Zdravím, potřeboval bych pomoct, nějakou havěť jsem si stáhnul do počítače a chová se to tak, že při každém prvním otevření jakého-li prohlížeče jsem přesměrován na nějaké stránky , místo na domovskou, přikládám log, děkuji.Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-08-2016
Ran by Karlos (administrator) on KARLOS-PC (15-08-2016 16:41:32)
Running from C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\IE\B4X92HWV
Loaded Profiles: Karlos (Available Profiles: Karlos & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Autodata Limited) C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(Kenonic Controls Ltd.) C:\Windows\System32\Crypserv.exe
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
() C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5299984 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3280728 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [ESET NOD32 Antivirus Key 2015 ] => wscript.exe //B "C:\Users\Karlos\AppData\Local\Temp\ESET NOD32 Antivirus Key 2015 .vbs" <===== ATTENTION
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [icq.desktop] => C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe [31181448 2016-06-26] ()
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} => C:\Program Files\Grevuied\Wsetlarient\Fezughruiy.dll [2016-08-11] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{54d6e673-9ea9-4dce-ad70-2a74493c8453}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-05-16] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2016-04-01] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2016-02-06] (Autodata Limited) [File not signed]
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1639832 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4097280 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [906512 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [632632 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [52224 2000-06-29] (Kenonic Controls Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082200 2015-11-30] (Disc Soft Ltd)
R2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2016-05-16] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19584 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [67336 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [259328 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [201472 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [246536 2016-07-20] (AVG Technologies CZ, s.r.o.)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [29496 2016-07-23] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [225592 2016-07-23] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-01-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-01-06] (Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [24608 2000-02-03] () [File not signed]
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
S3 DUMeterDrv; \??\C:\Program Files\DU Meter\DUMETR32.SYS [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-15 16:41 - 2016-08-15 16:41 - 00000000 ____D C:\FRST
2016-08-14 16:38 - 2016-08-14 16:02 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw192C.tmp
2016-08-14 16:38 - 2016-08-14 16:02 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw181B.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00734840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw183B.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00434144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw191B.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00118664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw199A.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw18FA.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw186B.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw190A.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw18E9.tmp
2016-08-14 16:13 - 2016-08-14 16:13 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Šablony
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Poslední
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-14 16:13 - 2016-01-09 16:51 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-08-14 16:04 - 2016-08-14 16:04 - 00000000 ____D C:\Users\Karlos\AppData\Local\CEF
2016-08-14 16:02 - 2016-08-14 16:02 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\AVAST Software
2016-08-14 16:01 - 2016-08-14 16:01 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-08-14 16:01 - 2016-08-14 16:01 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-14 16:00 - 2016-08-14 16:39 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-14 16:00 - 2016-08-14 16:02 - 00000000 ____D C:\Program Files\AVAST Software
2016-08-14 15:34 - 2016-08-14 15:37 - 00000000 ____D C:\AdwCleaner
2016-08-14 07:47 - 2016-08-14 07:47 - 00000000 ____D C:\$SysReset
2016-08-13 21:18 - 2016-08-14 15:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-13 18:23 - 2016-08-13 18:23 - 00000000 ____D C:\ProgramData\GridinSoft
2016-08-13 16:33 - 2016-08-13 16:33 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\AVG
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\TuneUp Software
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-13 16:30 - 2016-08-13 16:30 - 00000000 ___HD C:\$AVG
2016-08-13 16:29 - 2016-08-15 16:35 - 00000000 ____D C:\ProgramData\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000913 _____ C:\Users\Public\Desktop\AVG.lnk
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\Users\Karlos\AppData\Local\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-11 16:45 - 2016-08-11 16:53 - 00000000 ____D C:\Program Files\Seznam.cz
2016-08-11 16:44 - 2016-08-11 16:54 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Seznam.cz
2016-08-11 16:37 - 2016-08-13 07:34 - 00000000 ____D C:\Program Files\Grevuied
2016-08-11 16:37 - 2016-08-11 16:37 - 00000000 ____D C:\Users\Karlos\AppData\Local\Vcdomgherrepy
2016-08-11 16:32 - 2016-08-11 16:37 - 47011315 _____ C:\Users\Karlos\Desktop\Rambo-3-(CZ).avi.05skt3c.partial
2016-08-10 16:49 - 2016-08-03 08:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 16:49 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 16:49 - 2016-08-03 07:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 16:49 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 16:49 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 16:49 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 16:49 - 2016-08-03 07:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 16:49 - 2016-08-03 07:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 16:49 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 16:49 - 2016-08-03 07:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 16:49 - 2016-08-03 07:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 16:49 - 2016-08-03 07:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 16:49 - 2016-08-03 07:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 16:49 - 2016-08-03 07:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 16:49 - 2016-08-03 06:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 16:49 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 16:49 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 16:49 - 2016-08-03 06:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 16:49 - 2016-08-03 06:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 16:49 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 16:49 - 2016-08-03 06:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 16:49 - 2016-08-03 06:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 16:49 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 16:49 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 16:49 - 2016-08-03 06:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 16:49 - 2016-08-03 06:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 16:49 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 16:49 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 16:49 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 16:49 - 2016-08-03 06:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 16:49 - 2016-08-03 06:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 16:49 - 2016-08-03 06:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 16:49 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 16:49 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-08 15:47 - 2016-08-08 16:28 - 742450786 _____ C:\Users\Karlos\Desktop\Rambo-2.avi
2016-08-05 18:13 - 2016-08-05 18:13 - 00016128 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\gtkdrv.sys
2016-08-02 17:13 - 2016-08-02 17:18 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\MOBILedit
2016-08-02 17:13 - 2016-08-02 17:13 - 00000000 ____D C:\Users\Karlos\Documents\MOBILedit! Enterprise
2016-08-02 17:09 - 2016-08-02 17:09 - 00000000 ____D C:\Program Files\Compiled Driver Disk (Android)
2016-08-02 17:09 - 2014-09-29 14:03 - 00015616 _____ (Motorola) C:\WINDOWS\system32\mot_ci.dll
2016-08-02 17:08 - 2016-08-02 17:08 - 00000000 ____D C:\Program Files\Phone Drivers Downloader
2016-08-02 17:07 - 2016-08-02 17:07 - 00001135 _____ C:\Users\Public\Desktop\MOBILedit! Enterprise.lnk
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit! Enterprise
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\COMPELSON Labs
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Users\Public\Documents\MobilEdit! Enterprise
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\MOBILedit! Enterprise
2016-08-02 17:06 - 2016-06-06 20:39 - 00028818 _____ C:\Users\Public\Documents\Wipe Exclude.txt
2016-08-02 17:05 - 2016-08-02 17:06 - 00000000 ____D C:\Users\Karlos\Desktop\Nová složka (11)
2016-08-02 17:05 - 2016-08-02 15:26 - 105343492 ____N C:\Users\Karlos\Desktop\MOBILedit!-Enterprise-8.6.0.20253-CZ-(x32x64).rar
2016-07-24 16:17 - 2016-07-24 16:17 - 27712476 _____ C:\Users\Karlos\Desktop\WhatsApp Messenger_v2.16.188_apkpure.com.apk
2016-07-24 07:46 - 2013-07-07 22:41 - 01086533 _____ C:\Users\Karlos\Desktop\DroidCam.3.6.2.exe
2016-07-24 07:45 - 2016-07-24 07:45 - 01069964 _____ C:\Users\Karlos\Desktop\DroidCam-3-6-2.zip
2016-07-23 18:25 - 2016-07-24 07:51 - 00000022 _____ C:\ProgramData\droidcam-settings
2016-07-23 18:25 - 2016-07-23 18:25 - 00000000 ____D C:\Users\Karlos\.android
2016-07-23 18:24 - 2016-07-23 18:24 - 00708871 _____ C:\Users\Karlos\Desktop\DroidCam_Client_6.0.zip
2016-07-23 18:24 - 2016-07-23 18:24 - 00225592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\droidcamvideo.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00029496 _____ (Dev47Apps) C:\WINDOWS\system32\Drivers\droidcam.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00001049 _____ C:\Users\Karlos\Desktop\DroidCamApp.lnk
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Program Files\DroidCam
2016-07-22 17:20 - 2016-07-22 17:20 - 00000000 __SHD C:\found.003
2016-07-20 08:46 - 2016-07-20 08:46 - 00246536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys
2016-07-19 18:15 - 2016-07-19 18:15 - 28588344 _____ (Mobo, Inc.) C:\Users\Karlos\Desktop\MoboMarketPC(official).exe
2016-07-19 17:57 - 2016-07-19 17:58 - 17961047 _____ C:\Users\Karlos\Desktop\TeamViewer-(1).apk
2016-07-19 12:28 - 2016-07-19 12:28 - 00201472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2016-07-16 18:28 - 2016-07-16 18:29 - 02693342 _____ C:\Users\Karlos\Desktop\605rt_126-263.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-14 20:44 - 2016-05-16 16:40 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-14 15:38 - 2016-01-09 16:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-14 15:37 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-14 15:17 - 2016-05-16 16:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-13 18:27 - 2016-05-16 16:37 - 00001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-13 18:27 - 2016-01-09 17:29 - 00001532 _____ C:\Users\Karlos\Desktop\iexplore – zástupce.lnk
2016-08-13 16:34 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-13 16:33 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\Avg
2016-08-13 16:31 - 2015-10-30 07:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-13 16:31 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\ProgramData\Avg
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\Program Files\AVG
2016-08-13 16:29 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\AvgSetupLog
2016-08-13 15:55 - 2009-07-14 04:37 - 00000000 ____D C:\Users\Default.migrated
2016-08-12 21:49 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-12 17:26 - 2016-01-01 17:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 17:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-12 17:26 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 17:23 - 2016-01-01 17:24 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-11 16:40 - 2016-01-09 16:46 - 01993368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-11 16:40 - 2015-10-30 17:08 - 00828410 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-11 16:40 - 2015-10-30 17:08 - 00184778 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-11 16:37 - 2016-05-16 16:37 - 00001300 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-03 08:21 - 2012-07-26 10:18 - 00400304 __RSH C:\bootmgr
2016-08-02 21:11 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-07-28 21:33 - 2016-01-09 16:47 - 00000000 ____D C:\Users\Karlos
2016-07-27 21:25 - 2016-01-01 17:26 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-24 16:21 - 2016-01-09 17:05 - 00002390 _____ C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-24 16:21 - 2016-01-09 17:05 - 00000000 ___RD C:\Users\Karlos\OneDrive
2016-07-24 16:16 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-23 16:15 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-21 20:54 - 2016-01-09 16:41 - 00286048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Files in the root of some directories =======
2016-06-12 16:14 - 2016-06-12 16:24 - 0000136 _____ () C:\Users\Karlos\AppData\Local\trueburner.ini
