [422184 2016-01-29] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [351656 2016-01-29] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-01-29] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496368 2016-01-29] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [847608 2016-01-29] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [245096 2016-01-29] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-21 23:34 - 2017-02-21 23:36 - 00028655 _____ C:\Users\tomas\Downloads\FRST.txt
2017-02-21 23:33 - 2017-02-21 23:34 - 00000000 ____D C:\FRST
2017-02-21 23:33 - 2017-02-21 23:33 - 02422784 _____ (Farbar) C:\Users\tomas\Downloads\FRST64.exe
2017-02-21 22:39 - 2017-02-21 23:14 - 615108776 _____ C:\Users\tomas\Downloads\Vikings.S04E16.CZ-titulky.WEB-DL.avi
2017-02-21 21:54 - 2017-02-21 22:14 - 367751435 _____ C:\Users\tomas\Downloads\Vikings-S04E15-TitCz.mp4
2017-02-21 20:00 - 2017-02-21 20:00 - 00488201 _____ C:\Users\tomas\Downloads\O'Brien_et_al-2013-New_Phytologist.pdf
2017-02-21 19:40 - 2017-02-21 19:40 - 00000000 ____D C:\Users\tomas\Downloads\TV_setup_sk
2017-02-21 19:39 - 2017-02-21 19:39 - 06097146 _____ C:\Users\tomas\Downloads\TV_setup_sk.zip
2017-02-21 19:37 - 2017-02-21 19:37 - 04457604 _____ C:\Users\tomas\Downloads\tvsetupMV.exe
2017-02-21 19:20 - 2017-02-21 19:21 - 01448960 _____ C:\Users\tomas\Downloads\bez Daphne.xls
2017-02-21 17:22 - 2017-02-21 17:22 - 00072206 _____ C:\Users\tomas\Downloads\navrh9s.pdf
2017-02-21 14:02 - 2017-02-21 14:02 - 03104992 _____ C:\Users\tomas\Downloads\kopanice.psd
2017-02-21 13:25 - 2017-02-21 13:26 - 00000000 ____D C:\Users\tomas\Desktop\21.2.2017moneses,steril
2017-02-20 22:16 - 2017-02-20 22:38 - 396357632 _____ C:\Users\tomas\Downloads\Vikings-S04E14-cz-tit.avi
2017-02-20 15:38 - 2017-02-20 15:38 - 00012397 ____H C:\Users\tomas\Desktop\~WRL2653.tmp
2017-02-20 14:31 - 2017-02-20 14:31 - 00005012 _____ C:\Users\tomas\Downloads\bobrov6a.txt
2017-02-20 14:25 - 2017-02-20 14:25 - 00003028 _____ C:\Users\tomas\Downloads\bobrov4b.txt
2017-02-20 14:10 - 2017-02-20 14:10 - 00002282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
2017-02-20 14:07 - 2017-02-20 14:07 - 00000000 ____D C:\Users\tomas\Downloads\velenovsky,teriokhin,ruska knizka
2017-02-20 10:14 - 2017-02-20 10:14 - 00000000 ____H C:\ProgramData\cm-lock
2017-02-19 22:33 - 2017-02-20 11:18 - 00000000 ____D C:\Users\tomas\Desktop\luckstarsi pyrola18
2017-02-19 20:10 - 2011-11-01 16:29 - 53304801 _____ C:\Users\tomas\Desktop\Zrcadlo_minulosti.PDF
2017-02-19 14:48 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\asi delete
2017-02-19 13:44 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\delete
2017-02-19 13:43 - 2017-02-19 13:44 - 00000000 ____D C:\Users\tomas\Desktop\pyrola
2017-02-19 13:36 - 2017-02-19 14:42 - 00000000 ____D C:\Users\tomas\Desktop\N sensit article
2017-02-19 13:27 - 2017-02-19 14:28 - 00000000 ____D C:\Users\tomas\Downloads\hudba
2017-02-19 13:26 - 2017-02-19 14:43 - 00000000 ____D C:\Users\tomas\Desktop\articles
2017-02-19 13:11 - 2017-02-19 14:39 - 00000000 ____D C:\Users\tomas\Downloads\vikings
2017-02-19 13:06 - 2017-02-19 14:37 - 00000000 ____D C:\Users\tomas\Downloads\n article
2017-02-12 17:59 - 2017-02-12 17:59 - 00000000 ____D C:\Users\tomas\Downloads\státnice DOPR 2016
2017-02-11 10:48 - 2017-02-21 21:51 - 00000000 ____D C:\Users\tomas\Desktop\hnuj
2017-02-09 11:40 - 2017-02-09 11:40 - 00000000 ____D C:\Users\tomas\Desktop\The_Last_King
2017-02-06 21:21 - 2017-02-06 21:20 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-06 21:11 - 2016-07-15 19:29 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 19:29 - 11602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2017-02-06 21:11 - 2016-07-15 19:17 - 02083328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2017-02-06 21:11 - 2016-07-15 18:45 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 18:31 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2017-02-05 11:00 - 2017-02-05 11:00 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRDCTM.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRAN32.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WDICT32.lnk
2017-02-05 10:46 - 2017-02-13 09:24 - 00000000 ____D C:\Users\tomas\AppData\Roaming\LangSoft
2017-02-05 10:46 - 2017-02-05 10:47 - 00000000 ____D C:\ProgramData\LangSoft
2017-02-05 10:43 - 2017-02-05 10:43 - 00000000 ____D C:\TRANSLAT
2017-02-05 10:12 - 2017-02-19 14:53 - 00000000 ____D C:\Users\tomas\Desktop\experimenty
2017-02-02 23:28 - 2017-02-20 19:32 - 00000000 ____D C:\Users\tomas\Desktop\pyrolalinhellluck1942vjpeg
2017-02-01 16:25 - 2017-02-01 16:36 - 00000333 _____ C:\WINDOWS\SoftWriting.ini
2017-02-01 16:25 - 2017-02-01 16:27 - 00000000 ____D C:\Program Files (x86)\SimpleOCR
2017-02-01 16:25 - 2017-02-01 16:25 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimpleOCR
