Prosím o kontrolu logu.

Zpráva

David27 · #1 Příspěvek od **David27** » 29 lis 2016 14:54

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-11-2016
Ran by David (administrator) on DAVID-PC (29-11-2016 14:48:20)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [103936 2015-01-29] (Leadtek Research Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1004064 2016-08-30] (Microsoft Corporation)
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2916352 2013-01-09] (Leadtek Research Inc.)
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\Run: [] => [X]
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2016-11-18] (Wargaming.net)
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\MountPoints2: {52c9ff79-7a36-11e4-80b3-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\MountPoints2: {8cbb3e6d-7b19-11e4-9d6a-0016e61dba70} - J:\setup\rsrc\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-12-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6F4A0B47-3901-4C1D-B651-9C8908E5AF4F}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=14199 ... 5_8CFE791B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14199 ... 5_8CFE791B
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14199 ... 5_8CFE791B
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000 -> DefaultScope {CBE71FC5-11CB-4C0F-A5F5-FCF3194AF675} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2
SearchScopes: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000 -> {CBE71FC5-11CB-4C0F-A5F5-FCF3194AF675} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1419515038&from=amt&uid=395049983_266035_8CFE791B

FireFox:
========
FF DefaultProfile: phfw7fmu.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default [2016-11-29]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\phfw7fmu.default -> mystartsearch
FF Homepage: Mozilla\Firefox\Profiles\phfw7fmu.default -> seznam.cz
FF Extension: (Google Translator for Firefox) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\Extensions\translator@zoli.bod.xpi [2016-04-28]
FF Extension: (Adblock Plus) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\extensions\faststartff@gmail.com => not found
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml [2014-12-30]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\omiga-plus.xml [2014-12-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-24] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-12-04] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4190961195-4124743048-3094127975-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4190961195-4124743048-3094127975-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [104200 2016-08-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-08-30] (Microsoft Corporation)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 RapiMgr; %windir%\WindowsMobile\rapimgr.dll [X]
S2 WcesComm; %windir%\WindowsMobile\wcescomm.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1040512 2010-10-13] (NXP Semiconductors Germany GmbH)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-03] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
U0 aswVmm; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-29 14:48 - 2016-11-29 14:49 - 00012290 _____ C:\Users\David\Desktop\FRST.txt
2016-11-29 14:47 - 2016-11-29 14:48 - 00000000 ____D C:\FRST
2016-11-29 14:45 - 2016-11-29 14:45 - 01760768 _____ (Farbar) C:\Users\David\Desktop\FRST.exe
2016-11-29 14:44 - 2016-11-29 14:44 - 00029696 _____ C:\Users\David\AppData\Local\MSGBOX.EXE
2016-11-28 11:10 - 2016-11-28 11:26 - 00000000 ____D C:\ESD
2016-11-28 11:09 - 2016-11-28 11:09 - 00000000 ___HD C:\$Windows.~WS
2016-11-27 16:49 - 2016-11-27 16:49 - 00000000 ____D C:\Users\David\AppData\Local\ESET
2016-11-27 16:33 - 2016-11-29 14:36 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-11-27 16:33 - 2016-11-27 16:33 - 00002719 _____ C:\Users\Public\Desktop\Skype.lnk
2016-11-27 16:33 - 2016-11-27 16:33 - 00000000 ___RD C:\Program Files\Skype
2016-11-27 16:33 - 2016-11-27 16:33 - 00000000 ____D C:\ProgramData\Skype
2016-11-27 16:33 - 2016-11-27 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-11-27 16:33 - 2016-11-27 16:33 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-11-27 10:54 - 2016-11-27 11:05 - 00000000 ____D C:\z déčka
2016-11-25 18:11 - 2016-11-25 18:11 - 00000000 ____D C:\Program Files\AGEIA Technologies
2016-11-25 18:04 - 2016-11-29 13:39 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-25 18:04 - 2016-11-25 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-25 18:04 - 2014-07-02 20:42 - 04389848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-11-25 18:04 - 2014-07-02 20:42 - 03063256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2016-11-25 18:04 - 2014-07-02 20:42 - 02556360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-11-25 18:04 - 2014-07-02 20:42 - 00670552 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-11-25 18:04 - 2014-07-02 20:42 - 00377288 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-11-25 18:04 - 2014-07-02 20:42 - 00062936 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-25 18:04 - 2014-07-02 18:39 - 00609240 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2016-11-25 18:04 - 2014-07-02 06:14 - 03826628 _____ C:\Windows\system32\nvcoproc.bin
2016-11-25 18:03 - 2016-11-25 18:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-25 18:03 - 2014-07-02 21:54 - 00061728 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 24198088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 15296456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 11283344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 11222048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 10681176 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-11-25 18:01 - 2014-07-02 21:54 - 03988952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 02814656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 00907096 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 00869152 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2016-11-25 18:01 - 2014-07-02 21:54 - 00021215 _____ C:\Windows\system32\nvinfo.pb
2016-11-25 17:57 - 2016-11-25 18:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-25 16:33 - 2016-11-25 16:33 - 00000000 ____D C:\Users\David\AppData\Roaming\BlackBean
2016-11-25 16:32 - 2016-11-25 16:32 - 00000737 _____ C:\Users\David\Desktop\WRC2.lnk
2016-11-25 16:32 - 2016-11-25 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Bean Games
2016-11-25 16:22 - 2016-11-25 16:22 - 00000000 ____D C:\Black Bean Games
2016-11-24 18:33 - 2016-11-29 14:00 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-24 18:33 - 2016-11-24 18:35 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-11-24 18:33 - 2016-11-24 18:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-11-16 18:16 - 2016-11-29 13:57 - 00000000 ____D C:\Users\David\AppData\LocalLow\Mozilla
2016-11-16 15:39 - 2016-11-19 07:58 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-11 16:00 - 2016-11-11 16:00 - 00159992 _____ C:\Windows\Minidump\111116-17921-01.dmp
2016-11-09 08:44 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 08:44 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 08:44 - 2016-11-02 16:16 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 08:44 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 08:44 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 08:44 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 08:44 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 08:44 - 2016-10-27 15:16 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 08:44 - 2016-10-25 15:54 - 02399744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 08:44 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-09 08:44 - 2016-10-22 18:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-09 08:44 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-09 08:44 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-09 08:44 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 08:44 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-09 08:44 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-09 08:44 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 08:44 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-09 08:44 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-09 08:44 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-09 08:44 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 08:44 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-09 08:44 - 2016-10-22 18:21 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-09 08:44 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-09 08:44 - 2016-10-22 18:13 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-09 08:44 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-09 08:44 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-09 08:44 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-09 08:44 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-09 08:44 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 08:44 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 08:44 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-09 08:44 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 08:44 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 08:44 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 08:44 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 08:44 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-09 08:44 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 08:44 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 08:44 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 08:44 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 08:44 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 08:44 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 08:44 - 2016-10-11 16:24 - 00250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 08:44 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 08:44 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 08:44 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 08:44 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 08:44 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 08:44 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 08:44 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 08:44 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 08:44 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 08:44 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 08:44 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 08:44 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 08:44 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 08:44 - 2016-10-10 16:21 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-09 08:44 - 2016-10-10 16:21 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-09 08:44 - 2016-10-10 16:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-09 08:44 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-09 08:44 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-09 08:44 - 2016-10-10 15:50 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-09 08:44 - 2016-10-10 15:50 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-09 08:44 - 2016-10-10 15:50 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-09 08:44 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-09 08:44 - 2016-10-10 15:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-09 08:44 - 2016-10-10 15:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-09 08:44 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-11-09 08:44 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 08:44 - 2016-10-07 16:15 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-09 08:44 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-09 08:44 - 2016-10-07 15:54 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-09 08:44 - 2016-10-07 15:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-09 08:44 - 2016-10-07 15:54 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-09 08:44 - 2016-10-07 15:54 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-09 08:44 - 2016-10-07 15:51 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-09 08:44 - 2016-10-07 15:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-09 08:44 - 2016-10-05 15:50 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 08:44 - 2016-09-15 15:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-09 08:44 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-09 08:44 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 08:44 - 2016-08-21 14:05 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-29 13:51 - 2009-07-14 05:34 - 00022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-29 13:51 - 2009-07-14 05:34 - 00022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-29 13:39 - 2014-12-25 14:47 - 00000928 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2016-11-29 13:39 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-28 20:52 - 2014-12-25 14:47 - 00000932 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2016-11-28 11:26 - 2014-12-02 16:16 - 00000000 ____D C:\Windows\Panther
2016-11-27 14:05 - 2014-12-02 16:31 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-27 14:05 - 2009-07-14 09:44 - 00668542 _____ C:\Windows\system32\perfh005.dat
2016-11-27 14:05 - 2009-07-14 09:44 - 00141202 _____ C:\Windows\system32\perfc005.dat
2016-11-27 14:05 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-11-26 17:31 - 2015-01-02 10:42 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-11-25 18:04 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2016-11-24 18:35 - 2014-12-02 21:58 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-24 18:35 - 2014-12-02 17:31 - 00000000 ____D C:\Users\David\AppData\Local\Adobe
2016-11-22 21:14 - 2009-07-14 05:33 - 00447680 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-22 21:13 - 2014-12-02 16:54 - 00128568 _____ C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-19 07:58 - 2014-12-02 22:01 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-11-12 10:00 - 2015-11-25 19:14 - 00000000 ____D C:\Users\David\AppData\Roaming\XnView
2016-11-11 16:00 - 2016-04-12 20:56 - 223833796 _____ C:\Windows\MEMORY.DMP
2016-11-11 16:00 - 2015-01-16 17:41 - 00000000 ____D C:\Windows\Minidump
2016-11-11 12:28 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-11-10 16:32 - 2014-12-02 17:17 - 00000000 ____D C:\Windows\system32\MRT
2016-11-10 16:22 - 2014-12-02 17:17 - 138444440 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-08 08:34 - 2009-07-14 05:53 - 00032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2014-12-30 15:04 - 2014-12-30 15:04 - 0000020 ___SH () C:\Users\David\AppData\Roaming\App4870.ConfCollection.bin
2016-02-14 20:18 - 2016-08-06 13:15 - 0008704 ___SH () C:\Users\David\AppData\Roaming\Thumbs.db
2016-02-04 14:47 - 2016-02-04 14:47 - 0033193 _____ () C:\Users\David\AppData\Roaming\UserTile.png
2014-12-30 15:04 - 2014-12-30 15:04 - 0000000 _____ () C:\Users\David\AppData\Local\jv16PT_temp.tmp
2016-11-29 14:44 - 2016-11-29 14:44 - 0029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE

Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\AcDeltree.exe
C:\Users\David\AppData\Local\Temp\Crysis_Patch_1_2_launcher.exe
C:\Users\David\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\David\AppData\Local\Temp\InstHelper.exe
C:\Users\David\AppData\Local\Temp\MSETUP4.EXE
C:\Users\David\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\David\AppData\Local\Temp\nsuC898.exe
C:\Users\David\AppData\Local\Temp\nsuFE6A.exe
C:\Users\David\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\David\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\David\AppData\Local\Temp\nvStInst.exe
C:\Users\David\AppData\Local\Temp\SkypeSetup.exe
C:\Users\David\AppData\Local\Temp\Uninstall.exe
C:\Users\David\AppData\Local\Temp\vlc-2.2.4-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-20 12:30

==================== End of FRST.txt ============================

David27 · #2 Příspěvek od **David27** » 29 lis 2016 14:55

log Addition

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-11-2016
Ran by David (29-11-2016 14:49:44)
Running from C:\Users\David\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2014-12-02 15:28:27)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4190961195-4124743048-3094127975-500 - Administrator - Disabled)
David (S-1-5-21-4190961195-4124743048-3094127975-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-4190961195-4124743048-3094127975-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4190961195-4124743048-3094127975-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 23 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Any Video Converter 5.7.6 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Codec-TS SDK (HKLM\...\{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}) (Version: - ArcSoft)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
De-interlace SDK (HKLM\...\{9A0E0340-C3D7-42D1-96D4-64179FD456AE}) (Version: - ArcSoft)
EAGLE 5.11.0 (HKLM\...\EAGLE 5.11.0) (Version: 5.11.0 - CadSoft Computer GmbH)
High-Definition Video Playback (Version: 11.1.10400.2.65 - Nero AG) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.0 (x86 cs) (HKLM\...\Mozilla Firefox 50.0 (x86 cs)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 11 (HKLM\...\{9FC86590-AC98-4845-80D4-3EB37B51947B}) (Version: 11.0.15800 - Nero AG)
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.10000.1.0 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (Version: 3.8.54.0 - Nokia) Hidden
NVIDIA Ovladač 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Ovládací panel NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
TT-SB SDK (HKLM\...\{AF9848E2-5F19-4E49-9E6E-044FBDC28404}) (Version: - ArcSoft)
Unity Web Player (HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
welcome (Version: 11.0.21500.0.4 - Nero AG) Hidden
WinFast Multimedia Driver Installation (HKLM\...\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}) (Version: - Multimedia)
WinFast PVR2 (HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\{C92C584E-C781-475E-A8E2-C67D993A6B95}) (Version: 2.0.3.60 - Leadtek)
Wolfenstein(TM) 1.1 Patch (Version: - ) Hidden
World of Tanks (HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
WRC2 (HKLM\...\WRC2_is1) (Version: 1.0 - Black Bean Games)
XnView 1.97.8 (HKLM\...\XnView_is1) (Version: 1.97.8 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxTest.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12EED963-0773-4756-9828-729D813A4A97} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-24] (Adobe Systems Incorporated)
Task: {1CA65965-7C64-429A-8BAD-DC64CF7A093F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {3360E1D2-50F9-49A6-B931-D9D2A9604435} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {349E8938-E1A6-46BA-97FB-933AACACEFA1} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {B9FC43BA-BE19-4A56-A585-025E54E3DD77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D25504BB-5EC2-4AFC-8110-2703D687CC8B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4190961195-4124743048-3094127975-1000