2016-07-23 18:25 - 2016-07-24 07:51 - 0000022 _____ () C:\ProgramData\droidcam-settings
2016-02-07 16:12 - 2016-02-07 16:12 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Karlos\AppData\Local\Temp\bitool.dll
C:\Users\Karlos\AppData\Local\Temp\Firefox Setup 45.0.exe
C:\Users\Karlos\AppData\Local\Temp\KB2zugUWzX.exe
C:\Users\Karlos\AppData\Local\Temp\libeay32.dll
C:\Users\Karlos\AppData\Local\Temp\msvcr120.dll
C:\Users\Karlos\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Karlos\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Karlos\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Karlos\AppData\Local\Temp\sfareca00001.dll
C:\Users\Karlos\AppData\Local\Temp\sqlite3.dll
C:\Users\Karlos\AppData\Local\Temp\ssins.exe
C:\Users\Karlos\AppData\Local\Temp\temp~.DLL
C:\Users\Karlos\AppData\Local\Temp\temp~.EXE
C:\Users\Karlos\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-07 16:16
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-08-2016
Ran by Karlos (15-08-2016 16:42:20)
Running from C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\IE\B4X92HWV
Microsoft Windows 10 Pro Version 1511 (X86) (2016-01-09 15:00:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-507802796-3567890678-1958908832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-507802796-3567890678-1958908832-503 - Limited - Disabled)
Guest (S-1-5-21-507802796-3567890678-1958908832-501 - Limited - Disabled)
Karlos (S-1-5-21-507802796-3567890678-1958908832-1000 - Administrator - Enabled) => C:\Users\Karlos
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1Click DVD Copy 5.9.5.1 (HKLM\...\1Click DVD Copy 5_is1) (Version: - LG Software Innovations)
Adobe Flash Player 21 NPAPI (HKLM\...\{A7DC9721-4986-4179-BB89-A3E99545584C}) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
APM TEC (HKLM\...\APM TEC) (Version: - )
AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies)
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4647 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compiled Driver Disk (Android) 1.0 (HKLM\...\{759A91E8-0024-45F3-A8F3-CDC5E13B4425}_is1) (Version: 1.0.9.7 - COMPELSON Labs)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
ICQ (verze 10.0.12094) (HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\icq.desktop) (Version: 10.0.12094 - ICQ)
Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
Kontrola české gramatiky pro sadu Microsoft Office 2003 (HKLM\...\{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830 (HKLM\...\{F68B404C-0E04-337F-A132-796508EE337A}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830 (HKLM\...\{50AF8559-F490-381F-A6E7-06A07DE227DC}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20827 (HKLM\...\{97D5031E-CCC0-3AA1-ADE7-6E5E7C032DD5}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20827 (HKLM\...\{3C21516E-0FDA-3794-B714-B6612BA58BDF}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
MOBILedit! Enterprise ver. 8.6.0.20253 (HKLM\...\{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1) (Version: 8.6.0.20253 - COMPELSON Labs)
MOBILedit! Support Libraries (HKLM\...\{9DF587A2-054C-46A2-9B1A-4A230F389E4B}) (Version: 12.0.0 - COMPELSON Labs)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NirSoft WebBrowserPassView (HKLM\...\NirSoft WebBrowserPassView) (Version: - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation)
Ovládací panel NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
Phone Drivers Downloader 1.1 (HKLM\...\{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1) (Version: 1.1.0.0 - COMPELSON Labs)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Redneck Rampage (DOSBox emulation 0.74) (HKLM\...\Redneck Rampage (DOSBox emulation 0.74)) (Version: - )
SEDREAP (HKLM\...\SEDREAP) (Version: - )
Sentinel Protection Installer 7.6.4 (HKLM\...\{7444785E-886F-4989-A69E-6394E36F3982}) (Version: 7.6.4 - SafeNet, Inc.)
Seznam Instalátor (HKLM\...\ssinstall) (Version: - Seznam.cz)
Sniper Elite: Nazi Zombie Army 2 (HKLM\...\Sniper Elite: Nazi Zombie Army 2_is1) (Version: 1.0 - Rebellion)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
True Burner 4.0 (HKLM\...\True Burner_is1) (Version: - Glorylogic)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {069699DE-7EEF-46C1-9AF9-99954B4D03B2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec [Argument = /RestartRecording]
Task: {07AF37D7-0126-4E09-8F06-0F59C37E9D14} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {104432EF-DE32-44C9-AF3C-775D4A0CC52F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {17A130F7-417A-42AE-9727-3E699D436C49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-12] (Microsoft Corporation)
Task: {19698FB3-4D0D-4081-A5BE-ED461EC3EF12} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {30F46781-E4BA-4C19-BC4E-52EEBE4C918C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5B00390F-290C-4174-890E-20B95F1F7A2D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5E3B2ECC-EA6F-4C81-B222-9B9615036FA8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {664B7F0B-FE77-456C-A5AB-073AA3F78340} - System32\Tasks\{0E4D7645-5EAC-4EF9-AD7C-C455A6F45F62} => pcalua.exe -a G:\setup.exe -d G:\
Task: {66AC3831-C3EB-4C54-A6C3-6772AACCF1FD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6C879690-8006-4E79-8EBB-ED538568118F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {720D8264-2CA9-4F83-9CA4-BBC1936C71E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {753D62B2-EFFF-4E82-85C8-8F9CA6FC7C0B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {762BFCC0-2C89-4356-AEFB-58C1C175DDF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {864DC5EE-F4B1-41D1-99ED-985DC15B79B4} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {86E9959D-5332-45AF-84F6-A91DB86BD2FC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A3449EDD-4753-49A5-9154-531068A23026} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23] (Adobe Systems Incorporated)
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AF03CC9C-9689-4C41-92BD-760168A26B4A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C2CC6A77-82D8-43B5-AE8E-56C44024FE83} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C798951F-918D-4D7A-9032-3488ABBB7874} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2F333F7-4F5A-49C4-8644-93B324063C22} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate [Argument = -crl -hms -pscn 15]
Task: {D42CF679-5305-4DA3-8E9D-9E2040287420} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D4EA3BA7-CE3D-44B9-B348-F0BAA3102761} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0EBF89E-E0A1-43A8-B8E6-283EF24CEFFC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-16] (Adobe Systems Incorporated)
Task: {E346BDC0-0AE4-4640-A78A-D8273A3A44CC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F693F6CF-BFC9-4BD2-BFFC-AF27456364C2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate [Argument = $(Arg0)]
Task: {FFC02038-0E74-4686-AF19-1E83B63662CC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Karlos\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
Shortcut: C:\Users\Karlos\Desktop\Redneck Rampage.lnk -> C:\Old\Play.bat ()
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Peugeot Planet Diag.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD (Console Mode).lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Stop PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\ppd_restart.lnk -> C:\app\ppdiag\Utils\ppd_restart.bat (No File)
Shortcut: C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com/
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore – zástupce.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-24 16:21 - 2016-07-24 16:21 - 00679624 _____ () C:\Users\Karlos\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-01-09 16:32 - 2016-01-09 16:32 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 17:06 - 2016-07-01 05:31 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 17:07 - 2016-07-01 05:13 - 05340160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 17:06 - 2016-07-01 05:08 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 17:07 - 2016-07-01 05:08 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 17:07 - 2016-07-01 05:11 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-13 16:29 - 2016-08-13 16:28 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2016-06-26 15:53 - 2016-06-26 15:53 - 31181448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
2016-06-26 15:53 - 2016-06-26 15:53 - 03917448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\corelib.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "DLLSuite2016"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "Sidebar"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "DU Meter"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{FB038FC8-9693-4B83-BE10-942C76F43ACE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7340EC25-7E11-457A-A456-EA31A3091255}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{91D1AE8A-561D-4042-A8FE-5E493B5C7561}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C9B745BD-5BC7-4C6F-BE3D-C135F470D7DD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0A77F6C5-A37B-43D4-853B-633E4FE2A80A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B9B356B0-E912-451A-A203-C01B613EEA61}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B907EA70-B64D-436E-AC4F-52C8E7C3D901}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FF92B4FC-B338-4EBF-B212-2750165C3517}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D197AC91-D654-4C6B-AA61-2FA083E09803}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DB7725F6-53D9-458A-A49F-C29AE17B2C8E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6A11E5B9-67F3-463A-933D-E7F9C448B751}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{093E93A2-07F9-43E1-95B4-5CBD4B02A8CA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{012FD51A-7FF2-4FB5-878D-36962D78140F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EC14E70B-E648-43A4-BB48-ECC8C930945D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AE2B2EAE-42F0-4896-8D44-4512D92D281C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4FA199CF-127D-40BA-BE11-0A99B9610D39}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C90F283B-DE3E-4A31-8EC9-0D827E18B7CE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{D6644056-8D41-4BC3-B21C-5BB3F308A2A1}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [UDP Query User{1E6F1AC1-FD1A-4C38-A3CA-0A236DB31ADB}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{D944CFE1-6F10-466F-B19B-068FF371C0A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1F4D2162-FB23-4929-8C02-8A8FBFCAA2E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4FF12F52-1B0F-48E4-AD9A-919B025BCF8B}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{71051B3D-DFA6-499E-85F0-5D7375A4B067}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{8D212543-8155-4DF0-B315-B10CAE33D824}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{7A8B4247-32AA-4BCB-8420-3ECDCD45E40D}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{6C57DE51-9E73-44D6-862C-5D22EB7B27D6}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{076CB8CB-9974-435B-B91A-04800865A0C4}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{25F23480-A1C3-4B07-995C-01EA19A80638}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{34BCA292-EACF-4205-8440-033952F8CDBA}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{C9441531-1ABA-4C63-9B14-3B205BADA8B3}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{19A0D442-9CA0-40F1-B46E-F78185B5BF6A}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{8AF8F0CF-462D-47A1-B387-4004D138B2EF}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{6F961BF1-7529-4FEB-AAD1-2E7E722A79D8}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{18D6E699-7FB5-4D5B-84AC-B992616EE82E}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{FB733D04-524E-401E-BE7D-36CE6E0E8B88}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
==================== Restore Points =========================
02-08-2016 17:07:02 Nainstalováno: MOBILedit! Support Libraries
12-08-2016 17:19:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/14/2016 07:38:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x631e56b6
ID chybujícího procesu: 0x7bc
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
Error: (08/14/2016 04:04:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Karlos-PC)
Description: Aplikaci Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/14/2016 04:03:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/14/2016 04:02:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1 se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 06:29:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 06:25:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 03:57:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 03:46:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 07:38:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_MapsBroker, verze: 10.0.10586.0, časové razítko: 0x5632d73f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x8400000f
Posun chyby: 0x00000000
ID chybujícího procesu: 0xd58
Čas spuštění chybující aplikace: 0xsvchost.exe_MapsBroker0
Cesta k chybující aplikaci: svchost.exe_MapsBroker1
Cesta k chybujícímu modulu: svchost.exe_MapsBroker2
ID zprávy: svchost.exe_MapsBroker3
Úplný název chybujícího balíčku: svchost.exe_MapsBroker4
ID aplikace související s chybujícím balíčkem: svchost.exe_MapsBroker5
Error: (08/12/2016 09:14:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: Fezughruiy.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x57ac32e7
Kód výjimky: 0xc0000005
Posun chyby: 0x000056b6
ID chybujícího procesu: 0x17c0
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
System errors:
=============
Error: (08/15/2016 04:30:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Wsetlarient Community neuspěla při spuštění v důsledku následující chyby:
%%3 = Systém nemůže nalézt uvedenou cestu.