2017-02-01 16:25 - 1997-04-22 01:00 - 00027632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Ctl3dv2.dll
2017-01-31 18:21 - 2017-02-01 10:12 - 11153742 _____ C:\Users\tomas\Desktop\pgs.pptx
2017-01-29 19:14 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-29 19:14 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-29 08:12 - 2017-01-29 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-01-24 08:57 - 2017-01-24 08:57 - 00000000 ____D C:\Users\tomas\Desktop\New folder (3)
2017-01-24 08:24 - 2017-01-24 08:31 - 00000000 ____D C:\Users\tomas\Desktop\foto tablet
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-21 23:30 - 2016-10-02 06:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-21 23:30 - 2016-03-28 14:49 - 00000000 ____D C:\Users\tomas\AppData\Roaming\vlc
2017-02-21 23:26 - 2016-09-10 19:39 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Skype
2017-02-21 19:21 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\Packages
2017-02-21 15:10 - 2016-03-19 11:46 - 00000000 ____D C:\Users\tomas\AppData\Local\Adobe
2017-02-21 13:25 - 2016-09-29 06:48 - 00000000 ____D C:\Program Files\TrueKey
2017-02-21 13:17 - 2016-09-29 06:58 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-21 13:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-20 22:17 - 2016-07-25 22:03 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Raptr
2017-02-20 14:10 - 2015-02-13 03:20 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-02-20 11:06 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-20 10:47 - 2016-10-02 17:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-20 10:22 - 2016-10-02 07:16 - 00000000 ____D C:\Users\tomas
2017-02-20 10:21 - 2016-10-02 17:09 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-02-20 10:20 - 2016-10-02 17:09 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-02-20 10:15 - 2016-10-02 06:52 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-20 10:15 - 2016-03-03 04:31 - 00000000 __SHD C:\Users\tomas\IntelGraphicsProfiles
2017-02-20 10:14 - 2016-10-02 17:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-20 10:13 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-19 14:45 - 2016-12-30 10:18 - 00000000 ____D C:\Users\tomas\Desktop\KIMS
2017-02-19 14:20 - 2016-12-26 09:50 - 00000000 ____D C:\Users\tomas\Desktop\pyrol zaloh po 5.2.17
2017-02-19 13:30 - 2016-05-28 06:57 - 00000000 ____D C:\data
2017-02-16 14:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-16 11:20 - 2016-07-25 22:05 - 00000000 ____D C:\Users\tomas\AppData\Roaming\PlaysTV
2017-02-13 09:24 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\VirtualStore
2017-02-12 18:17 - 2016-09-10 19:38 - 00000000 ____D C:\ProgramData\Skype
2017-02-11 13:28 - 2017-01-06 22:36 - 00000000 ____D C:\Users\tomas\AppData\Local\CrashDumps
2017-02-06 21:34 - 2016-03-26 08:19 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 21:23 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-06 21:12 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-06 21:11 - 2016-07-16 15:15 - 00000000 ____D C:\WINDOWS\OCR
2017-02-05 10:13 - 2017-01-07 09:16 - 00000000 ____D C:\Users\tomas\Desktop\experimenty 2017
2017-02-03 20:44 - 2016-09-10 19:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-29 08:12 - 2016-10-02 19:32 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-01-23 22:19 - 2016-09-29 06:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2016-08-10 13:10 - 2016-11-08 15:11 - 0000112 _____ () C:\Users\tomas\AppData\Roaming\JP2K CS6 Prefs
2017-02-20 10:14 - 2017-02-20 10:14 - 0000000 ____H () C:\ProgramData\cm-lock
2016-10-02 07:09 - 2016-10-02 07:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2016-12-28 18:15 - 2015-09-03 11:26 - 12203488 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP32.exe
2016-12-28 18:15 - 2015-09-03 11:27 - 12495248 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP64.exe
2016-11-28 13:48 - 2015-05-26 07:52 - 0250472 _____ (Thomson Reuters) C:\Users\tomas\AppData\Local\Temp\Risweb32.exe
2017-01-19 19:10 - 2017-01-19 19:10 - 0381440 _____ () C:\Users\tomas\AppData\Local\Temp\turbojpeg2793987023504395071.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-18 19:11
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosba o preventivku - pc je divný
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
prosba o preventivku - pc je divný
- Přílohy
-
- Addition.zip
- (14.21 KiB) Staženo 105 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosba o preventivku - pc je divný
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosba o preventivku - pc je divný
našlo to nejaké které nevím co jsou zač
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki
a nějaký amazon toolbar...a to jsem ani nic neinstaloval poslední dobou....