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-11-25 18:04 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-05-21 19:17 - 2009-04-01 13:07 - 00303188 _____ () C:\Program Files\WinFast\WFDTV\RTL283XACCESS.dll
2015-05-21 19:17 - 2008-12-02 10:04 - 00007680 _____ () C:\Program Files\WinFast\WFDTV\WIZLANGCZE.dll
2015-05-21 19:18 - 2010-11-15 10:05 - 00073728 _____ () C:\Program Files\WinFast\WFDTV\RCConfig\RCKeysInfoIO.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 08507232 _____ () C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 02354016 _____ () C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 01014624 _____ () C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00364384 _____ () C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 02480992 _____ () C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 01346912 _____ () C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00206176 _____ () C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 02653024 _____ () C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00033120 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qgif4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00035680 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qico4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00207200 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 11166560 _____ () C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00276832 _____ () C:\Program Files\Nokia\Nokia Suite\phonon4.dll
2014-11-11 09:21 - 2014-11-11 09:21 - 00392552 _____ () C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
2014-11-11 09:21 - 2014-11-11 09:21 - 00059752 _____ () C:\Program Files\Nokia\Nokia Suite\securestorage.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00446304 _____ () C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00520544 _____ () C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00720736 _____ () C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
2014-11-19 11:46 - 2014-11-19 11:46 - 00606560 _____ () C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00093024 _____ () C:\Program Files\Nokia\Nokia Suite\qjson.dll
2014-11-19 11:47 - 2014-11-19 11:47 - 00438624 _____ () C:\Program Files\Nokia\Nokia Suite\NService.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E660DE8B-56BC-4BAF-A78E-623062BF747B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{49E1A9C0-9B28-4493-ABAC-363FC343C385}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{D64B7316-A04B-49DF-9F44-AB0F999DE393}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{6FFB6517-3DAF-42BF-B933-A485B118D42F}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{DE31B35F-263F-4D0E-ADCE-D49507086249}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{A6D3E4F6-DAF9-496F-A555-A785AC3BB612}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D275B928-557A-47FE-B276-FF8C2BA9CDF9}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{7F83D8DA-4FEB-409D-9DDC-86763DD0A47C}C:\program files\electronic arts\shift 2 unleashed\shift2u.exe] => (Block) C:\program files\electronic arts\shift 2 unleashed\shift2u.exe
FirewallRules: [UDP Query User{F972C472-3454-4A2D-970F-F4C1CFF83D0F}C:\program files\electronic arts\shift 2 unleashed\shift2u.exe] => (Block) C:\program files\electronic arts\shift 2 unleashed\shift2u.exe
FirewallRules: [{427F7767-DAEB-45A1-BB58-B476D53D8F47}] => (Allow) C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{C872B000-6C25-460E-B372-2B24FA371D27}] => (Allow) C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [TCP Query User{D56EA51A-026F-4723-89F7-B0492573C77D}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Block) C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{2AC5DFCA-E1FF-48FB-8208-8DC606A0DCEF}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Block) C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [TCP Query User{0CE4F176-A5F0-41D7-A3E0-0DEBFD79CB4B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{54922ACE-2034-4425-9BBD-FEEF0893A3D7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{9819F146-9A82-4F29-B3D8-D0664FA96F0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8672264D-B03C-4BF1-BCAC-2C1B1966A7DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6AAE71CC-C163-410D-8D79-778E7E1BF118}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{A9EFE7D9-B58D-4703-A4F4-742489754BEE}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{F374EED8-DFB3-4E06-A065-598F8F755BE1}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{2B0E453E-18F5-4EDA-857A-2A74CBA2385C}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [TCP Query User{95C27238-02B3-42A3-9CEE-34A54BB9B557}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2089635C-94FF-4698-A333-2E0B3930E86E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{8763DA97-CA0D-4500-9E62-D6669237459D}C:\program files\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files\activision\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{3A7AAC5F-0D9B-45C8-BC61-D3B8B3898021}C:\program files\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files\activision\call of duty - black ops\blackops.exe
FirewallRules: [{491A21C2-B68C-4FF1-B91B-FEBBC0D907AE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B71CA4FC-5905-4841-BA6C-302B042782D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B5CD91FE-584E-473F-9184-281F6D9839CE}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0A7653DF-6F4C-4076-90B8-A2BB256B7450}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{0DA00CAE-7D72-4879-A466-1F53BC837D65}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{945D0DB2-9123-466C-9EA2-1EFCC2A32D2A}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [{989D34E1-B81A-4AA6-896E-6E46BDE0C197}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{960DE47F-0F3A-40DF-8AC0-68B763BDDB2B}] => (Allow) C:\Program Files\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{95B66B2C-F8F1-402F-8FD8-B2B04DACCC08}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

==================== Restore Points =========================

25-11-2016 17:45:10 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
25-11-2016 18:11:21 Nainstalováno: NVIDIA PhysX
27-11-2016 16:25:02 Removed Skype™ 7.29
28-11-2016 11:01:39 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/26/2016 05:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program worldoftanks.exe verze 0.9.16.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: bc