Error: (08/14/2016 09:42:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_22104 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/14/2016 07:38:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wsetlarient Community byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/14/2016 04:04:33 PM) (Source: DCOM) (EventID: 10010) (User: Karlos-PC)
Description: MicrosoftEdge.AppXg58n4jqcxjfvb6epaz8mmvfjtq8mhj65.mca
Error: (08/14/2016 03:38:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
%%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (08/14/2016 03:37:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_223a5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/14/2016 03:37:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056 = Instance této služby je již spuštěna.
Error: (08/14/2016 03:36:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/14/2016 03:36:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér naslouchání Net.Msmq byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (08/14/2016 03:36:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Reimage Real Time Protector byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2016-08-13 07:35:45.164
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-11 16:51:38.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:38.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:38.776
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:38.746
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.605
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.571
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.556
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:06.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 55%
Total physical RAM: 3327.18 MB
Available physical RAM: 1474.32 MB
Total Virtual: 6655.18 MB
Available Virtual: 5013.26 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.65 GB) (Free:23.09 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (Sniper Elite: Nazi Zombie Army 2) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF
Drive g: (ACTIAO2014) (CDROM) (Total:0.78 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 38023802)
Partition 1: (Active) - (Size=297.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Tak jsem stáhnul ten program a pročistil jím počítač, našlo to 11 věcí a smazalo , zkusil jsem to ještě jednou a už nic, ale stále přetrvává to přesměrování, posílám další log, díky.
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-08-2016 01
Ran by Karlos (16-08-2016 17:21:31)
Running from C:\Users\Karlos\Desktop
Microsoft Windows 10 Pro Version 1511 (X86) (2016-01-09 15:00:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-507802796-3567890678-1958908832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-507802796-3567890678-1958908832-503 - Limited - Disabled)
Guest (S-1-5-21-507802796-3567890678-1958908832-501 - Limited - Disabled)
Karlos (S-1-5-21-507802796-3567890678-1958908832-1000 - Administrator - Enabled) => C:\Users\Karlos
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1Click DVD Copy 5.9.5.1 (HKLM\...\1Click DVD Copy 5_is1) (Version: - LG Software Innovations)
Adobe Flash Player 21 NPAPI (HKLM\...\{A7DC9721-4986-4179-BB89-A3E99545584C}) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
APM TEC (HKLM\...\APM TEC) (Version: - )
AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies)
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4647 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compiled Driver Disk (Android) 1.0 (HKLM\...\{759A91E8-0024-45F3-A8F3-CDC5E13B4425}_is1) (Version: 1.0.9.7 - COMPELSON Labs)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
ICQ (verze 10.0.12094) (HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\icq.desktop) (Version: 10.0.12094 - ICQ)
Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
Kontrola české gramatiky pro sadu Microsoft Office 2003 (HKLM\...\{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830 (HKLM\...\{F68B404C-0E04-337F-A132-796508EE337A}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830 (HKLM\...\{50AF8559-F490-381F-A6E7-06A07DE227DC}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20827 (HKLM\...\{97D5031E-CCC0-3AA1-ADE7-6E5E7C032DD5}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20827 (HKLM\...\{3C21516E-0FDA-3794-B714-B6612BA58BDF}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
MOBILedit! Enterprise ver. 8.6.0.20253 (HKLM\...\{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1) (Version: 8.6.0.20253 - COMPELSON Labs)
MOBILedit! Support Libraries (HKLM\...\{9DF587A2-054C-46A2-9B1A-4A230F389E4B}) (Version: 12.0.0 - COMPELSON Labs)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NirSoft WebBrowserPassView (HKLM\...\NirSoft WebBrowserPassView) (Version: - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation)
Ovládací panel NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
Phone Drivers Downloader 1.1 (HKLM\...\{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1) (Version: 1.1.0.0 - COMPELSON Labs)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Redneck Rampage (DOSBox emulation 0.74) (HKLM\...\Redneck Rampage (DOSBox emulation 0.74)) (Version: - )
SEDREAP (HKLM\...\SEDREAP) (Version: - )
Sentinel Protection Installer 7.6.4 (HKLM\...\{7444785E-886F-4989-A69E-6394E36F3982}) (Version: 7.6.4 - SafeNet, Inc.)
Seznam Instalátor (HKLM\...\ssinstall) (Version: - Seznam.cz)
Sniper Elite: Nazi Zombie Army 2 (HKLM\...\Sniper Elite: Nazi Zombie Army 2_is1) (Version: 1.0 - Rebellion)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
True Burner 4.0 (HKLM\...\True Burner_is1) (Version: - Glorylogic)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {069699DE-7EEF-46C1-9AF9-99954B4D03B2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {07AF37D7-0126-4E09-8F06-0F59C37E9D14} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {104432EF-DE32-44C9-AF3C-775D4A0CC52F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {17A130F7-417A-42AE-9727-3E699D436C49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-12] (Microsoft Corporation)
Task: {19698FB3-4D0D-4081-A5BE-ED461EC3EF12} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {30F46781-E4BA-4C19-BC4E-52EEBE4C918C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5B00390F-290C-4174-890E-20B95F1F7A2D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5E3B2ECC-EA6F-4C81-B222-9B9615036FA8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {664B7F0B-FE77-456C-A5AB-073AA3F78340} - System32\Tasks\{0E4D7645-5EAC-4EF9-AD7C-C455A6F45F62} => pcalua.exe -a G:\setup.exe -d G:\
Task: {66AC3831-C3EB-4C54-A6C3-6772AACCF1FD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6C879690-8006-4E79-8EBB-ED538568118F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {720D8264-2CA9-4F83-9CA4-BBC1936C71E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {753D62B2-EFFF-4E82-85C8-8F9CA6FC7C0B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {762BFCC0-2C89-4356-AEFB-58C1C175DDF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {864DC5EE-F4B1-41D1-99ED-985DC15B79B4} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {86E9959D-5332-45AF-84F6-A91DB86BD2FC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A3449EDD-4753-49A5-9154-531068A23026} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23] (Adobe Systems Incorporated)
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AF03CC9C-9689-4C41-92BD-760168A26B4A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C2CC6A77-82D8-43B5-AE8E-56C44024FE83} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C798951F-918D-4D7A-9032-3488ABBB7874} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2F333F7-4F5A-49C4-8644-93B324063C22} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D42CF679-5305-4DA3-8E9D-9E2040287420} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D4EA3BA7-CE3D-44B9-B348-F0BAA3102761} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0EBF89E-E0A1-43A8-B8E6-283EF24CEFFC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-16] (Adobe Systems Incorporated)
Task: {E346BDC0-0AE4-4640-A78A-D8273A3A44CC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F693F6CF-BFC9-4BD2-BFFC-AF27456364C2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {FFC02038-0E74-4686-AF19-1E83B63662CC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Karlos\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
Shortcut: C:\Users\Karlos\Desktop\Redneck Rampage.lnk -> C:\Old\Play.bat ()
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Peugeot Planet Diag.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD (Console Mode).lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Stop PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\ppd_restart.lnk -> C:\app\ppdiag\Utils\ppd_restart.bat (No File)
Shortcut: C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com/
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore – zástupce.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-24 16:21 - 2016-07-24 16:21 - 00679624 _____ () C:\Users\Karlos\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-01-09 16:32 - 2016-01-09 16:32 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 17:06 - 2016-07-01 05:31 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 17:07 - 2016-07-01 05:13 - 05340160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 17:06 - 2016-07-01 05:08 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 17:07 - 2016-07-01 05:08 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 17:07 - 2016-07-01 05:11 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-13 16:29 - 2016-08-13 16:28 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2016-06-26 15:53 - 2016-06-26 15:53 - 31181448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
2016-06-26 15:53 - 2016-06-26 15:53 - 03917448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\corelib.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "DLLSuite2016"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "Sidebar"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "DU Meter"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{FB038FC8-9693-4B83-BE10-942C76F43ACE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7340EC25-7E11-457A-A456-EA31A3091255}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{91D1AE8A-561D-4042-A8FE-5E493B5C7561}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C9B745BD-5BC7-4C6F-BE3D-C135F470D7DD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0A77F6C5-A37B-43D4-853B-633E4FE2A80A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B9B356B0-E912-451A-A203-C01B613EEA61}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B907EA70-B64D-436E-AC4F-52C8E7C3D901}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FF92B4FC-B338-4EBF-B212-2750165C3517}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D197AC91-D654-4C6B-AA61-2FA083E09803}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DB7725F6-53D9-458A-A49F-C29AE17B2C8E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6A11E5B9-67F3-463A-933D-E7F9C448B751}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{093E93A2-07F9-43E1-95B4-5CBD4B02A8CA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{012FD51A-7FF2-4FB5-878D-36962D78140F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EC14E70B-E648-43A4-BB48-ECC8C930945D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AE2B2EAE-42F0-4896-8D44-4512D92D281C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4FA199CF-127D-40BA-BE11-0A99B9610D39}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C90F283B-DE3E-4A31-8EC9-0D827E18B7CE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{D6644056-8D41-4BC3-B21C-5BB3F308A2A1}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [UDP Query User{1E6F1AC1-FD1A-4C38-A3CA-0A236DB31ADB}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{D944CFE1-6F10-466F-B19B-068FF371C0A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1F4D2162-FB23-4929-8C02-8A8FBFCAA2E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4FF12F52-1B0F-48E4-AD9A-919B025BCF8B}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{71051B3D-DFA6-499E-85F0-5D7375A4B067}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{8D212543-8155-4DF0-B315-B10CAE33D824}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{7A8B4247-32AA-4BCB-8420-3ECDCD45E40D}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{6C57DE51-9E73-44D6-862C-5D22EB7B27D6}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{076CB8CB-9974-435B-B91A-04800865A0C4}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{25F23480-A1C3-4B07-995C-01EA19A80638}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{34BCA292-EACF-4205-8440-033952F8CDBA}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{C9441531-1ABA-4C63-9B14-3B205BADA8B3}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{19A0D442-9CA0-40F1-B46E-F78185B5BF6A}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{8AF8F0CF-462D-47A1-B387-4004D138B2EF}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{6F961BF1-7529-4FEB-AAD1-2E7E722A79D8}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{18D6E699-7FB5-4D5B-84AC-B992616EE82E}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{FB733D04-524E-401E-BE7D-36CE6E0E8B88}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
==================== Restore Points =========================
02-08-2016 17:07:02 Nainstalováno: MOBILedit! Support Libraries
12-08-2016 17:19:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/15/2016 08:30:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: Fezughruiy.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x57ac32e7
Kód výjimky: 0xc0000005
Posun chyby: 0x000056b6
ID chybujícího procesu: 0x1fc0
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
Error: (08/14/2016 07:38:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x631e56b6
ID chybujícího procesu: 0x7bc
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
Error: (08/14/2016 04:04:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Karlos-PC)
Description: Aplikaci Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/14/2016 04:03:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/14/2016 04:02:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1 se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 06:29:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 06:25:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 03:57:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 03:46:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 07:38:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_MapsBroker, verze: 10.0.10586.0, časové razítko: 0x5632d73f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x8400000f
Posun chyby: 0x00000000
ID chybujícího procesu: 0xd58
Čas spuštění chybující aplikace: 0xsvchost.exe_MapsBroker0
Cesta k chybující aplikaci: svchost.exe_MapsBroker1
Cesta k chybujícímu modulu: svchost.exe_MapsBroker2
ID zprávy: svchost.exe_MapsBroker3
Úplný název chybujícího balíčku: svchost.exe_MapsBroker4
ID aplikace související s chybujícím balíčkem: svchost.exe_MapsBroker5
System errors:
=============
Error: (08/16/2016 05:07:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
%%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (08/16/2016 05:06:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069 = Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (08/16/2016 05:06:39 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50 = Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (08/16/2016 05:06:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_265c7db byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/16/2016 05:06:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2016 05:06:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér naslouchání Net.Msmq byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (08/16/2016 05:06:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (08/16/2016 05:06:09 PM) (Source: WAS) (EventID: 5175) (User: )
Description: Došlo k neočekávanému odpojení adaptéru naslouchání, který obsluhuje protokol net.msmq.