samotný log:
# AdwCleaner v6.043 - Logfile created 23/02/2017 at 17:40:48
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-23.3 [Server]
# Operating System : Windows 10 Home (X64)
# Username : tomas - LENOVO-PC
# Running from : C:\Users\tomas\Downloads\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\Public\Documents\dmp
[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki
[#] Folder deleted on reboot: C:\Users\Default\AppData\Local\Pokki
[-] Folder deleted: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[-] Folder deleted: C:\Users\Public\Pokki
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\adawarebp
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Data restored: HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Value deleted: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
***** [ Web browsers ] *****
[-] [C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: nice
[-] [C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [13286 Bytes] - [25/05/2016 16:46:22]
C:\AdwCleaner\AdwCleaner[C2].txt - [8352 Bytes] - [23/02/2017 17:40:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [12957 Bytes] - [25/05/2016 16:40:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [8258 Bytes] - [23/02/2017 17:35:14]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [8572 Bytes] ##########
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki
a nějaký amazon toolbar...a to jsem ani nic neinstaloval poslední dobou....
samotný log:
# AdwCleaner v6.043 - Logfile created 23/02/2017 at 17:40:48
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-23.3 [Server]
# Operating System : Windows 10 Home (X64)
# Username : tomas - LENOVO-PC
# Running from : C:\Users\tomas\Downloads\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\Public\Documents\dmp
[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki
[#] Folder deleted on reboot: C:\Users\Default\AppData\Local\Pokki
[-] Folder deleted: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[-] Folder deleted: C:\Users\Public\Pokki
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\adawarebp
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Data restored: HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Value deleted: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
***** [ Web browsers ] *****
[-] [C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: nice
[-] [C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [13286 Bytes] - [25/05/2016 16:46:22]
C:\AdwCleaner\AdwCleaner[C2].txt - [8352 Bytes] - [23/02/2017 17:40:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [12957 Bytes] - [25/05/2016 16:40:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [8258 Bytes] - [23/02/2017 17:35:14]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [8572 Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosba o preventivku - pc je divný
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosba o preventivku - pc je divný
tady je log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017 01
Ran by tomas (administrator) on LENOVO-PC (24-02-2017 11:19:24)
Running from C:\Users\tomas\Downloads
Loaded Profiles: tomas (Available Profiles: tomas)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\maxthonupdatesvc.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(© 2015 Microsoft Corporation) C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Farbar) C:\Users\tomas\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-02] (Microsoft Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2016-12-19] (ZONER software)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.113.56.8 195.113.0.2
Tcpip\..\Interfaces\{228c1ea3-94b4-4511-b247-edc39ba9bfe1}: [DhcpNameServer] 195.113.56.8 195.113.0.2
Tcpip\..\Interfaces\{5c9ba3be-fcce-44a8-90f0-50cb2d02bedb}: [DhcpNameServer] 10.33.0.11 10.33.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08] (Intel Security)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-21] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-21] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: uzqwx9gr.default
FF ProfilePath: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default [2017-01-11]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Amazon
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-ww
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Extension: (Bing Search) - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-09-10]
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> file:///C:/Users/tomas/Desktop/170104-20170105T175604Z/170104/170104%20m%C4%9B%C5%99en%C3%AD.xlsx
CHR Profile: C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default [2017-02-24]
CHR Extension: (Google Docs) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-06]
CHR Extension: (Google Drive) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-30]
CHR Extension: (YouTube) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-30]
CHR Extension: (Avast SafePrice) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-17]
CHR Extension: (Google Docs Offline) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (AdBlock) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-21]
CHR Extension: (Avast Online Security) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-20]