Čas spuštění: 01d24802244f252d

Čas ukončení: 66

Cesta k aplikaci: C:\Games\World_of_Tanks\worldoftanks.exe

ID hlášení: e3e5e427-b3f5-11e6-85f2-0016e61dba70

Error: (11/26/2016 05:28:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: worldoftanks.exe, verze: 0.9.16.0, časové razítko: 0x580a2717
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00011448
ID chybujícího procesu: 0x14ec
Čas spuštění chybující aplikace: 0x01d247fdfcff49ff
Cesta k chybující aplikaci: C:\Games\World_of_Tanks\worldoftanks.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 65bae117-b3f5-11e6-85f2-0016e61dba70

Error: (11/26/2016 05:06:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_SysMain, verze: 6.1.7600.16385, časové razítko: 0x4a5bc100
Název chybujícího modulu: sysmain.dll, verze: 6.1.7601.18933, časové razítko: 0x55a69e09
Kód výjimky: 0xc0000005
Posun chyby: 0x00004a4f
ID chybujícího procesu: 0x554
Čas spuštění chybující aplikace: 0x01d247b250a66a80
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\sysmain.dll
ID zprávy: 4b24059a-b3f2-11e6-85f2-0016e61dba70

Error: (11/26/2016 11:05:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: worldoftanks.exe, verze: 0.9.16.0, časové razítko: 0x580a2717
Název chybujícího modulu: worldoftanks.exe, verze: 0.9.16.0, časové razítko: 0x580a2717
Kód výjimky: 0xc0000005
Posun chyby: 0x00612e60
ID chybujícího procesu: 0xce8
Čas spuštění chybující aplikace: 0x01d247c78ff9701e
Cesta k chybující aplikaci: C:\Games\World_of_Tanks\worldoftanks.exe
Cesta k chybujícímu modulu: C:\Games\World_of_Tanks\worldoftanks.exe
ID zprávy: d34bf471-b3bf-11e6-85f2-0016e61dba70

Error: (11/25/2016 04:07:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WRC2.exe, verze: 1.0.0.1, časové razítko: 0x4e69dce9
Název chybujícího modulu: Engine.dll, verze: 1.124.905.0, časové razítko: 0x4e64ddbe
Kód výjimky: 0xc0000005
Posun chyby: 0x000da801
ID chybujícího procesu: 0x16b0
Čas spuštění chybující aplikace: 0x01d2472d120af711
Cesta k chybující aplikaci: C:\Black Bean Games\WRC2\WRC2.exe
Cesta k chybujícímu modulu: C:\Black Bean Games\WRC2\Engine.dll
ID zprávy: e48f6b72-b320-11e6-a699-0016e61dba70

Error: (11/25/2016 03:59:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WRC2.exe, verze: 1.0.0.1, časové razítko: 0x4e69dce9
Název chybujícího modulu: Engine.dll, verze: 1.124.905.0, časové razítko: 0x4e64ddbe
Kód výjimky: 0xc0000005
Posun chyby: 0x000da801
ID chybujícího procesu: 0xbac
Čas spuštění chybující aplikace: 0x01d2472b653282d1
Cesta k chybující aplikaci: C:\Black Bean Games\WRC2\WRC2.exe
Cesta k chybujícímu modulu: C:\Black Bean Games\WRC2\Engine.dll
ID zprávy: cbaf8168-b31f-11e6-a699-0016e61dba70

Error: (11/25/2016 03:43:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WRC2.exe, verze: 1.0.0.1, časové razítko: 0x4e69dce9
Název chybujícího modulu: Engine.dll, verze: 1.124.905.0, časové razítko: 0x4e64ddbe
Kód výjimky: 0xc0000005
Posun chyby: 0x000da801
ID chybujícího procesu: 0x1138
Čas spuštění chybující aplikace: 0x01d24725ccee99fd
Cesta k chybující aplikaci: C:\Black Bean Games\WRC2\WRC2.exe
Cesta k chybujícímu modulu: C:\Black Bean Games\WRC2\Engine.dll
ID zprávy: 827cbe89-b31d-11e6-a699-0016e61dba70

Error: (11/25/2016 11:55:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: worldoftanks.exe, verze: 0.9.16.0, časové razítko: 0x580a2717
Název chybujícího modulu: worldoftanks.exe, verze: 0.9.16.0, časové razítko: 0x580a2717
Kód výjimky: 0xc0000005
Posun chyby: 0x00d47a84
ID chybujícího procesu: 0xd78
Čas spuštění chybující aplikace: 0x01d24708d0759826
Cesta k chybující aplikaci: C:\Games\World_of_Tanks\worldoftanks.exe
Cesta k chybujícímu modulu: C:\Games\World_of_Tanks\worldoftanks.exe
ID zprávy: ae394da4-b2fd-11e6-a699-0016e61dba70

Error: (11/22/2016 09:09:59 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: David-PC)
Description: Aplikaci nebo službu Průzkumník Windows nelze ukončit.

Error: (11/22/2016 09:09:28 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: David-PC)
Description: Aplikaci nebo službu Skype nelze ukončit.

System errors:
=============
Error: (11/29/2016 02:08:19 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.

Error: (11/29/2016 01:48:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.

Error: (11/29/2016 01:45:00 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Nelze spustit server DCOM: {B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}. Došlo k chybě:
%%2 = Systém nemůže nalézt uvedený soubor.
při provádění příkazu:
C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_207_ActiveX.exe -Embedding

Error: (11/29/2016 01:41:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba WcesComm závisí na službě RapiMgr, která neuspěla při spuštění v důsledku následující chyby:
Uvedený modul nebyl nalezen.

Error: (11/29/2016 01:41:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba RapiMgr byla ukončena s následující chybou:
Uvedený modul nebyl nalezen.

Error: (11/29/2016 01:41:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba RapiMgr byla ukončena s následující chybou:
Uvedený modul nebyl nalezen.

Error: (11/28/2016 08:56:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/28/2016 08:01:47 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Nelze spustit server DCOM: {B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}. Došlo k chybě:
%%2 = Systém nemůže nalézt uvedený soubor.
při provádění příkazu:
C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_207_ActiveX.exe -Embedding

Error: (11/28/2016 07:55:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba WcesComm závisí na službě RapiMgr, která neuspěla při spuštění v důsledku následující chyby:
Uvedený modul nebyl nalezen.

Error: (11/28/2016 07:55:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba RapiMgr byla ukončena s následující chybou:
Uvedený modul nebyl nalezen.