Error: (08/16/2016 05:06:09 PM) (Source: WAS) (EventID: 5175) (User: )
Description: Došlo k neočekávanému odpojení adaptéru naslouchání, který obsluhuje protokol msmq.formatname.
Error: (08/16/2016 05:06:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér naslouchání Net.Pipe byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2016-08-13 07:35:45.164
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-11 16:51:38.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:38.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:38.776
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:38.746
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.605
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.571
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.556
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:06.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 47%
Total physical RAM: 3327.18 MB
Available physical RAM: 1738.19 MB
Total Virtual: 6655.18 MB
Available Virtual: 5128 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.65 GB) (Free:23.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (Sniper Elite: Nazi Zombie Army 2) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF
Drive g: (ACTIAO2014) (CDROM) (Total:0.78 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 38023802)
Partition 1: (Active) - (Size=297.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-08-2016 01
Ran by Karlos (administrator) on KARLOS-PC (16-08-2016 17:20:46)
Running from C:\Users\Karlos\Desktop
Loaded Profiles: Karlos (Available Profiles: Karlos & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodata Limited) C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(Kenonic Controls Ltd.) C:\Windows\System32\Crypserv.exe
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
() C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Karlos\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcfgex.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5299984 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3280728 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [ESET NOD32 Antivirus Key 2015 ] => wscript.exe //B "C:\Users\Karlos\AppData\Local\Temp\ESET NOD32 Antivirus Key 2015 .vbs" <===== ATTENTION
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [icq.desktop] => C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe [31181448 2016-06-26] ()
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{54d6e673-9ea9-4dce-ad70-2a74493c8453}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-05-16] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2016-04-01] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2016-02-06] (Autodata Limited) [File not signed]
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1639832 2016-07-28] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4097280 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [906512 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [632632 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [52224 2000-06-29] (Kenonic Controls Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082200 2015-11-30] (Disc Soft Ltd)
R2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2016-05-16] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19584 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [67336 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [259328 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [201472 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [246536 2016-07-20] (AVG Technologies CZ, s.r.o.)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [29496 2016-07-23] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [225592 2016-07-23] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-01-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-01-06] (Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [24608 2000-02-03] () [File not signed]
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
S3 DUMeterDrv; \??\C:\Program Files\DU Meter\DUMETR32.SYS [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-16 17:20 - 2016-08-16 17:21 - 00010893 _____ C:\Users\Karlos\Desktop\FRST.txt
2016-08-16 17:20 - 2016-08-16 17:20 - 00112640 _____ (forum.viry.cz) C:\Users\Karlos\Desktop\FRSTLauncher.exe
2016-08-16 17:20 - 2016-08-16 17:20 - 00029696 _____ C:\Users\Karlos\AppData\Local\MSGBOX.EXE
2016-08-16 17:20 - 2016-08-16 17:20 - 00015327 _____ C:\Users\Karlos\Desktop\LM.bat
2016-08-16 17:17 - 2016-08-16 17:20 - 01744896 _____ (Farbar) C:\Users\Karlos\Desktop\FRST.exe
2016-08-16 17:03 - 2016-08-16 17:03 - 03784256 _____ C:\Users\Karlos\Desktop\adwcleaner_6.000.exe
2016-08-15 16:41 - 2016-08-16 17:20 - 00000000 ____D C:\FRST
2016-08-14 16:13 - 2016-08-14 16:13 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Šablony
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Poslední
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-14 16:13 - 2016-01-09 16:51 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-08-14 16:04 - 2016-08-14 16:04 - 00000000 ____D C:\Users\Karlos\AppData\Local\CEF
2016-08-14 16:01 - 2016-08-14 16:01 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-08-14 16:00 - 2016-08-16 17:07 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-14 15:34 - 2016-08-16 17:15 - 00000000 ____D C:\AdwCleaner
2016-08-14 07:47 - 2016-08-14 07:47 - 00000000 ____D C:\$SysReset
2016-08-13 21:18 - 2016-08-16 17:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-13 18:23 - 2016-08-13 18:23 - 00000000 ____D C:\ProgramData\GridinSoft
2016-08-13 16:33 - 2016-08-13 16:33 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\AVG
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\TuneUp Software
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-13 16:30 - 2016-08-13 16:30 - 00000000 ___HD C:\$AVG
2016-08-13 16:29 - 2016-08-16 17:08 - 00000000 ____D C:\ProgramData\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000913 _____ C:\Users\Public\Desktop\AVG.lnk
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\Users\Karlos\AppData\Local\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-11 16:45 - 2016-08-11 16:53 - 00000000 ____D C:\Program Files\Seznam.cz
2016-08-11 16:44 - 2016-08-11 16:54 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Seznam.cz
2016-08-11 16:37 - 2016-08-13 07:34 - 00000000 ____D C:\Program Files\Grevuied
2016-08-11 16:37 - 2016-08-11 16:37 - 00000000 ____D C:\Users\Karlos\AppData\Local\Vcdomgherrepy
2016-08-10 16:49 - 2016-08-03 08:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 16:49 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 16:49 - 2016-08-03 07:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 16:49 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 16:49 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 16:49 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 16:49 - 2016-08-03 07:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 16:49 - 2016-08-03 07:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 16:49 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 16:49 - 2016-08-03 07:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 16:49 - 2016-08-03 07:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 16:49 - 2016-08-03 07:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 16:49 - 2016-08-03 07:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 16:49 - 2016-08-03 07:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 16:49 - 2016-08-03 06:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 16:49 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 16:49 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 16:49 - 2016-08-03 06:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 16:49 - 2016-08-03 06:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 16:49 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 16:49 - 2016-08-03 06:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 16:49 - 2016-08-03 06:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 16:49 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 16:49 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 16:49 - 2016-08-03 06:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 16:49 - 2016-08-03 06:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 16:49 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 16:49 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 16:49 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 16:49 - 2016-08-03 06:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 16:49 - 2016-08-03 06:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 16:49 - 2016-08-03 06:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 16:49 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 16:49 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-08 15:47 - 2016-08-08 16:28 - 742450786 _____ C:\Users\Karlos\Desktop\Rambo-2.avi
2016-08-05 18:13 - 2016-08-05 18:13 - 00016128 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\gtkdrv.sys
2016-08-02 17:13 - 2016-08-02 17:18 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\MOBILedit
2016-08-02 17:13 - 2016-08-02 17:13 - 00000000 ____D C:\Users\Karlos\Documents\MOBILedit! Enterprise
2016-08-02 17:09 - 2016-08-02 17:09 - 00000000 ____D C:\Program Files\Compiled Driver Disk (Android)
2016-08-02 17:09 - 2014-09-29 14:03 - 00015616 _____ (Motorola) C:\WINDOWS\system32\mot_ci.dll
2016-08-02 17:08 - 2016-08-02 17:08 - 00000000 ____D C:\Program Files\Phone Drivers Downloader
2016-08-02 17:07 - 2016-08-02 17:07 - 00001135 _____ C:\Users\Public\Desktop\MOBILedit! Enterprise.lnk
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit! Enterprise
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\COMPELSON Labs
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Users\Public\Documents\MobilEdit! Enterprise
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\MOBILedit! Enterprise
2016-08-02 17:06 - 2016-06-06 20:39 - 00028818 _____ C:\Users\Public\Documents\Wipe Exclude.txt
2016-08-02 17:05 - 2016-08-02 17:06 - 00000000 ____D C:\Users\Karlos\Desktop\Nová složka (11)
2016-08-02 17:05 - 2016-08-02 15:26 - 105343492 ____N C:\Users\Karlos\Desktop\MOBILedit!-Enterprise-8.6.0.20253-CZ-(x32x64).rar
2016-07-24 16:17 - 2016-07-24 16:17 - 27712476 _____ C:\Users\Karlos\Desktop\WhatsApp Messenger_v2.16.188_apkpure.com.apk
2016-07-24 07:46 - 2013-07-07 22:41 - 01086533 _____ C:\Users\Karlos\Desktop\DroidCam.3.6.2.exe
2016-07-24 07:45 - 2016-07-24 07:45 - 01069964 _____ C:\Users\Karlos\Desktop\DroidCam-3-6-2.zip
2016-07-23 18:25 - 2016-07-24 07:51 - 00000022 _____ C:\ProgramData\droidcam-settings
2016-07-23 18:25 - 2016-07-23 18:25 - 00000000 ____D C:\Users\Karlos\.android
2016-07-23 18:24 - 2016-07-23 18:24 - 00708871 _____ C:\Users\Karlos\Desktop\DroidCam_Client_6.0.zip
2016-07-23 18:24 - 2016-07-23 18:24 - 00225592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\droidcamvideo.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00029496 _____ (Dev47Apps) C:\WINDOWS\system32\Drivers\droidcam.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00001049 _____ C:\Users\Karlos\Desktop\DroidCamApp.lnk
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Program Files\DroidCam
2016-07-22 17:20 - 2016-07-22 17:20 - 00000000 __SHD C:\found.003
2016-07-20 08:46 - 2016-07-20 08:46 - 00246536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys
2016-07-19 18:15 - 2016-07-19 18:15 - 28588344 _____ (Mobo, Inc.) C:\Users\Karlos\Desktop\MoboMarketPC(official).exe
2016-07-19 17:57 - 2016-07-19 17:58 - 17961047 _____ C:\Users\Karlos\Desktop\TeamViewer-(1).apk
2016-07-19 12:28 - 2016-07-19 12:28 - 00201472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-16 17:07 - 2016-01-09 16:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-16 17:06 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-15 20:44 - 2016-05-16 16:40 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-14 15:17 - 2016-05-16 16:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-13 18:27 - 2016-05-16 16:37 - 00001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-13 18:27 - 2016-01-09 17:29 - 00001532 _____ C:\Users\Karlos\Desktop\iexplore – zástupce.lnk
2016-08-13 16:34 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-13 16:33 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\Avg
2016-08-13 16:31 - 2015-10-30 07:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-13 16:31 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\ProgramData\Avg
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\Program Files\AVG
2016-08-13 16:29 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\AvgSetupLog
2016-08-13 15:55 - 2009-07-14 04:37 - 00000000 ____D C:\Users\Default.migrated
2016-08-12 21:49 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-12 17:26 - 2016-01-01 17:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 17:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-12 17:26 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 17:23 - 2016-01-01 17:24 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-11 16:40 - 2016-01-09 16:46 - 01993368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-11 16:40 - 2015-10-30 17:08 - 00828410 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-11 16:40 - 2015-10-30 17:08 - 00184778 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-11 16:37 - 2016-05-16 16:37 - 00001300 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-03 08:21 - 2012-07-26 10:18 - 00400304 __RSH C:\bootmgr
2016-08-02 21:11 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-07-28 21:33 - 2016-01-09 16:47 - 00000000 ____D C:\Users\Karlos
2016-07-27 21:25 - 2016-01-01 17:26 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-24 16:21 - 2016-01-09 17:05 - 00002390 _____ C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-24 16:21 - 2016-01-09 17:05 - 00000000 ___RD C:\Users\Karlos\OneDrive
2016-07-24 16:16 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-23 16:15 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-21 20:54 - 2016-01-09 16:41 - 00286048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Files in the root of some directories =======
2016-08-16 17:20 - 2016-08-16 17:20 - 0029696 _____ () C:\Users\Karlos\AppData\Local\MSGBOX.EXE
2016-06-12 16:14 - 2016-06-12 16:24 - 0000136 _____ () C:\Users\Karlos\AppData\Local\trueburner.ini