CHR Extension: (Google Scholar Button) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-27] (AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LDrvSvc; c:\program files (x86)\ostotosoft\drivertalent\LDrvSvc.dll [172200 2016-07-28] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-13] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-04] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2451880 2016-03-21] (Maxthon)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2016-01-25] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-02-19] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [279488 2016-01-25] (McAfee, Inc.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-19] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7504560 2013-11-20] (Broadcom Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [79248 2016-01-29] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-04] (Disc Soft Ltd)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [422184 2016-01-29] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [351656 2016-01-29] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-01-29] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496368 2016-01-29] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [847608 2016-01-29] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [245096 2016-01-29] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-24 10:56 - 2017-02-24 10:56 - 02423296 _____ (Farbar) C:\Users\tomas\Downloads\FRST64 (1).exe
2017-02-23 17:51 - 2017-02-23 17:51 - 04015056 _____ C:\Users\tomas\Downloads\adwcleaner_6.043 (1).exe
2017-02-23 17:44 - 2017-02-23 17:44 - 00000000 ____H C:\ProgramData\cm-lock
2017-02-23 16:54 - 2017-02-23 16:54 - 04015056 _____ C:\Users\tomas\Downloads\adwcleaner_6.043.exe
2017-02-23 08:58 - 2017-02-23 08:58 - 00230414 _____ C:\Users\tomas\Downloads\2017-01-figura.pdf
2017-02-22 19:51 - 2017-02-23 16:05 - 07769477 _____ C:\Users\tomas\Downloads\pgs1.pptx
2017-02-22 11:03 - 2017-02-22 11:03 - 02112802 _____ C:\Users\tomas\Downloads\zaverecna_prace (2).pdf
2017-02-22 11:01 - 2017-02-22 11:01 - 01883753 _____ C:\Users\tomas\Downloads\zaverecna_prace (1).pdf
2017-02-22 10:51 - 2017-02-22 10:51 - 01931813 _____ C:\Users\tomas\Downloads\zaverecna_prace.pdf
2017-02-22 10:31 - 2017-02-22 10:31 - 01225755 _____ C:\Users\tomas\Downloads\metodicke-pokyny-pro-zpracovani-diplomove-prace-na-fzp-aktual.2017-leden.pdf
2017-02-21 23:42 - 2017-02-21 23:42 - 00055829 _____ C:\Users\tomas\Desktop\Addition.txt
2017-02-21 23:42 - 2017-02-21 23:42 - 00014550 _____ C:\Users\tomas\Desktop\Addition.zip
2017-02-21 23:37 - 2017-02-21 23:41 - 00055826 _____ C:\Users\tomas\Downloads\Addition.txt
2017-02-21 23:34 - 2017-02-24 11:20 - 00027022 _____ C:\Users\tomas\Downloads\FRST.txt
2017-02-21 23:33 - 2017-02-24 11:19 - 00000000 ____D C:\FRST
2017-02-21 23:33 - 2017-02-21 23:33 - 02422784 _____ (Farbar) C:\Users\tomas\Downloads\FRST64.exe
2017-02-21 22:39 - 2017-02-21 23:14 - 615108776 _____ C:\Users\tomas\Downloads\Vikings.S04E16.CZ-titulky.WEB-DL.avi
2017-02-21 21:54 - 2017-02-21 22:14 - 367751435 _____ C:\Users\tomas\Downloads\Vikings-S04E15-TitCz.mp4
2017-02-21 20:00 - 2017-02-21 20:00 - 00488201 _____ C:\Users\tomas\Downloads\O'Brien_et_al-2013-New_Phytologist.pdf
2017-02-21 19:40 - 2017-02-21 19:40 - 00000000 ____D C:\Users\tomas\Downloads\TV_setup_sk
2017-02-21 19:39 - 2017-02-21 19:39 - 06097146 _____ C:\Users\tomas\Downloads\TV_setup_sk.zip
2017-02-21 19:37 - 2017-02-21 19:37 - 04457604 _____ C:\Users\tomas\Downloads\tvsetupMV.exe
2017-02-21 19:20 - 2017-02-23 17:04 - 01473024 _____ C:\Users\tomas\Downloads\bez Daphne.xls
2017-02-21 17:22 - 2017-02-21 17:22 - 00072206 _____ C:\Users\tomas\Downloads\navrh9s.pdf
2017-02-21 14:02 - 2017-02-21 14:02 - 03104992 _____ C:\Users\tomas\Downloads\kopanice.psd
2017-02-21 13:25 - 2017-02-21 13:26 - 00000000 ____D C:\Users\tomas\Desktop\21.2.2017moneses,steril
2017-02-20 22:16 - 2017-02-20 22:38 - 396357632 _____ C:\Users\tomas\Downloads\Vikings-S04E14-cz-tit.avi
2017-02-20 14:31 - 2017-02-20 14:31 - 00005012 _____ C:\Users\tomas\Downloads\bobrov6a.txt
2017-02-20 14:25 - 2017-02-20 14:25 - 00003028 _____ C:\Users\tomas\Downloads\bobrov4b.txt
2017-02-20 14:07 - 2017-02-20 14:07 - 00000000 ____D C:\Users\tomas\Downloads\velenovsky,teriokhin,ruska knizka
2017-02-19 22:33 - 2017-02-20 11:18 - 00000000 ____D C:\Users\tomas\Desktop\luckstarsi pyrola18
2017-02-19 20:10 - 2011-11-01 16:29 - 53304801 _____ C:\Users\tomas\Desktop\Zrcadlo_minulosti.PDF
2017-02-19 14:48 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\asi delete
2017-02-19 13:44 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\delete
2017-02-19 13:43 - 2017-02-19 13:44 - 00000000 ____D C:\Users\tomas\Desktop\pyrola
2017-02-19 13:36 - 2017-02-24 09:13 - 00000000 ____D C:\Users\tomas\Desktop\N sensit article
2017-02-19 13:27 - 2017-02-19 14:28 - 00000000 ____D C:\Users\tomas\Downloads\hudba
2017-02-19 13:26 - 2017-02-23 08:57 - 00000000 ____D C:\Users\tomas\Desktop\articles
2017-02-19 13:11 - 2017-02-19 14:39 - 00000000 ____D C:\Users\tomas\Downloads\vikings
2017-02-19 13:06 - 2017-02-19 14:37 - 00000000 ____D C:\Users\tomas\Downloads\n article
2017-02-12 17:59 - 2017-02-12 17:59 - 00000000 ____D C:\Users\tomas\Downloads\státnice DOPR 2016
2017-02-11 10:48 - 2017-02-23 17:04 - 00000000 ____D C:\Users\tomas\Desktop\hnuj
2017-02-09 11:40 - 2017-02-09 11:40 - 00000000 ____D C:\Users\tomas\Desktop\The_Last_King
2017-02-06 21:21 - 2017-02-06 21:20 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-06 21:11 - 2016-07-15 19:29 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 19:29 - 11602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2017-02-06 21:11 - 2016-07-15 19:17 - 02083328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2017-02-06 21:11 - 2016-07-15 18:45 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 18:31 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2017-02-05 11:00 - 2017-02-05 11:00 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRDCTM.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRAN32.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WDICT32.lnk