CodeIntegrity:
===================================
Date: 2015-08-23 19:54:18.929
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DmNotificationBroker.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 19:54:18.855
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DmNotificationBroker.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 19:54:18.831
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DsmUserTask.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 19:54:18.754
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DmNotificationBroker.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 19:54:18.731
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DsmUserTask.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 19:54:18.612
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DsmUserTask.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 19:54:18.605
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DmNotificationBroker.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 19:54:18.537
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DsmUserTask.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 19:54:18.521
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DmNotificationBroker.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 19:54:18.461
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DsmUserTask.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 39%
Total physical RAM: 3071.54 MB
Available physical RAM: 1862.32 MB
Total Virtual: 6141.39 MB
Available Virtual: 4719.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.9 GB) (Free:35.71 GB) NTFS
Drive d: () (Fixed) (Total:178.09 GB) (Free:162.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 44764475)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=178.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#3 Příspěvek od **Roli** » 30 lis 2016 17:33

Zdravím, smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

David27 · #4 Příspěvek od **David27** » 30 lis 2016 18:10

adwcleaner našel 141 hrozeb
Antivir používám ten od Microsoftu

# AdwCleaner v6.030 - Log soubor vytvořen 30/11/2016 na 18:05:33
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-29.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : David - DAVID-PC
# Beží od : C:\Users\David\Downloads\adwcleaner_6.030.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.

***** [ Adresáře ] *****

Nebyly nalezeny žádné škodlivé složky.

***** [ Soubory ] *****

Soubor nalezen: C:\Program Files\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
Soubor nalezen: C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
Soubor nalezen: C:\Program Files\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
Soubor nalezen: C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
Soubor nalezen: C:\Program Files\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
Soubor nalezen: C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml

***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL soubory.

***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.

***** [ Zástupce ] *****

Žádné infikovaný zástupce nenalezen.

***** [ Plánovač úloh ] *****

Úkol nalezen: globalUpdateUpdateTaskMachineCore
Úkol nalezen: globalUpdateUpdateTaskMachineUA
Úkol nalezen: amiupdaterExd
Úkol nalezen: amiupdaterExi

***** [ Registry ] *****

Klíč nalezen: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\IePluginServices
Klíč nalezen: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč nalezen: HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč nalezen: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Klíč nalezen: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Klíč nalezen: HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Klíč nalezen: HKCU\Software\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Hodnota nalezena: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Klíč nalezen: HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč nalezen: HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Klíč nalezen: HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Klíč nalezen: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Conduit
Klíč nalezen: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Mozilla\Extends
Klíč nalezen: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\WEBAPP
Klíč nalezen: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč nalezen: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\AppDataLow\Software\Crossrider
Klíč nalezen: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Internet Speed Checker
Klíč nalezen: HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč nalezen: HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Klíč nalezen: HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Klíč nalezen: HKCU\Software\Conduit
Klíč nalezen: HKCU\Software\Mozilla\Extends
Klíč nalezen: HKCU\Software\WEBAPP
Klíč nalezen: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč nalezen: HKCU\Software\AppDataLow\Software\Crossrider
Klíč nalezen: HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
Klíč nalezen: HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč nalezen: HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč nalezen: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč nalezen: HKLM\SOFTWARE\Conduit
Klíč nalezen: HKLM\SOFTWARE\mystartsearchSoftware
Klíč nalezen: HKLM\SOFTWARE\SupTab
Klíč nalezen: HKLM\SOFTWARE\supWindowsMangerProtect
Klíč nalezen: HKLM\SOFTWARE\supWPM
Klíč nalezen: HKLM\SOFTWARE\SUPTAB
Klíč nalezen: HKLM\SOFTWARE\WISECLEANER
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Data nalezena: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&ts=14199 ... 66035_8CFE
Data nalezena: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&ts=14199 ... 5_8CFE791B
Data nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
Data nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&ts=14199 ... 5_8CFE791B
Data nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.mystartsearch.com/?type=hp&ts=14199 ... 5_8CFE791B
Data nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
Klíč nalezen: HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Data nalezena: HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [Default] - "C:\Program Files\Internet Explorer\iexplore.exe"
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hry.slunecnice.cz
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\lidl.akcniceny.cz
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pestryjidelnicek.cz
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sklenicezdravi.cz
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solvusoft.com
Klíč nalezen: HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč nalezen: HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Hodnota nalezena: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Hodnota nalezena: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Hodnota nalezena: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]

***** [ Internetové prohlížeče ] *****

Firefox nastavení nalezeno: [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\prefs.js] - "browser.search.selectedEngine" - "mystartsearch"
Firefox nastavení nalezeno: [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\prefs.js] - "extensions.crossrider.bic" - "14a81b57c0444b4c1b6eb9339e1255af"
Firefox nastavení nalezeno: [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\prefs.js] - "extensions.opgRbYxWEaFD9Erd.scode" - "try{(function(){try{var url=(window.self.location.href + document.cookie);i
Firefox nastavení nalezeno: [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\prefs.js] - "extensions.opgRbYxWEaFD9Erd.url" - "hxxp://supercept.info/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deS
Firefox nastavení nalezeno: [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\prefs.js] - "extensions.quick_start.enable_search1" - false
Firefox nastavení nalezeno: [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\prefs.js] - "extensions.quick_start.sd.closeWindowWithLastTab_prev_state" - false
Firefox nastavení nalezeno: [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\prefs.js] - "extensions.z9Y0M3LQofiKW361.scode" - "try{(function(){try{var url=(window.self.location.href + document.cookie);i
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium báze.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [14731 Bajtů] - [30/11/2016 18:05:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14806 Bajtů] ##########

#5 Příspěvek od **Roli** » 01 pro 2016 16:52

David27 píše:adwcleaner našel 141 hrozeb

Roli píše:Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

David27 · #6 Příspěvek od **David27** » 01 pro 2016 18:51

# AdwCleaner v6.030 - Log soubor vytvořen 01/12/2016 na 18:45:30
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-12-01.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : David - DAVID-PC
# Beží od : C:\Users\David\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Adresáře ] *****