2016-07-23 18:25 - 2016-07-24 07:51 - 0000022 _____ () C:\ProgramData\droidcam-settings
2016-02-07 16:12 - 2016-02-07 16:12 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Karlos\AppData\Local\Temp\bitool.dll
C:\Users\Karlos\AppData\Local\Temp\Firefox Setup 45.0.exe
C:\Users\Karlos\AppData\Local\Temp\KB2zugUWzX.exe
C:\Users\Karlos\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Karlos\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Karlos\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Karlos\AppData\Local\Temp\sfareca00001.dll
C:\Users\Karlos\AppData\Local\Temp\ssins.exe
C:\Users\Karlos\AppData\Local\Temp\temp~.DLL
C:\Users\Karlos\AppData\Local\Temp\temp~.EXE
C:\Users\Karlos\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-07 16:16
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-08-2016 01
Ran by Karlos (16-08-2016 17:21:31)
Running from C:\Users\Karlos\Desktop
Microsoft Windows 10 Pro Version 1511 (X86) (2016-01-09 15:00:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-507802796-3567890678-1958908832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-507802796-3567890678-1958908832-503 - Limited - Disabled)
Guest (S-1-5-21-507802796-3567890678-1958908832-501 - Limited - Disabled)
Karlos (S-1-5-21-507802796-3567890678-1958908832-1000 - Administrator - Enabled) => C:\Users\Karlos
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1Click DVD Copy 5.9.5.1 (HKLM\...\1Click DVD Copy 5_is1) (Version: - LG Software Innovations)
Adobe Flash Player 21 NPAPI (HKLM\...\{A7DC9721-4986-4179-BB89-A3E99545584C}) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
APM TEC (HKLM\...\APM TEC) (Version: - )
AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies)
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4647 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compiled Driver Disk (Android) 1.0 (HKLM\...\{759A91E8-0024-45F3-A8F3-CDC5E13B4425}_is1) (Version: 1.0.9.7 - COMPELSON Labs)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
ICQ (verze 10.0.12094) (HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\icq.desktop) (Version: 10.0.12094 - ICQ)
Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
Kontrola české gramatiky pro sadu Microsoft Office 2003 (HKLM\...\{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830 (HKLM\...\{F68B404C-0E04-337F-A132-796508EE337A}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830 (HKLM\...\{50AF8559-F490-381F-A6E7-06A07DE227DC}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20827 (HKLM\...\{97D5031E-CCC0-3AA1-ADE7-6E5E7C032DD5}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20827 (HKLM\...\{3C21516E-0FDA-3794-B714-B6612BA58BDF}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
MOBILedit! Enterprise ver. 8.6.0.20253 (HKLM\...\{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1) (Version: 8.6.0.20253 - COMPELSON Labs)
MOBILedit! Support Libraries (HKLM\...\{9DF587A2-054C-46A2-9B1A-4A230F389E4B}) (Version: 12.0.0 - COMPELSON Labs)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NirSoft WebBrowserPassView (HKLM\...\NirSoft WebBrowserPassView) (Version: - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation)
Ovládací panel NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
Phone Drivers Downloader 1.1 (HKLM\...\{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1) (Version: 1.1.0.0 - COMPELSON Labs)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Redneck Rampage (DOSBox emulation 0.74) (HKLM\...\Redneck Rampage (DOSBox emulation 0.74)) (Version: - )
SEDREAP (HKLM\...\SEDREAP) (Version: - )
Sentinel Protection Installer 7.6.4 (HKLM\...\{7444785E-886F-4989-A69E-6394E36F3982}) (Version: 7.6.4 - SafeNet, Inc.)
Seznam Instalátor (HKLM\...\ssinstall) (Version: - Seznam.cz)
Sniper Elite: Nazi Zombie Army 2 (HKLM\...\Sniper Elite: Nazi Zombie Army 2_is1) (Version: 1.0 - Rebellion)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
True Burner 4.0 (HKLM\...\True Burner_is1) (Version: - Glorylogic)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {069699DE-7EEF-46C1-9AF9-99954B4D03B2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {07AF37D7-0126-4E09-8F06-0F59C37E9D14} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {104432EF-DE32-44C9-AF3C-775D4A0CC52F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {17A130F7-417A-42AE-9727-3E699D436C49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-12] (Microsoft Corporation)
Task: {19698FB3-4D0D-4081-A5BE-ED461EC3EF12} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {30F46781-E4BA-4C19-BC4E-52EEBE4C918C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5B00390F-290C-4174-890E-20B95F1F7A2D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5E3B2ECC-EA6F-4C81-B222-9B9615036FA8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {664B7F0B-FE77-456C-A5AB-073AA3F78340} - System32\Tasks\{0E4D7645-5EAC-4EF9-AD7C-C455A6F45F62} => pcalua.exe -a G:\setup.exe -d G:\
Task: {66AC3831-C3EB-4C54-A6C3-6772AACCF1FD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6C879690-8006-4E79-8EBB-ED538568118F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {720D8264-2CA9-4F83-9CA4-BBC1936C71E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {753D62B2-EFFF-4E82-85C8-8F9CA6FC7C0B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {762BFCC0-2C89-4356-AEFB-58C1C175DDF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {864DC5EE-F4B1-41D1-99ED-985DC15B79B4} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {86E9959D-5332-45AF-84F6-A91DB86BD2FC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A3449EDD-4753-49A5-9154-531068A23026} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23] (Adobe Systems Incorporated)
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AF03CC9C-9689-4C41-92BD-760168A26B4A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C2CC6A77-82D8-43B5-AE8E-56C44024FE83} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C798951F-918D-4D7A-9032-3488ABBB7874} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2F333F7-4F5A-49C4-8644-93B324063C22} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D42CF679-5305-4DA3-8E9D-9E2040287420} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D4EA3BA7-CE3D-44B9-B348-F0BAA3102761} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0EBF89E-E0A1-43A8-B8E6-283EF24CEFFC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-16] (Adobe Systems Incorporated)
Task: {E346BDC0-0AE4-4640-A78A-D8273A3A44CC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F693F6CF-BFC9-4BD2-BFFC-AF27456364C2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {FFC02038-0E74-4686-AF19-1E83B63662CC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Karlos\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
Shortcut: C:\Users\Karlos\Desktop\Redneck Rampage.lnk -> C:\Old\Play.bat ()
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Peugeot Planet Diag.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD (Console Mode).lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Stop PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\ppd_restart.lnk -> C:\app\ppdiag\Utils\ppd_restart.bat (No File)
Shortcut: C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com/
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore – zástupce.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-24 16:21 - 2016-07-24 16:21 - 00679624 _____ () C:\Users\Karlos\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-01-09 16:32 - 2016-01-09 16:32 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 17:06 - 2016-07-01 05:31 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 17:07 - 2016-07-01 05:13 - 05340160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 17:06 - 2016-07-01 05:08 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 17:07 - 2016-07-01 05:08 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 17:07 - 2016-07-01 05:11 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-13 16:29 - 2016-08-13 16:28 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2016-06-26 15:53 - 2016-06-26 15:53 - 31181448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
2016-06-26 15:53 - 2016-06-26 15:53 - 03917448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\corelib.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "DLLSuite2016"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "Sidebar"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "DU Meter"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{FB038FC8-9693-4B83-BE10-942C76F43ACE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7340EC25-7E11-457A-A456-EA31A3091255}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{91D1AE8A-561D-4042-A8FE-5E493B5C7561}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C9B745BD-5BC7-4C6F-BE3D-C135F470D7DD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0A77F6C5-A37B-43D4-853B-633E4FE2A80A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B9B356B0-E912-451A-A203-C01B613EEA61}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B907EA70-B64D-436E-AC4F-52C8E7C3D901}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FF92B4FC-B338-4EBF-B212-2750165C3517}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D197AC91-D654-4C6B-AA61-2FA083E09803}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DB7725F6-53D9-458A-A49F-C29AE17B2C8E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6A11E5B9-67F3-463A-933D-E7F9C448B751}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{093E93A2-07F9-43E1-95B4-5CBD4B02A8CA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{012FD51A-7FF2-4FB5-878D-36962D78140F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EC14E70B-E648-43A4-BB48-ECC8C930945D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AE2B2EAE-42F0-4896-8D44-4512D92D281C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4FA199CF-127D-40BA-BE11-0A99B9610D39}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C90F283B-DE3E-4A31-8EC9-0D827E18B7CE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{D6644056-8D41-4BC3-B21C-5BB3F308A2A1}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [UDP Query User{1E6F1AC1-FD1A-4C38-A3CA-0A236DB31ADB}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{D944CFE1-6F10-466F-B19B-068FF371C0A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1F4D2162-FB23-4929-8C02-8A8FBFCAA2E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4FF12F52-1B0F-48E4-AD9A-919B025BCF8B}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{71051B3D-DFA6-499E-85F0-5D7375A4B067}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{8D212543-8155-4DF0-B315-B10CAE33D824}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{7A8B4247-32AA-4BCB-8420-3ECDCD45E40D}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{6C57DE51-9E73-44D6-862C-5D22EB7B27D6}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{076CB8CB-9974-435B-B91A-04800865A0C4}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{25F23480-A1C3-4B07-995C-01EA19A80638}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{34BCA292-EACF-4205-8440-033952F8CDBA}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{C9441531-1ABA-4C63-9B14-3B205BADA8B3}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{19A0D442-9CA0-40F1-B46E-F78185B5BF6A}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{8AF8F0CF-462D-47A1-B387-4004D138B2EF}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{6F961BF1-7529-4FEB-AAD1-2E7E722A79D8}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{18D6E699-7FB5-4D5B-84AC-B992616EE82E}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{FB733D04-524E-401E-BE7D-36CE6E0E8B88}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
==================== Restore Points =========================
02-08-2016 17:07:02 Nainstalováno: MOBILedit! Support Libraries
12-08-2016 17:19:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/15/2016 08:30:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: Fezughruiy.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x57ac32e7
Kód výjimky: 0xc0000005
Posun chyby: 0x000056b6
ID chybujícího procesu: 0x1fc0
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
Error: (08/14/2016 07:38:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x631e56b6
ID chybujícího procesu: 0x7bc
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5
Error: (08/14/2016 04:04:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Karlos-PC)
Description: Aplikaci Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/14/2016 04:03:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/14/2016 04:02:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1 se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 06:29:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 06:25:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 03:57:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 03:46:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/13/2016 07:38:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_MapsBroker, verze: 10.0.10586.0, časové razítko: 0x5632d73f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x8400000f
Posun chyby: 0x00000000
ID chybujícího procesu: 0xd58
Čas spuštění chybující aplikace: 0xsvchost.exe_MapsBroker0
Cesta k chybující aplikaci: svchost.exe_MapsBroker1
Cesta k chybujícímu modulu: svchost.exe_MapsBroker2
ID zprávy: svchost.exe_MapsBroker3
Úplný název chybujícího balíčku: svchost.exe_MapsBroker4
ID aplikace související s chybujícím balíčkem: svchost.exe_MapsBroker5
System errors:
=============
Error: (08/16/2016 05:07:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
%%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (08/16/2016 05:06:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069 = Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (08/16/2016 05:06:39 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50 = Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (08/16/2016 05:06:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_265c7db byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/16/2016 05:06:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2016 05:06:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér naslouchání Net.Msmq byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (08/16/2016 05:06:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (08/16/2016 05:06:09 PM) (Source: WAS) (EventID: 5175) (User: )
Description: Došlo k neočekávanému odpojení adaptéru naslouchání, který obsluhuje protokol net.msmq.