2017-02-05 10:46 - 2017-02-13 09:24 - 00000000 ____D C:\Users\tomas\AppData\Roaming\LangSoft
2017-02-05 10:46 - 2017-02-05 10:47 - 00000000 ____D C:\ProgramData\LangSoft
2017-02-05 10:43 - 2017-02-05 10:43 - 00000000 ____D C:\TRANSLAT
2017-02-05 10:12 - 2017-02-19 14:53 - 00000000 ____D C:\Users\tomas\Desktop\experimenty
2017-02-02 23:28 - 2017-02-20 19:32 - 00000000 ____D C:\Users\tomas\Desktop\pyrolalinhellluck1942vjpeg
2017-02-01 16:25 - 2017-02-01 16:36 - 00000333 _____ C:\WINDOWS\SoftWriting.ini
2017-02-01 16:25 - 2017-02-01 16:27 - 00000000 ____D C:\Program Files (x86)\SimpleOCR
2017-02-01 16:25 - 2017-02-01 16:25 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimpleOCR
2017-02-01 16:25 - 1997-04-22 01:00 - 00027632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Ctl3dv2.dll
2017-01-31 18:21 - 2017-02-01 10:12 - 11153742 _____ C:\Users\tomas\Desktop\pgs.pptx
2017-01-29 19:14 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-29 19:14 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-29 08:12 - 2017-01-29 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-24 11:20 - 2016-09-10 19:39 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Skype
2017-02-24 11:07 - 2016-03-19 11:46 - 00000000 ____D C:\Users\tomas\AppData\Local\Adobe
2017-02-24 10:53 - 2016-10-02 07:16 - 00000000 ____D C:\Users\tomas
2017-02-24 10:48 - 2016-10-02 06:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-24 09:12 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\Packages
2017-02-24 09:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-23 18:01 - 2016-10-02 17:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-23 17:59 - 2016-10-02 17:09 - 00003804 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-02-23 17:51 - 2016-07-25 22:05 - 00000000 ____D C:\Users\tomas\AppData\Roaming\PlaysTV
2017-02-23 17:51 - 2016-07-25 22:03 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Raptr
2017-02-23 17:48 - 2016-10-02 06:52 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-23 17:48 - 2016-03-03 04:31 - 00000000 __SHD C:\Users\tomas\IntelGraphicsProfiles
2017-02-23 17:43 - 2016-10-02 17:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-23 17:42 - 2016-09-29 06:48 - 00000000 ____D C:\Program Files\TrueKey
2017-02-23 17:42 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-23 17:40 - 2016-05-25 16:39 - 00000000 ____D C:\AdwCleaner
2017-02-23 17:22 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 17:22 - 2016-03-04 16:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 17:14 - 2016-03-04 16:40 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 17:04 - 2016-09-29 06:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 14:58 - 2017-01-06 22:36 - 00000000 ____D C:\Users\tomas\AppData\Local\CrashDumps
2017-02-23 13:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-23 08:37 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-21 23:30 - 2016-03-28 14:49 - 00000000 ____D C:\Users\tomas\AppData\Roaming\vlc
2017-02-21 13:17 - 2016-09-29 06:58 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-20 10:21 - 2016-10-02 17:09 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-02-19 14:45 - 2016-12-30 10:18 - 00000000 ____D C:\Users\tomas\Desktop\KIMS
2017-02-19 14:20 - 2016-12-26 09:50 - 00000000 ____D C:\Users\tomas\Desktop\pyrol zaloh po 5.2.17
2017-02-19 13:30 - 2016-05-28 06:57 - 00000000 ____D C:\data
2017-02-13 09:24 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\VirtualStore
2017-02-12 18:17 - 2016-09-10 19:38 - 00000000 ____D C:\ProgramData\Skype
2017-02-06 21:34 - 2016-03-26 08:19 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 21:23 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-06 21:11 - 2016-07-16 15:15 - 00000000 ____D C:\WINDOWS\OCR
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 10:13 - 2017-01-07 09:16 - 00000000 ____D C:\Users\tomas\Desktop\experimenty 2017
2017-02-03 20:44 - 2016-09-10 19:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-29 08:12 - 2016-10-02 19:32 - 00000000 ____D C:\Program Files\McAfee Security Scan
==================== Files in the root of some directories =======
2016-08-10 13:10 - 2016-11-08 15:11 - 0000112 _____ () C:\Users\tomas\AppData\Roaming\JP2K CS6 Prefs
2017-02-23 17:44 - 2017-02-23 17:44 - 0000000 ____H () C:\ProgramData\cm-lock
2016-10-02 07:09 - 2016-10-02 07:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2016-12-28 18:15 - 2015-09-03 11:26 - 12203488 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP32.exe
2016-12-28 18:15 - 2015-09-03 11:27 - 12495248 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP64.exe
2016-11-28 13:48 - 2015-05-26 07:52 - 0250472 _____ (Thomson Reuters) C:\Users\tomas\AppData\Local\Temp\Risweb32.exe
2017-01-19 19:10 - 2017-01-19 19:10 - 0381440 _____ () C:\Users\tomas\AppData\Local\Temp\turbojpeg2793987023504395071.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-18 19:11
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017 01
Ran by tomas (administrator) on LENOVO-PC (24-02-2017 11:19:24)
Running from C:\Users\tomas\Downloads
Loaded Profiles: tomas (Available Profiles: tomas)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\maxthonupdatesvc.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(© 2015 Microsoft Corporation) C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Farbar) C:\Users\tomas\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-02] (Microsoft Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2016-12-19] (ZONER software)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.113.56.8 195.113.0.2
Tcpip\..\Interfaces\{228c1ea3-94b4-4511-b247-edc39ba9bfe1}: [DhcpNameServer] 195.113.56.8 195.113.0.2