***** [ Soubory ] *****

[-] Soubor smazán:C:\Program Files\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
[-] Soubor smazán:C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
[#] Soubor smazán:C:\Program Files\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
[#] Soubor smazán:C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
[#] Soubor smazán:C:\Program Files\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
[#] Soubor smazán:C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\IePluginServices
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Klíč smazán:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
[-] Klíč smazán:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[#] Klíč smazán po restartování:HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
[#] Klíč smazán po restartování:HKCU\Software\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Klíč smazán:HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč smazán:HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Conduit
[-] Klíč smazán:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Mozilla\Extends
[-] Klíč smazán:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\WEBAPP
[-] Klíč smazán:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč smazán:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\AppDataLow\Software\Crossrider
[-] Klíč smazán:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Internet Speed Checker
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[#] Klíč smazán po restartování:HKCU\Software\Conduit
[#] Klíč smazán po restartování:HKCU\Software\Mozilla\Extends
[#] Klíč smazán po restartování:HKCU\Software\WEBAPP
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\Crossrider
[-] Klíč smazán:HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Klíč smazán:HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Klíč smazán:HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč smazán:HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Klíč smazán:HKLM\SOFTWARE\Conduit
[-] Klíč smazán:HKLM\SOFTWARE\mystartsearchSoftware
[-] Klíč smazán:HKLM\SOFTWARE\SupTab
[-] Klíč smazán:HKLM\SOFTWARE\supWindowsMangerProtect
[-] Klíč smazán:HKLM\SOFTWARE\supWPM
[#] Klíč smazán po restartování:HKLM\SOFTWARE\SUPTAB
[-] Klíč smazán:HKLM\SOFTWARE\WISECLEANER
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[-] Data obnovena:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Klíč smazán:HKU\S-1-5-21-4190961195-4124743048-3094127975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data obnovena:HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [Default]
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hry.slunecnice.cz
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\lidl.akcniceny.cz
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pestryjidelnicek.cz
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sklenicezdravi.cz
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solvusoft.com
[-] Klíč smazán:HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Klíč smazán:HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Hodnota smazána:HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
[#] Hodnota smazána po restartování:HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
[#] Hodnota smazána po restartování:HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]

***** [ Prohlížeče ] *****

[-] Firefox nastavení vyčištěno:"browser.search.selectedEngine" - "mystartsearch"
[-] Firefox nastavení vyčištěno:"extensions.crossrider.bic" - "14a81b57c0444b4c1b6eb9339e1255af"
[-] Firefox nastavení vyčištěno:
[-] Firefox nastavení vyčištěno:"extensions.opgRbYxWEaFD9Erd.url" - "hxxp://supercept.info/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D;hxxp://supercept.org/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D;hxxp://toolkitcomp.info/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D;hxxp://getjpi77.info/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D;hxxp://starrnice.eu/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D;hxxp://veterance.net/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D;hxxp://progget.com/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D;hxxp://toolkitfun.info/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D;hxxp://get-jpi.info/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D;hxxp://storageinstallbardirectory.in/sync2/?q=hfZ9oflKAfqZBylHrGhEAen0rTa6rjnMg708BNmGWj8deShGheDUojw9rjsHrdwFrdgEqShIC7n0rjnFrTrErjw9rHa6tNhVCT94tMVKhd99qTwFpdUHrTa4rdk4pjnGpdkMC6qUojwErHk5rHg6rHYGrHgEqTC9qds7tNZKge8VoflKAfqZBylHtMZPhd97rjY7qTr6pda6rHr8qHU8qTwFtMl5Aen0rjnFpjUHqHn8qTa9qTg6pdrErGhTAyxKBMlIojaMB6qPhd97rdwMAe4HDd99tMtHojw%3D"
[-] Firefox nastavení vyčištěno:"extensions.quick_start.enable_search1" - false
[-] Firefox nastavení vyčištěno:"extensions.quick_start.sd.closeWindowWithLastTab_prev_state" - false
[-] Firefox nastavení vyčištěno:

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [16796 Bajtů] - [01/12/2016 18:45:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [14885 Bajtů] - [01/12/2016 18:44:47]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [16946 Bajtů] ##########