Error: (08/16/2016 05:06:09 PM) (Source: WAS) (EventID: 5175) (User: )
Description: Došlo k neočekávanému odpojení adaptéru naslouchání, který obsluhuje protokol msmq.formatname.
Error: (08/16/2016 05:06:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér naslouchání Net.Pipe byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2016-08-13 07:35:45.164
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-11 16:51:38.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:38.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:38.776
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:38.746
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.605
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.571
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:08.556
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 16:51:06.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 47%
Total physical RAM: 3327.18 MB
Available physical RAM: 1738.19 MB
Total Virtual: 6655.18 MB
Available Virtual: 5128 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.65 GB) (Free:23.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (Sniper Elite: Nazi Zombie Army 2) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF
Drive g: (ACTIAO2014) (CDROM) (Total:0.78 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 38023802)
Partition 1: (Active) - (Size=297.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-08-2016 01
Ran by Karlos (administrator) on KARLOS-PC (16-08-2016 17:20:46)
Running from C:\Users\Karlos\Desktop
Loaded Profiles: Karlos (Available Profiles: Karlos & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodata Limited) C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(Kenonic Controls Ltd.) C:\Windows\System32\Crypserv.exe
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
() C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Karlos\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcfgex.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5299984 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3280728 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [ESET NOD32 Antivirus Key 2015 ] => wscript.exe //B "C:\Users\Karlos\AppData\Local\Temp\ESET NOD32 Antivirus Key 2015 .vbs" <===== ATTENTION
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [icq.desktop] => C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe [31181448 2016-06-26] ()
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{54d6e673-9ea9-4dce-ad70-2a74493c8453}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-05-16] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2016-04-01] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2016-02-06] (Autodata Limited) [File not signed]
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1639832 2016-07-28] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4097280 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [906512 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [632632 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [52224 2000-06-29] (Kenonic Controls Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082200 2015-11-30] (Disc Soft Ltd)
R2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2016-05-16] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19584 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [67336 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [259328 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [201472 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [246536 2016-07-20] (AVG Technologies CZ, s.r.o.)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [29496 2016-07-23] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [225592 2016-07-23] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-01-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-01-06] (Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [24608 2000-02-03] () [File not signed]
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
S3 DUMeterDrv; \??\C:\Program Files\DU Meter\DUMETR32.SYS [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-16 17:20 - 2016-08-16 17:21 - 00010893 _____ C:\Users\Karlos\Desktop\FRST.txt
2016-08-16 17:20 - 2016-08-16 17:20 - 00112640 _____ (forum.viry.cz) C:\Users\Karlos\Desktop\FRSTLauncher.exe
2016-08-16 17:20 - 2016-08-16 17:20 - 00029696 _____ C:\Users\Karlos\AppData\Local\MSGBOX.EXE
2016-08-16 17:20 - 2016-08-16 17:20 - 00015327 _____ C:\Users\Karlos\Desktop\LM.bat
2016-08-16 17:17 - 2016-08-16 17:20 - 01744896 _____ (Farbar) C:\Users\Karlos\Desktop\FRST.exe
2016-08-16 17:03 - 2016-08-16 17:03 - 03784256 _____ C:\Users\Karlos\Desktop\adwcleaner_6.000.exe
2016-08-15 16:41 - 2016-08-16 17:20 - 00000000 ____D C:\FRST
2016-08-14 16:13 - 2016-08-14 16:13 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Šablony
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Poslední
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-14 16:13 - 2016-01-09 16:51 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-08-14 16:04 - 2016-08-14 16:04 - 00000000 ____D C:\Users\Karlos\AppData\Local\CEF
2016-08-14 16:01 - 2016-08-14 16:01 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-08-14 16:00 - 2016-08-16 17:07 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-14 15:34 - 2016-08-16 17:15 - 00000000 ____D C:\AdwCleaner
2016-08-14 07:47 - 2016-08-14 07:47 - 00000000 ____D C:\$SysReset
2016-08-13 21:18 - 2016-08-16 17:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-13 18:23 - 2016-08-13 18:23 - 00000000 ____D C:\ProgramData\GridinSoft
2016-08-13 16:33 - 2016-08-13 16:33 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\AVG
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\TuneUp Software
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-13 16:30 - 2016-08-13 16:30 - 00000000 ___HD C:\$AVG
2016-08-13 16:29 - 2016-08-16 17:08 - 00000000 ____D C:\ProgramData\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000913 _____ C:\Users\Public\Desktop\AVG.lnk
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\Users\Karlos\AppData\Local\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-11 16:45 - 2016-08-11 16:53 - 00000000 ____D C:\Program Files\Seznam.cz
2016-08-11 16:44 - 2016-08-11 16:54 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Seznam.cz
2016-08-11 16:37 - 2016-08-13 07:34 - 00000000 ____D C:\Program Files\Grevuied
2016-08-11 16:37 - 2016-08-11 16:37 - 00000000 ____D C:\Users\Karlos\AppData\Local\Vcdomgherrepy
2016-08-10 16:49 - 2016-08-03 08:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 16:49 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 16:49 - 2016-08-03 07:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 16:49 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 16:49 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 16:49 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 16:49 - 2016-08-03 07:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 16:49 - 2016-08-03 07:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 16:49 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 16:49 - 2016-08-03 07:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 16:49 - 2016-08-03 07:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 16:49 - 2016-08-03 07:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 16:49 - 2016-08-03 07:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 16:49 - 2016-08-03 07:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 16:49 - 2016-08-03 06:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 16:49 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 16:49 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 16:49 - 2016-08-03 06:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 16:49 - 2016-08-03 06:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 16:49 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 16:49 - 2016-08-03 06:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 16:49 - 2016-08-03 06:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 16:49 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 16:49 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 16:49 - 2016-08-03 06:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 16:49 - 2016-08-03 06:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 16:49 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 16:49 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 16:49 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 16:49 - 2016-08-03 06:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 16:49 - 2016-08-03 06:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 16:49 - 2016-08-03 06:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 16:49 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 16:49 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-08 15:47 - 2016-08-08 16:28 - 742450786 _____ C:\Users\Karlos\Desktop\Rambo-2.avi
2016-08-05 18:13 - 2016-08-05 18:13 - 00016128 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\gtkdrv.sys
2016-08-02 17:13 - 2016-08-02 17:18 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\MOBILedit
2016-08-02 17:13 - 2016-08-02 17:13 - 00000000 ____D C:\Users\Karlos\Documents\MOBILedit! Enterprise
2016-08-02 17:09 - 2016-08-02 17:09 - 00000000 ____D C:\Program Files\Compiled Driver Disk (Android)
2016-08-02 17:09 - 2014-09-29 14:03 - 00015616 _____ (Motorola) C:\WINDOWS\system32\mot_ci.dll
2016-08-02 17:08 - 2016-08-02 17:08 - 00000000 ____D C:\Program Files\Phone Drivers Downloader
2016-08-02 17:07 - 2016-08-02 17:07 - 00001135 _____ C:\Users\Public\Desktop\MOBILedit! Enterprise.lnk
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit! Enterprise
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\COMPELSON Labs
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Users\Public\Documents\MobilEdit! Enterprise
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\MOBILedit! Enterprise
2016-08-02 17:06 - 2016-06-06 20:39 - 00028818 _____ C:\Users\Public\Documents\Wipe Exclude.txt
2016-08-02 17:05 - 2016-08-02 17:06 - 00000000 ____D C:\Users\Karlos\Desktop\Nová složka (11)
2016-08-02 17:05 - 2016-08-02 15:26 - 105343492 ____N C:\Users\Karlos\Desktop\MOBILedit!-Enterprise-8.6.0.20253-CZ-(x32x64).rar
2016-07-24 16:17 - 2016-07-24 16:17 - 27712476 _____ C:\Users\Karlos\Desktop\WhatsApp Messenger_v2.16.188_apkpure.com.apk
2016-07-24 07:46 - 2013-07-07 22:41 - 01086533 _____ C:\Users\Karlos\Desktop\DroidCam.3.6.2.exe
2016-07-24 07:45 - 2016-07-24 07:45 - 01069964 _____ C:\Users\Karlos\Desktop\DroidCam-3-6-2.zip
2016-07-23 18:25 - 2016-07-24 07:51 - 00000022 _____ C:\ProgramData\droidcam-settings
2016-07-23 18:25 - 2016-07-23 18:25 - 00000000 ____D C:\Users\Karlos\.android
2016-07-23 18:24 - 2016-07-23 18:24 - 00708871 _____ C:\Users\Karlos\Desktop\DroidCam_Client_6.0.zip
2016-07-23 18:24 - 2016-07-23 18:24 - 00225592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\droidcamvideo.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00029496 _____ (Dev47Apps) C:\WINDOWS\system32\Drivers\droidcam.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00001049 _____ C:\Users\Karlos\Desktop\DroidCamApp.lnk
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Program Files\DroidCam
2016-07-22 17:20 - 2016-07-22 17:20 - 00000000 __SHD C:\found.003
2016-07-20 08:46 - 2016-07-20 08:46 - 00246536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys
2016-07-19 18:15 - 2016-07-19 18:15 - 28588344 _____ (Mobo, Inc.) C:\Users\Karlos\Desktop\MoboMarketPC(official).exe
2016-07-19 17:57 - 2016-07-19 17:58 - 17961047 _____ C:\Users\Karlos\Desktop\TeamViewer-(1).apk
2016-07-19 12:28 - 2016-07-19 12:28 - 00201472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-16 17:07 - 2016-01-09 16:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-16 17:06 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-15 20:44 - 2016-05-16 16:40 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-14 15:17 - 2016-05-16 16:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-13 18:27 - 2016-05-16 16:37 - 00001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-13 18:27 - 2016-01-09 17:29 - 00001532 _____ C:\Users\Karlos\Desktop\iexplore – zástupce.lnk
2016-08-13 16:34 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-13 16:33 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\Avg
2016-08-13 16:31 - 2015-10-30 07:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-13 16:31 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\ProgramData\Avg
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\Program Files\AVG
2016-08-13 16:29 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\AvgSetupLog
2016-08-13 15:55 - 2009-07-14 04:37 - 00000000 ____D C:\Users\Default.migrated
2016-08-12 21:49 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-12 17:26 - 2016-01-01 17:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 17:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-12 17:26 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 17:23 - 2016-01-01 17:24 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-11 16:40 - 2016-01-09 16:46 - 01993368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-11 16:40 - 2015-10-30 17:08 - 00828410 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-11 16:40 - 2015-10-30 17:08 - 00184778 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-11 16:37 - 2016-05-16 16:37 - 00001300 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-03 08:21 - 2012-07-26 10:18 - 00400304 __RSH C:\bootmgr
2016-08-02 21:11 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-07-28 21:33 - 2016-01-09 16:47 - 00000000 ____D C:\Users\Karlos
2016-07-27 21:25 - 2016-01-01 17:26 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-24 16:21 - 2016-01-09 17:05 - 00002390 _____ C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-24 16:21 - 2016-01-09 17:05 - 00000000 ___RD C:\Users\Karlos\OneDrive
2016-07-24 16:16 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-23 16:15 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-21 20:54 - 2016-01-09 16:41 - 00286048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Files in the root of some directories =======
2016-08-16 17:20 - 2016-08-16 17:20 - 0029696 _____ () C:\Users\Karlos\AppData\Local\MSGBOX.EXE
2016-06-12 16:14 - 2016-06-12 16:24 - 0000136 _____ () C:\Users\Karlos\AppData\Local\trueburner.ini
2016-07-23 18:25 - 2016-07-24 07:51 - 0000022 _____ () C:\ProgramData\droidcam-settings
2016-02-07 16:12 - 2016-02-07 16:12 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Karlos\AppData\Local\Temp\bitool.dll
C:\Users\Karlos\AppData\Local\Temp\Firefox Setup 45.0.exe
C:\Users\Karlos\AppData\Local\Temp\KB2zugUWzX.exe
C:\Users\Karlos\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Karlos\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Karlos\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Karlos\AppData\Local\Temp\sfareca00001.dll
C:\Users\Karlos\AppData\Local\Temp\ssins.exe
C:\Users\Karlos\AppData\Local\Temp\temp~.DLL
C:\Users\Karlos\AppData\Local\Temp\temp~.EXE
C:\Users\Karlos\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-07 16:16
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Users\Karlos\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Vkládám další log dle návodu. díky.