Tcpip\..\Interfaces\{5c9ba3be-fcce-44a8-90f0-50cb2d02bedb}: [DhcpNameServer] 10.33.0.11 10.33.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08] (Intel Security)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-21] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-21] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: uzqwx9gr.default
FF ProfilePath: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default [2017-01-11]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Amazon
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-ww
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Extension: (Bing Search) - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-09-10]
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> file:///C:/Users/tomas/Desktop/170104-20170105T175604Z/170104/170104%20m%C4%9B%C5%99en%C3%AD.xlsx
CHR Profile: C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default [2017-02-24]
CHR Extension: (Google Docs) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-06]
CHR Extension: (Google Drive) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-30]
CHR Extension: (YouTube) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-30]
CHR Extension: (Avast SafePrice) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-17]
CHR Extension: (Google Docs Offline) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (AdBlock) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-21]
CHR Extension: (Avast Online Security) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-20]
CHR Extension: (Google Scholar Button) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-27] (AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LDrvSvc; c:\program files (x86)\ostotosoft\drivertalent\LDrvSvc.dll [172200 2016-07-28] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-13] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-04] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2451880 2016-03-21] (Maxthon)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2016-01-25] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-02-19] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [279488 2016-01-25] (McAfee, Inc.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-19] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7504560 2013-11-20] (Broadcom Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [79248 2016-01-29] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-04] (Disc Soft Ltd)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [422184 2016-01-29] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [351656 2016-01-29] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-01-29] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496368 2016-01-29] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [847608 2016-01-29] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [245096 2016-01-29] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-24 10:56 - 2017-02-24 10:56 - 02423296 _____ (Farbar) C:\Users\tomas\Downloads\FRST64 (1).exe
2017-02-23 17:51 - 2017-02-23 17:51 - 04015056 _____ C:\Users\tomas\Downloads\adwcleaner_6.043 (1).exe
2017-02-23 17:44 - 2017-02-23 17:44 - 00000000 ____H C:\ProgramData\cm-lock
2017-02-23 16:54 - 2017-02-23 16:54 - 04015056 _____ C:\Users\tomas\Downloads\adwcleaner_6.043.exe
2017-02-23 08:58 - 2017-02-23 08:58 - 00230414 _____ C:\Users\tomas\Downloads\2017-01-figura.pdf
2017-02-22 19:51 - 2017-02-23 16:05 - 07769477 _____ C:\Users\tomas\Downloads\pgs1.pptx
2017-02-22 11:03 - 2017-02-22 11:03 - 02112802 _____ C:\Users\tomas\Downloads\zaverecna_prace (2).pdf
2017-02-22 11:01 - 2017-02-22 11:01 - 01883753 _____ C:\Users\tomas\Downloads\zaverecna_prace (1).pdf
2017-02-22 10:51 - 2017-02-22 10:51 - 01931813 _____ C:\Users\tomas\Downloads\zaverecna_prace.pdf
2017-02-22 10:31 - 2017-02-22 10:31 - 01225755 _____ C:\Users\tomas\Downloads\metodicke-pokyny-pro-zpracovani-diplomove-prace-na-fzp-aktual.2017-leden.pdf
2017-02-21 23:42 - 2017-02-21 23:42 - 00055829 _____ C:\Users\tomas\Desktop\Addition.txt
2017-02-21 23:42 - 2017-02-21 23:42 - 00014550 _____ C:\Users\tomas\Desktop\Addition.zip
2017-02-21 23:37 - 2017-02-21 23:41 - 00055826 _____ C:\Users\tomas\Downloads\Addition.txt
2017-02-21 23:34 - 2017-02-24 11:20 - 00027022 _____ C:\Users\tomas\Downloads\FRST.txt
2017-02-21 23:33 - 2017-02-24 11:19 - 00000000 ____D C:\FRST
2017-02-21 23:33 - 2017-02-21 23:33 - 02422784 _____ (Farbar) C:\Users\tomas\Downloads\FRST64.exe
2017-02-21 22:39 - 2017-02-21 23:14 - 615108776 _____ C:\Users\tomas\Downloads\Vikings.S04E16.CZ-titulky.WEB-DL.avi
2017-02-21 21:54 - 2017-02-21 22:14 - 367751435 _____ C:\Users\tomas\Downloads\Vikings-S04E15-TitCz.mp4
2017-02-21 20:00 - 2017-02-21 20:00 - 00488201 _____ C:\Users\tomas\Downloads\O'Brien_et_al-2013-New_Phytologist.pdf
2017-02-21 19:40 - 2017-02-21 19:40 - 00000000 ____D C:\Users\tomas\Downloads\TV_setup_sk
2017-02-21 19:39 - 2017-02-21 19:39 - 06097146 _____ C:\Users\tomas\Downloads\TV_setup_sk.zip
2017-02-21 19:37 - 2017-02-21 19:37 - 04457604 _____ C:\Users\tomas\Downloads\tvsetupMV.exe
2017-02-21 19:20 - 2017-02-23 17:04 - 01473024 _____ C:\Users\tomas\Downloads\bez Daphne.xls
2017-02-21 17:22 - 2017-02-21 17:22 - 00072206 _____ C:\Users\tomas\Downloads\navrh9s.pdf
2017-02-21 14:02 - 2017-02-21 14:02 - 03104992 _____ C:\Users\tomas\Downloads\kopanice.psd
2017-02-21 13:25 - 2017-02-21 13:26 - 00000000 ____D C:\Users\tomas\Desktop\21.2.2017moneses,steril
2017-02-20 22:16 - 2017-02-20 22:38 - 396357632 _____ C:\Users\tomas\Downloads\Vikings-S04E14-cz-tit.avi
2017-02-20 14:31 - 2017-02-20 14:31 - 00005012 _____ C:\Users\tomas\Downloads\bobrov6a.txt
2017-02-20 14:25 - 2017-02-20 14:25 - 00003028 _____ C:\Users\tomas\Downloads\bobrov4b.txt
2017-02-20 14:07 - 2017-02-20 14:07 - 00000000 ____D C:\Users\tomas\Downloads\velenovsky,teriokhin,ruska knizka