David27 · #7 Příspěvek od **David27** » 01 pro 2016 19:07

ComboFix 16-11-13.01 - David 01.12.2016 18:55:45.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3072.1843 [GMT 1:00]
Spuštěný z: c:\users\David\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Win1970.Conf.Collection.sys
c:\users\David\AppData\Local\MSGBOX.EXE
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\system32\tmp8B26.tmp
c:\windows\system32\tmp9BEE.tmp
c:\windows\system32\tmpABBB.tmp
c:\windows\system32\tmpABDB.tmp
c:\windows\system32\tmpB182.tmp
c:\windows\system32\tmpD20.tmp
c:\windows\system32\tmpD41.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-11-01 do 2016-12-01 )))))))))))))))))))))))))))))))
.
.
2016-12-01 18:01 . 2016-12-01 18:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-12-01 17:48 . 2016-12-01 17:48 62576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{412E4270-545C-4525-9462-6D1FE4CABBA1}\offreg.924.dll
2016-12-01 17:43 . 2016-12-01 17:45 -------- d-----w- C:\AdwCleaner
2016-11-30 19:04 . 2016-11-30 19:04 62576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{412E4270-545C-4525-9462-6D1FE4CABBA1}\offreg.3060.dll
2016-11-30 18:34 . 2016-11-10 07:30 9834504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{412E4270-545C-4525-9462-6D1FE4CABBA1}\mpengine.dll
2016-11-29 12:50 . 2016-11-10 07:30 9834504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-11-28 10:09 . 2016-11-28 10:09 -------- d-----w- C:\$Windows.~WS
2016-11-27 15:49 . 2016-11-27 15:49 -------- d-----w- c:\users\David\AppData\Local\ESET
2016-11-27 15:33 . 2016-12-01 17:53 -------- d-----w- c:\users\David\AppData\Roaming\Skype
2016-11-27 15:33 . 2016-11-27 15:33 -------- d-----w- c:\program files\Common Files\Skype
2016-11-27 15:33 . 2016-11-27 15:33 -------- d-----r- c:\program files\Skype
2016-11-27 15:33 . 2016-11-27 15:33 -------- d-----w- c:\programdata\Skype
2016-11-25 17:11 . 2016-11-25 17:11 -------- d-----w- c:\program files\AGEIA Technologies
2016-11-25 17:04 . 2014-07-02 17:39 609240 ----a-w- c:\windows\system32\nvStreaming.exe
2016-11-25 17:04 . 2016-12-01 17:46 -------- d-----w- c:\programdata\NVIDIA
2016-11-25 17:04 . 2014-07-02 19:42 4389848 ----a-w- c:\windows\system32\nvcpl.dll
2016-11-25 17:04 . 2014-07-02 19:42 3063256 ----a-w- c:\windows\system32\nvsvc.dll
2016-11-25 17:04 . 2014-07-02 19:42 670552 ----a-w- c:\windows\system32\nvvsvc.exe
2016-11-25 17:04 . 2014-07-02 19:42 62936 ----a-w- c:\windows\system32\nvshext.dll
2016-11-25 17:04 . 2014-07-02 19:42 377288 ----a-w- c:\windows\system32\nvmctray.dll
2016-11-25 17:04 . 2014-07-02 19:42 2556360 ----a-w- c:\windows\system32\nvsvcr.dll
2016-11-25 17:04 . 2014-07-02 05:14 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2016-11-25 17:03 . 2014-07-02 20:54 61728 ----a-w- c:\windows\system32\OpenCL.dll
2016-11-25 17:03 . 2016-11-25 17:04 -------- d-----w- c:\programdata\NVIDIA Corporation
2016-11-25 17:01 . 2014-07-02 20:54 24198088 ----a-w- c:\windows\system32\nvoglv32.dll
2016-11-25 17:01 . 2014-07-02 20:54 11283344 ----a-w- c:\windows\system32\nvopencl.dll
2016-11-25 17:01 . 2014-07-02 20:54 907552 ----a-w- c:\windows\system32\nvdispgenco3234052.dll
2016-11-25 17:01 . 2014-07-02 20:54 907096 ----a-w- c:\windows\system32\NvIFR.dll
2016-11-25 17:01 . 2014-07-02 20:54 869152 ----a-w- c:\windows\system32\NvFBC.dll
2016-11-25 17:01 . 2014-07-02 20:54 10681176 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2016-11-25 17:01 . 2014-07-02 20:54 3988952 ----a-w- c:\windows\system32\nvcuvid.dll
2016-11-25 17:01 . 2014-07-02 20:54 11222048 ----a-w- c:\windows\system32\nvcuda.dll
2016-11-25 17:01 . 2014-07-02 20:54 1054552 ----a-w- c:\windows\system32\nvdispco3234052.dll
2016-11-25 17:01 . 2014-07-02 20:54 2814656 ----a-w- c:\windows\system32\nvapi.dll
2016-11-25 17:01 . 2014-07-02 20:54 15296456 ----a-w- c:\windows\system32\nvcompiler.dll
2016-11-25 16:57 . 2016-11-25 17:11 -------- d-----w- c:\program files\NVIDIA Corporation
2016-11-25 15:33 . 2016-11-25 15:33 -------- d-----w- c:\users\David\AppData\Roaming\BlackBean
2016-11-25 15:22 . 2016-11-25 15:22 -------- d-----w- C:\Black Bean Games
2016-11-24 17:33 . 2016-11-30 16:03 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-11-24 17:33 . 2016-11-30 16:03 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-11-23 09:14 . 2016-08-23 10:02 915640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2557AAAA-B77B-43DD-99B4-D82288D7D80C}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-28 01:22 . 2014-12-02 15:44 407720 ------w- c:\windows\system32\MpSigStub.exe
2016-10-10 15:16 . 2016-11-09 07:44 254464 ----a-w- c:\windows\system32\schannel.dll
2016-10-10 15:16 . 2016-11-09 07:44 141312 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:54 . 2016-10-12 07:16 67816 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-09-12 20:49 . 2016-10-12 07:16 1017856 ----a-w- c:\windows\system32\aeinv.dll
2016-09-12 20:49 . 2016-10-12 07:16 76800 ----a-w- c:\windows\system32\adsmsext.dll
2016-09-12 19:08 . 2016-10-12 07:16 1251328 ----a-w- c:\windows\system32\DWrite.dll
2016-09-12 19:08 . 2016-10-12 07:16 909824 ----a-w- c:\windows\system32\FntCache.dll
2016-09-09 15:53 . 2016-10-12 07:16 488448 ----a-w- c:\windows\system32\devinv.dll
2016-09-09 15:53 . 2016-10-12 07:16 478208 ----a-w- c:\windows\system32\generaltel.dll
2016-09-09 15:53 . 2016-10-12 07:16 268800 ----a-w- c:\windows\system32\invagent.dll
2016-09-09 15:53 . 2016-10-12 07:16 213504 ----a-w- c:\windows\system32\centel.dll
2016-09-09 15:53 . 2016-10-12 07:16 184320 ----a-w- c:\windows\system32\aepic.dll
2016-09-09 15:53 . 2016-10-12 07:16 1406976 ----a-w- c:\windows\system32\appraiser.dll
2016-09-09 15:53 . 2016-10-12 07:16 107008 ----a-w- c:\windows\system32\acmigration.dll
2016-09-08 20:34 . 2016-10-12 07:16 208896 ----a-w- c:\windows\system32\WebClnt.dll
2016-09-08 20:34 . 2016-10-12 07:16 87040 ----a-w- c:\windows\system32\davclnt.dll
2016-09-08 14:49 . 2016-10-12 07:16 117248 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-09-08 14:49 . 2016-10-12 07:16 81408 ----a-w- c:\windows\system32\drivers\dfsc.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2013-01-09 2916352]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2014-11-19 1092448]
"World of Tanks"="c:\games\World_of_Tanks\WargamingGameUpdater.exe" [2016-11-18 3135752]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2016-11-15 27226072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2015-01-29 103936]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1002984]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-12-02 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-09-20 324224]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-10-22 102912]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-12-04 1343400]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
S3 3xHybrid;WinFast DTV1000 S;c:\windows\system32\DRIVERS\3xHybrid.sys [2010-10-13 1040512]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-12-03 243128]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
utcsvc REG_MULTI_SZ DiagTrack
.
Obsah adresáře 'Naplánované úlohy'
.
2016-12-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-24 16:03]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page =
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_23_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_23_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-12-01 19:04:09
ComboFix-quarantined-files.txt 2016-12-01 18:04
.
Před spuštěním: Volných bajtů: 52 308 758 528
Po spuštění: Volných bajtů: 53 613 903 872
.
- - End Of File - - 95152598DC0BF9A439DF666649633F4C
A36C5E4F47E84449FF07ED3517B43A31

#8 Příspěvek od **Roli** » 02 pro 2016 17:50

Doladíme

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock::  
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