Fix result of Farbar Recovery Scan Tool (x86) Version: 15-08-2016 01
Ran by Karlos (17-08-2016 16:47:47) Run:1
Running from C:\Users\Karlos\Desktop
Loaded Profiles: Karlos (Available Profiles: Karlos & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Users\Karlos\AppData\Local\Temp
End
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09371643-E48C-4A44-9AF6-09AADBF2CFBD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09371643-E48C-4A44-9AF6-09AADBF2CFBD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F81388C-07A9-4579-9A81-61D7CF449642}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F81388C-07A9-4579-9A81-61D7CF449642}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16BBD878-5193-4F0C-8FAB-25E51B668B61}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16BBD878-5193-4F0C-8FAB-25E51B668B61}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E43894B-C7F8-43BF-AD1E-E5C656BDD585}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E43894B-C7F8-43BF-AD1E-E5C656BDD585}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{347426D2-2764-497C-B701-73E1ED55DFEA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347426D2-2764-497C-B701-73E1ED55DFEA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56B39150-549A-4699-83E8-DFB2C32E296B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56B39150-549A-4699-83E8-DFB2C32E296B}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81D950FB-A821-4A16-A6FD-6399510A781B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81D950FB-A821-4A16-A6FD-6399510A781B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Reimage Reminder => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2D89EFE-5F89-4DCC-8469-E84A84963292}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2D89EFE-5F89-4DCC-8469-E84A84963292}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9736CF9-0BA2-4E70-9F1C-AC049CDA448C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9736CF9-0BA2-4E70-9F1C-AC049CDA448C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0711ABA-A2C6-4E19-B66A-8A94F613B260}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0711ABA-A2C6-4E19-B66A-8A94F613B260}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC530881-C713-4EED-821E-4609ED1FCE6F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC530881-C713-4EED-821E-4609ED1FCE6F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully.
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Shortcut argument removed successfully..
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0410681f-bc52-11e5-bb28-002421dfe993}" => key removed successfully.
HKCR\CLSID\{0410681f-bc52-11e5-bb28-002421dfe993} => key not found.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62bef837-d1a4-11e5-bb31-002421dfe993}" => key removed successfully.
HKCR\CLSID\{62bef837-d1a4-11e5-bb31-002421dfe993} => key not found.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7223087d-d898-11e5-bb34-002421dfe993}" => key removed successfully.
HKCR\CLSID\{7223087d-d898-11e5-bb34-002421dfe993} => key not found.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c47eebad-ccdc-11e5-bb2f-002421dfe993}" => key removed successfully.
HKCR\CLSID\{c47eebad-ccdc-11e5-bb2f-002421dfe993} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
idsvc => service removed successfully.
wpcsvc => service removed successfully.
C:\Users\Karlos\AppData\Local\Temp => moved successfully
==== End of Fixlog 16:47:53 ====
Fix result of Farbar Recovery Scan Tool (x86) Version: 15-08-2016 01
Ran by Karlos (17-08-2016 16:47:47) Run:1
Running from C:\Users\Karlos\Desktop
Loaded Profiles: Karlos (Available Profiles: Karlos & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Users\Karlos\AppData\Local\Temp
End
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09371643-E48C-4A44-9AF6-09AADBF2CFBD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09371643-E48C-4A44-9AF6-09AADBF2CFBD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F81388C-07A9-4579-9A81-61D7CF449642}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F81388C-07A9-4579-9A81-61D7CF449642}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16BBD878-5193-4F0C-8FAB-25E51B668B61}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16BBD878-5193-4F0C-8FAB-25E51B668B61}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E43894B-C7F8-43BF-AD1E-E5C656BDD585}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E43894B-C7F8-43BF-AD1E-E5C656BDD585}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{347426D2-2764-497C-B701-73E1ED55DFEA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347426D2-2764-497C-B701-73E1ED55DFEA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56B39150-549A-4699-83E8-DFB2C32E296B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56B39150-549A-4699-83E8-DFB2C32E296B}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81D950FB-A821-4A16-A6FD-6399510A781B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81D950FB-A821-4A16-A6FD-6399510A781B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Reimage Reminder => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2D89EFE-5F89-4DCC-8469-E84A84963292}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2D89EFE-5F89-4DCC-8469-E84A84963292}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9736CF9-0BA2-4E70-9F1C-AC049CDA448C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9736CF9-0BA2-4E70-9F1C-AC049CDA448C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0711ABA-A2C6-4E19-B66A-8A94F613B260}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0711ABA-A2C6-4E19-B66A-8A94F613B260}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC530881-C713-4EED-821E-4609ED1FCE6F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC530881-C713-4EED-821E-4609ED1FCE6F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully.
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Shortcut argument removed successfully..
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0410681f-bc52-11e5-bb28-002421dfe993}" => key removed successfully.
HKCR\CLSID\{0410681f-bc52-11e5-bb28-002421dfe993} => key not found.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62bef837-d1a4-11e5-bb31-002421dfe993}" => key removed successfully.
HKCR\CLSID\{62bef837-d1a4-11e5-bb31-002421dfe993} => key not found.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7223087d-d898-11e5-bb34-002421dfe993}" => key removed successfully.
HKCR\CLSID\{7223087d-d898-11e5-bb34-002421dfe993} => key not found.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c47eebad-ccdc-11e5-bb2f-002421dfe993}" => key removed successfully.
HKCR\CLSID\{c47eebad-ccdc-11e5-bb2f-002421dfe993} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
idsvc => service removed successfully.
wpcsvc => service removed successfully.
C:\Users\Karlos\AppData\Local\Temp => moved successfully
==== End of Fixlog 16:47:53 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Bohužel nic se nestalo, pořád mě to přesměrovává dál. Je to peklo 
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Udělejte tyto skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Karlos on st 17.08.2016 at 18:17:00,15.