2017-02-19 22:33 - 2017-02-20 11:18 - 00000000 ____D C:\Users\tomas\Desktop\luckstarsi pyrola18
2017-02-19 20:10 - 2011-11-01 16:29 - 53304801 _____ C:\Users\tomas\Desktop\Zrcadlo_minulosti.PDF
2017-02-19 14:48 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\asi delete
2017-02-19 13:44 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\delete
2017-02-19 13:43 - 2017-02-19 13:44 - 00000000 ____D C:\Users\tomas\Desktop\pyrola
2017-02-19 13:36 - 2017-02-24 09:13 - 00000000 ____D C:\Users\tomas\Desktop\N sensit article
2017-02-19 13:27 - 2017-02-19 14:28 - 00000000 ____D C:\Users\tomas\Downloads\hudba
2017-02-19 13:26 - 2017-02-23 08:57 - 00000000 ____D C:\Users\tomas\Desktop\articles
2017-02-19 13:11 - 2017-02-19 14:39 - 00000000 ____D C:\Users\tomas\Downloads\vikings
2017-02-19 13:06 - 2017-02-19 14:37 - 00000000 ____D C:\Users\tomas\Downloads\n article
2017-02-12 17:59 - 2017-02-12 17:59 - 00000000 ____D C:\Users\tomas\Downloads\státnice DOPR 2016
2017-02-11 10:48 - 2017-02-23 17:04 - 00000000 ____D C:\Users\tomas\Desktop\hnuj
2017-02-09 11:40 - 2017-02-09 11:40 - 00000000 ____D C:\Users\tomas\Desktop\The_Last_King
2017-02-06 21:21 - 2017-02-06 21:20 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-06 21:11 - 2016-07-15 19:29 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 19:29 - 11602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2017-02-06 21:11 - 2016-07-15 19:17 - 02083328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2017-02-06 21:11 - 2016-07-15 18:45 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 18:31 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2017-02-05 11:00 - 2017-02-05 11:00 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRDCTM.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRAN32.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WDICT32.lnk
2017-02-05 10:46 - 2017-02-13 09:24 - 00000000 ____D C:\Users\tomas\AppData\Roaming\LangSoft
2017-02-05 10:46 - 2017-02-05 10:47 - 00000000 ____D C:\ProgramData\LangSoft
2017-02-05 10:43 - 2017-02-05 10:43 - 00000000 ____D C:\TRANSLAT
2017-02-05 10:12 - 2017-02-19 14:53 - 00000000 ____D C:\Users\tomas\Desktop\experimenty
2017-02-02 23:28 - 2017-02-20 19:32 - 00000000 ____D C:\Users\tomas\Desktop\pyrolalinhellluck1942vjpeg
2017-02-01 16:25 - 2017-02-01 16:36 - 00000333 _____ C:\WINDOWS\SoftWriting.ini
2017-02-01 16:25 - 2017-02-01 16:27 - 00000000 ____D C:\Program Files (x86)\SimpleOCR
2017-02-01 16:25 - 2017-02-01 16:25 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimpleOCR
2017-02-01 16:25 - 1997-04-22 01:00 - 00027632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Ctl3dv2.dll
2017-01-31 18:21 - 2017-02-01 10:12 - 11153742 _____ C:\Users\tomas\Desktop\pgs.pptx
2017-01-29 19:14 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-29 19:14 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-29 08:12 - 2017-01-29 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-24 11:20 - 2016-09-10 19:39 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Skype
2017-02-24 11:07 - 2016-03-19 11:46 - 00000000 ____D C:\Users\tomas\AppData\Local\Adobe
2017-02-24 10:53 - 2016-10-02 07:16 - 00000000 ____D C:\Users\tomas
2017-02-24 10:48 - 2016-10-02 06:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-24 09:12 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\Packages
2017-02-24 09:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-23 18:01 - 2016-10-02 17:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-23 17:59 - 2016-10-02 17:09 - 00003804 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-02-23 17:51 - 2016-07-25 22:05 - 00000000 ____D C:\Users\tomas\AppData\Roaming\PlaysTV
2017-02-23 17:51 - 2016-07-25 22:03 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Raptr
2017-02-23 17:48 - 2016-10-02 06:52 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-23 17:48 - 2016-03-03 04:31 - 00000000 __SHD C:\Users\tomas\IntelGraphicsProfiles
2017-02-23 17:43 - 2016-10-02 17:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-23 17:42 - 2016-09-29 06:48 - 00000000 ____D C:\Program Files\TrueKey
2017-02-23 17:42 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-23 17:40 - 2016-05-25 16:39 - 00000000 ____D C:\AdwCleaner
2017-02-23 17:22 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 17:22 - 2016-03-04 16:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 17:14 - 2016-03-04 16:40 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 17:04 - 2016-09-29 06:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 14:58 - 2017-01-06 22:36 - 00000000 ____D C:\Users\tomas\AppData\Local\CrashDumps
2017-02-23 13:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-23 08:37 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-21 23:30 - 2016-03-28 14:49 - 00000000 ____D C:\Users\tomas\AppData\Roaming\vlc
2017-02-21 13:17 - 2016-09-29 06:58 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-20 10:21 - 2016-10-02 17:09 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-02-19 14:45 - 2016-12-30 10:18 - 00000000 ____D C:\Users\tomas\Desktop\KIMS
2017-02-19 14:20 - 2016-12-26 09:50 - 00000000 ____D C:\Users\tomas\Desktop\pyrol zaloh po 5.2.17
2017-02-19 13:30 - 2016-05-28 06:57 - 00000000 ____D C:\data
2017-02-13 09:24 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\VirtualStore
2017-02-12 18:17 - 2016-09-10 19:38 - 00000000 ____D C:\ProgramData\Skype
2017-02-06 21:34 - 2016-03-26 08:19 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 21:23 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-06 21:11 - 2016-07-16 15:15 - 00000000 ____D C:\WINDOWS\OCR
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 10:13 - 2017-01-07 09:16 - 00000000 ____D C:\Users\tomas\Desktop\experimenty 2017