Microsoft Windows 10 Pro 10.0.10586 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Karlos\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17.8.2016 18:18:14 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Program Files\DivX deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Seznam.cz deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Karlos\AppData\Local\ActiveSync deleted successfully
C:\Users\Karlos\AppData\Local\PDFCreator deleted successfully
C:\Users\Karlos\AppData\Local\PeerDistRepub deleted successfully
C:\Users\Karlos\AppData\Local\Vcdomgherrepy deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Crypkey License deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Karlos\AppData\Roaming\Profiles\Mezakhdash.default\prefs.js:
Added to C:\Users\Karlos\AppData\Roaming\Profiles\Mezakhdash.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default\prefs.js:
Added to C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\Program Files\DivX not found
C:\Program Files\Seznam.cz not found
C:\PROGRA~3\DivX deleted
C:\Users\Karlos\.android deleted
C:\Program Files\LG Software Innovations deleted
C:\DOSBox.exe deleted
C:\Uninstal.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\ProgramData\droidcam-settings" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Karlos\AppData\Roaming\Profiles\Mezakhdash.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
B1C27279B4C0E7076C952A99193DD94C - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
4E300C1C2D477A98275FF6CA45FA16E3 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
1B743D5B6FD001660FAB17DD7C347A38 - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In
EA8FCF30D2961369435C84CE3B3063F1 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U23
44CD19D98995CB3056F406113B175820 - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.230.5
F627791AB91E01A9829A8D9B6E024D52 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll - Shockwave Flash
4F3F6B17B4A5BDB68B3CB0367A2C214E - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight
==== Chromium Look ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... 02&pc=UE04
==== Reset Google Chrome ======================
Nothing found to reset
==== shortcuts on Users Desktops ======================
C:\Users\Karlos\Desktop\1CLICK DVD COPY 5.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\1ClickDvdCopy.exe
C:\Users\Karlos\Desktop\DroidCamApp.lnk - C:\Program Files\DroidCam\DroidCamApp.exe
C:\Users\Karlos\Desktop\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\Desktop\iexplore – zástupce.lnk -
C:\Users\Karlos\Desktop\Redneck Rampage.lnk - C:\Old\Play.bat
C:\Users\Karlos\Desktop\SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe
C:\Users\Karlos\Desktop\WinRAR – zástupce.lnk -
C:\Users\Karlos\Desktop\záloha SEDRE Peugeot.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Peugeot Planet Diag.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD (Console Mode).lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Stop PPD.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\PPDBrowser.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\ppd_restart.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\DCS\config\shortcut\Peugeot Planet System\Peugeot Planet 2000.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\DCS\config\shortcut\Peugeot Planet System\Peugeot Planet Measure.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\DCS\config\shortcut\Peugeot Planet System\Peugeot Planet Office.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\PPE\config\shortcut\Peugeot Planet System\Peugeot Planet Office.lnk -
C:\Users\Karlos\Desktop\Nová složka (5)\Autodata 3.40\ADCDA2\Autodata 3.40.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\APM TEC.lnk - C:\Program Files\Workshop\workshop.exe
C:\Users\Public\Desktop\Autodata CDA-3.lnk - C:\autodata\Autodata_CDA3_43\Autorun.exe
C:\Users\Public\Desktop\AVG.lnk - C:\Program Files\AVG\Framework\Common\avguix.exe /zen.open_ui
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLauncher.exe
C:\Users\Public\Desktop\MOBILedit Enterprise.lnk -
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe
C:\Users\Public\Desktop\Redneck Rampage.lnk - C:\Program Files\Redneck Rampage\DOSBox.exe -conf play.conf
C:\Users\Public\Desktop\Sniper Elite Nazi Zombie Army 2.lnk - C:\Program Files\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
C:\Users\Public\Desktop\True Burner.lnk - C:\Program Files\Glorylogic\True Burner\TrueBurner.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Karlos\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\DroidCam Client.lnk - C:\Program Files\DroidCam\DroidCamApp.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\Uninstall.lnk - C:\Program Files\DroidCam\Uninstall.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\Uninstall ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icqsetup.exe -uninstall
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Click DVD Copy 5\1Click DVD Copy on the Web.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\lgsoftwareinnovations.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Click DVD Copy 5\1Click DVD Copy.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\1ClickDvdCopy.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Click DVD Copy 5\Uninstall 1Click DVD Copy.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG Protection.lnk - C:\Program Files\AVG\Av\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen\AVG.lnk - C:\Program Files\AVG\Framework\Common\avguix.exe /zen.open_ui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic\True Burner\Help.lnk - C:\Program Files\Glorylogic\True Burner\TrueBurner.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic\True Burner\True Burner.lnk - C:\Program Files\Glorylogic\True Burner\TrueBurner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic\True Burner\Uninstall True Burner.lnk - C:\Program Files\Glorylogic\True Burner\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit Enterprise.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage\Redneck Rampage - Configuration.lnk - C:\Program Files\Redneck Rampage\Setup.bat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage\Redneck Rampage.lnk - C:\Program Files\Redneck Rampage\DOSBox.exe -conf play.conf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage\Uninstall Redneck Rampage.lnk - C:\Program Files\Redneck Rampage\Uninstal.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite Nazi Zombie Army 2\Sniper Elite Nazi Zombie Army 2.lnk - C:\Program Files\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite Nazi Zombie Army 2\View the manual.lnk - C:\Program Files\Sniper Elite Nazi Zombie Army 2\Sniper Elite NZA2 Manual E.pdf
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://safesurfs.net/?ssid=1470926211&a ... 405f37a441"
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://safesurfs.net/?ssid=1470926211&a ... 405f37a441"
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore – zástupce.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
==== shortcuts After Repair ======================
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files\Internet Explorer\iexplore.exe
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Karlos\AppData\Local\Mozilla\Firefox\Profiles\ihdkgkb6.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=131 folders=29 214182384 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Karlos\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied
==== EOF on st 17.08.2016 at 18:34:12,20 ======================
Tool run by Karlos on st 17.08.2016 at 18:17:00,15.
Microsoft Windows 10 Pro 10.0.10586 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Karlos\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17.8.2016 18:18:14 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Program Files\DivX deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Seznam.cz deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Karlos\AppData\Local\ActiveSync deleted successfully
C:\Users\Karlos\AppData\Local\PDFCreator deleted successfully
C:\Users\Karlos\AppData\Local\PeerDistRepub deleted successfully
C:\Users\Karlos\AppData\Local\Vcdomgherrepy deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Crypkey License deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Karlos\AppData\Roaming\Profiles\Mezakhdash.default\prefs.js:
Added to C:\Users\Karlos\AppData\Roaming\Profiles\Mezakhdash.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default\prefs.js:
Added to C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\Program Files\DivX not found
C:\Program Files\Seznam.cz not found
C:\PROGRA~3\DivX deleted
C:\Users\Karlos\.android deleted
C:\Program Files\LG Software Innovations deleted
C:\DOSBox.exe deleted
C:\Uninstal.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\ProgramData\droidcam-settings" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Karlos\AppData\Roaming\Profiles\Mezakhdash.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
B1C27279B4C0E7076C952A99193DD94C - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
4E300C1C2D477A98275FF6CA45FA16E3 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
1B743D5B6FD001660FAB17DD7C347A38 - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In
EA8FCF30D2961369435C84CE3B3063F1 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U23
44CD19D98995CB3056F406113B175820 - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.230.5
F627791AB91E01A9829A8D9B6E024D52 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll - Shockwave Flash
4F3F6B17B4A5BDB68B3CB0367A2C214E - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight
==== Chromium Look ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... 02&pc=UE04
==== Reset Google Chrome ======================
Nothing found to reset
==== shortcuts on Users Desktops ======================
C:\Users\Karlos\Desktop\1CLICK DVD COPY 5.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\1ClickDvdCopy.exe
C:\Users\Karlos\Desktop\DroidCamApp.lnk - C:\Program Files\DroidCam\DroidCamApp.exe
C:\Users\Karlos\Desktop\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\Desktop\iexplore – zástupce.lnk -
C:\Users\Karlos\Desktop\Redneck Rampage.lnk - C:\Old\Play.bat
C:\Users\Karlos\Desktop\SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe
C:\Users\Karlos\Desktop\WinRAR – zástupce.lnk -
C:\Users\Karlos\Desktop\záloha SEDRE Peugeot.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Peugeot Planet Diag.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD (Console Mode).lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Stop PPD.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\PPDBrowser.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\ppd_restart.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\DCS\config\shortcut\Peugeot Planet System\Peugeot Planet 2000.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\DCS\config\shortcut\Peugeot Planet System\Peugeot Planet Measure.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\DCS\config\shortcut\Peugeot Planet System\Peugeot Planet Office.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\PPE\config\shortcut\Peugeot Planet System\Peugeot Planet Office.lnk -
C:\Users\Karlos\Desktop\Nová složka (5)\Autodata 3.40\ADCDA2\Autodata 3.40.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\APM TEC.lnk - C:\Program Files\Workshop\workshop.exe
C:\Users\Public\Desktop\Autodata CDA-3.lnk - C:\autodata\Autodata_CDA3_43\Autorun.exe
C:\Users\Public\Desktop\AVG.lnk - C:\Program Files\AVG\Framework\Common\avguix.exe /zen.open_ui
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLauncher.exe
C:\Users\Public\Desktop\MOBILedit Enterprise.lnk -
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe
C:\Users\Public\Desktop\Redneck Rampage.lnk - C:\Program Files\Redneck Rampage\DOSBox.exe -conf play.conf
C:\Users\Public\Desktop\Sniper Elite Nazi Zombie Army 2.lnk - C:\Program Files\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
C:\Users\Public\Desktop\True Burner.lnk - C:\Program Files\Glorylogic\True Burner\TrueBurner.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Karlos\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\DroidCam Client.lnk - C:\Program Files\DroidCam\DroidCamApp.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\Uninstall.lnk - C:\Program Files\DroidCam\Uninstall.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\Uninstall ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icqsetup.exe -uninstall
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Click DVD Copy 5\1Click DVD Copy on the Web.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\lgsoftwareinnovations.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Click DVD Copy 5\1Click DVD Copy.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\1ClickDvdCopy.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Click DVD Copy 5\Uninstall 1Click DVD Copy.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG Protection.lnk - C:\Program Files\AVG\Av\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen\AVG.lnk - C:\Program Files\AVG\Framework\Common\avguix.exe /zen.open_ui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic\True Burner\Help.lnk - C:\Program Files\Glorylogic\True Burner\TrueBurner.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic\True Burner\True Burner.lnk - C:\Program Files\Glorylogic\True Burner\TrueBurner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic\True Burner\Uninstall True Burner.lnk - C:\Program Files\Glorylogic\True Burner\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit Enterprise.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage\Redneck Rampage - Configuration.lnk - C:\Program Files\Redneck Rampage\Setup.bat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage\Redneck Rampage.lnk - C:\Program Files\Redneck Rampage\DOSBox.exe -conf play.conf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage\Uninstall Redneck Rampage.lnk - C:\Program Files\Redneck Rampage\Uninstal.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite Nazi Zombie Army 2\Sniper Elite Nazi Zombie Army 2.lnk - C:\Program Files\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite Nazi Zombie Army 2\View the manual.lnk - C:\Program Files\Sniper Elite Nazi Zombie Army 2\Sniper Elite NZA2 Manual E.pdf
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://safesurfs.net/?ssid=1470926211&a ... 405f37a441"
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://safesurfs.net/?ssid=1470926211&a ... 405f37a441"
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore – zástupce.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
==== shortcuts After Repair ======================
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files\Internet Explorer\iexplore.exe
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Karlos\AppData\Local\Mozilla\Firefox\Profiles\ihdkgkb6.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=131 folders=29 214182384 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Karlos\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied
==== EOF on st 17.08.2016 at 18:34:12,20 ======================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zoek něco smazal. A Junkware?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Ten stale bezi.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Aha. Až skončí, dejte log a zprávu, zda to pomohlo.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Tak přidávám další část, zatím se nic nezměnilo, ještě jsem možná neuvedl, že používám win 10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x86
Ran by Karlos (Administrator) on źt 18.08.2016 at 16:26:07,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 5
Successfully deleted: C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-69B6DA43.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\AVG_PROTECTION_FREE_698.EXE-6B31DE8E.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\AVG_PROTECTION_FREE_698.EXE-8046BC9D.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DELPHI_DS150E_KEYGEN_FREE_DOW-FA6F1B38.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERINSTALLER.EXE-1A37B3ED.pf (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 18.08.2016 at 16:28:03,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x86
Ran by Karlos (Administrator) on źt 18.08.2016 at 16:26:07,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 5
Successfully deleted: C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-69B6DA43.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\AVG_PROTECTION_FREE_698.EXE-6B31DE8E.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\AVG_PROTECTION_FREE_698.EXE-8046BC9D.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DELPHI_DS150E_KEYGEN_FREE_DOW-FA6F1B38.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERINSTALLER.EXE-1A37B3ED.pf (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 18.08.2016 at 16:28:03,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
OK. V kterém prohlížeči se to děje?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Děje se to v mozile i exploreru.
Přispějete na provoz fóra?