2017-02-03 20:44 - 2016-09-10 19:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-29 08:12 - 2016-10-02 19:32 - 00000000 ____D C:\Program Files\McAfee Security Scan
==================== Files in the root of some directories =======
2016-08-10 13:10 - 2016-11-08 15:11 - 0000112 _____ () C:\Users\tomas\AppData\Roaming\JP2K CS6 Prefs
2017-02-23 17:44 - 2017-02-23 17:44 - 0000000 ____H () C:\ProgramData\cm-lock
2016-10-02 07:09 - 2016-10-02 07:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2016-12-28 18:15 - 2015-09-03 11:26 - 12203488 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP32.exe
2016-12-28 18:15 - 2015-09-03 11:27 - 12495248 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP64.exe
2016-11-28 13:48 - 2015-05-26 07:52 - 0250472 _____ (Thomson Reuters) C:\Users\tomas\AppData\Local\Temp\Risweb32.exe
2017-01-19 19:10 - 2017-01-19 19:10 - 0381440 _____ () C:\Users\tomas\AppData\Local\Temp\turbojpeg2793987023504395071.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-18 19:11
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosba o preventivku - pc je divný
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\tomas\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\tomas\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosba o preventivku - pc je divný
zde je fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01
Ran by tomas (24-02-2017 13:33:24) Run:1
Running from C:\Users\tomas\Downloads
Loaded Profiles: tomas (Available Profiles: tomas)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\tomas\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} => key removed successfully
HKCR\CLSID\{0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} => key not found.
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1e428c5-f197-11e5-8267-38b1dbdcf3ec} => key removed successfully
HKCR\CLSID\{f1e428c5-f197-11e5-8267-38b1dbdcf3ec} => key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe => moved successfully
"C:\Program Files\McAfee Security Scan" folder move:
Could not move "C:\Program Files\McAfee Security Scan" => Scheduled to move on reboot.
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C5B476F6-FF24-4F97-986B-3F9099CF0015} => key removed successfully
HKCR\CLSID\{C5B476F6-FF24-4F97-986B-3F9099CF0015} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
Firefox SearchEngineOrder.3 removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox "Keyword.URL" removed successfully
C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml => moved successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
HKLM\System\CurrentControlSet\Services\McComponentHostService => key removed successfully
McComponentHostService => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
"C:\Users\tomas\AppData\Local\Temp" folder move:
Could not move "C:\Users\tomas\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 672150019 B
Java, Flash, Steam htmlcache => 900 B
Windows/system/drivers => 71129516 B
Edge => 5432262 B
Chrome => 794486434 B
Firefox => 91100069 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 34803840 B
systemprofile32 => 0 B
LocalService => 18042 B
NetworkService => 131766 B
tomas => 11322745918 B
RecycleBin => 3373015222 B
EmptyTemp: => 15.2 GB temporary data Removed.
================================
Dekuji!
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01
Ran by tomas (24-02-2017 13:33:24) Run:1
Running from C:\Users\tomas\Downloads
Loaded Profiles: tomas (Available Profiles: tomas)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\tomas\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} => key removed successfully
HKCR\CLSID\{0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} => key not found.
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1e428c5-f197-11e5-8267-38b1dbdcf3ec} => key removed successfully
HKCR\CLSID\{f1e428c5-f197-11e5-8267-38b1dbdcf3ec} => key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe => moved successfully
"C:\Program Files\McAfee Security Scan" folder move:
Could not move "C:\Program Files\McAfee Security Scan" => Scheduled to move on reboot.
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C5B476F6-FF24-4F97-986B-3F9099CF0015} => key removed successfully
HKCR\CLSID\{C5B476F6-FF24-4F97-986B-3F9099CF0015} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
Firefox SearchEngineOrder.3 removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox "Keyword.URL" removed successfully
C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml => moved successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
HKLM\System\CurrentControlSet\Services\McComponentHostService => key removed successfully
McComponentHostService => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
"C:\Users\tomas\AppData\Local\Temp" folder move:
Could not move "C:\Users\tomas\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 672150019 B
Java, Flash, Steam htmlcache => 900 B
Windows/system/drivers => 71129516 B
Edge => 5432262 B
Chrome => 794486434 B
Firefox => 91100069 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 34803840 B
systemprofile32 => 0 B
LocalService => 18042 B
NetworkService => 131766 B
tomas => 11322745918 B
RecycleBin => 3373015222 B
EmptyTemp: => 15.2 GB temporary data Removed.
================================
Dekuji!
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosba o preventivku - pc je divný
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosba o preventivku - pc je divný
Ano je to výrazně lepší, děkuji
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosba o preventivku - pc je divný
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?