David27 · #9 Příspěvek od **David27** » 02 pro 2016 18:37

ComboFix 16-11-13.01 - David 02.12.2016 18:19:52.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3072.2127 [GMT 1:00]
Spuštěný z: c:\users\David\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\David\Desktop\CFScript.txt.txt
AV: Microsoft Security Essentials *Enabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Microsoft Security Essentials *Enabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-11-02 do 2016-12-02 )))))))))))))))))))))))))))))))
.
.
2016-12-02 17:28 . 2016-12-02 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-12-02 17:17 . 2016-12-02 17:17 39168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AAF725F-9E92-4ADC-8F7E-02377D64EAF8}\MpKslDrv.sys
2016-12-02 07:50 . 2016-12-02 07:50 62576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AAF725F-9E92-4ADC-8F7E-02377D64EAF8}\offreg.924.dll
2016-12-01 18:25 . 2016-11-10 07:30 9834504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AAF725F-9E92-4ADC-8F7E-02377D64EAF8}\mpengine.dll
2016-12-01 18:14 . 2016-11-10 07:30 9834504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-12-01 17:43 . 2016-12-01 17:45 -------- d-----w- C:\AdwCleaner
2016-11-28 10:09 . 2016-11-28 10:09 -------- d-----w- C:\$Windows.~WS
2016-11-27 15:49 . 2016-11-27 15:49 -------- d-----w- c:\users\David\AppData\Local\ESET
2016-11-27 15:33 . 2016-12-02 17:18 -------- d-----w- c:\users\David\AppData\Roaming\Skype
2016-11-27 15:33 . 2016-11-27 15:33 -------- d-----w- c:\program files\Common Files\Skype
2016-11-27 15:33 . 2016-11-27 15:33 -------- d-----r- c:\program files\Skype
2016-11-27 15:33 . 2016-11-27 15:33 -------- d--h--w- c:\programdata\Skype
2016-11-25 17:11 . 2016-11-25 17:11 -------- d-----w- c:\program files\AGEIA Technologies
2016-11-25 17:04 . 2014-07-02 17:39 609240 ----a-w- c:\windows\system32\nvStreaming.exe
2016-11-25 17:04 . 2016-12-02 07:48 -------- d--h--w- c:\programdata\NVIDIA
2016-11-25 17:04 . 2014-07-02 19:42 4389848 ----a-w- c:\windows\system32\nvcpl.dll
2016-11-25 17:04 . 2014-07-02 19:42 3063256 ----a-w- c:\windows\system32\nvsvc.dll
2016-11-25 17:04 . 2014-07-02 19:42 670552 ----a-w- c:\windows\system32\nvvsvc.exe
2016-11-25 17:04 . 2014-07-02 19:42 62936 ----a-w- c:\windows\system32\nvshext.dll
2016-11-25 17:04 . 2014-07-02 19:42 377288 ----a-w- c:\windows\system32\nvmctray.dll
2016-11-25 17:04 . 2014-07-02 19:42 2556360 ----a-w- c:\windows\system32\nvsvcr.dll
2016-11-25 17:04 . 2014-07-02 05:14 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2016-11-25 17:03 . 2014-07-02 20:54 61728 ----a-w- c:\windows\system32\OpenCL.dll
2016-11-25 17:03 . 2016-11-25 17:04 -------- d--h--w- c:\programdata\NVIDIA Corporation
2016-11-25 17:01 . 2014-07-02 20:54 24198088 ----a-w- c:\windows\system32\nvoglv32.dll
2016-11-25 17:01 . 2014-07-02 20:54 11283344 ----a-w- c:\windows\system32\nvopencl.dll
2016-11-25 17:01 . 2014-07-02 20:54 907552 ----a-w- c:\windows\system32\nvdispgenco3234052.dll
2016-11-25 17:01 . 2014-07-02 20:54 907096 ----a-w- c:\windows\system32\NvIFR.dll
2016-11-25 17:01 . 2014-07-02 20:54 869152 ----a-w- c:\windows\system32\NvFBC.dll
2016-11-25 17:01 . 2014-07-02 20:54 10681176 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2016-11-25 17:01 . 2014-07-02 20:54 3988952 ----a-w- c:\windows\system32\nvcuvid.dll
2016-11-25 17:01 . 2014-07-02 20:54 11222048 ----a-w- c:\windows\system32\nvcuda.dll
2016-11-25 17:01 . 2014-07-02 20:54 1054552 ----a-w- c:\windows\system32\nvdispco3234052.dll
2016-11-25 17:01 . 2014-07-02 20:54 2814656 ----a-w- c:\windows\system32\nvapi.dll
2016-11-25 17:01 . 2014-07-02 20:54 15296456 ----a-w- c:\windows\system32\nvcompiler.dll
2016-11-25 16:57 . 2016-11-25 17:11 -------- d-----w- c:\program files\NVIDIA Corporation
2016-11-25 15:33 . 2016-11-25 15:33 -------- d-----w- c:\users\David\AppData\Roaming\BlackBean
2016-11-25 15:22 . 2016-11-25 15:22 -------- d-----w- C:\Black Bean Games
2016-11-24 17:33 . 2016-11-30 16:03 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-11-24 17:33 . 2016-11-30 16:03 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-11-23 09:14 . 2016-08-23 10:02 915640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2557AAAA-B77B-43DD-99B4-D82288D7D80C}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-28 01:22 . 2014-12-02 15:44 407720 ------w- c:\windows\system32\MpSigStub.exe
2016-10-10 15:16 . 2016-11-09 07:44 254464 ----a-w- c:\windows\system32\schannel.dll
2016-10-10 15:16 . 2016-11-09 07:44 141312 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:54 . 2016-10-12 07:16 67816 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-09-12 20:49 . 2016-10-12 07:16 1017856 ----a-w- c:\windows\system32\aeinv.dll
2016-09-12 20:49 . 2016-10-12 07:16 76800 ----a-w- c:\windows\system32\adsmsext.dll
2016-09-12 19:08 . 2016-10-12 07:16 1251328 ----a-w- c:\windows\system32\DWrite.dll
2016-09-12 19:08 . 2016-10-12 07:16 909824 ----a-w- c:\windows\system32\FntCache.dll
2016-09-09 15:53 . 2016-10-12 07:16 488448 ----a-w- c:\windows\system32\devinv.dll
2016-09-09 15:53 . 2016-10-12 07:16 478208 ----a-w- c:\windows\system32\generaltel.dll
2016-09-09 15:53 . 2016-10-12 07:16 268800 ----a-w- c:\windows\system32\invagent.dll
2016-09-09 15:53 . 2016-10-12 07:16 213504 ----a-w- c:\windows\system32\centel.dll
2016-09-09 15:53 . 2016-10-12 07:16 184320 ----a-w- c:\windows\system32\aepic.dll
2016-09-09 15:53 . 2016-10-12 07:16 1406976 ----a-w- c:\windows\system32\appraiser.dll
2016-09-09 15:53 . 2016-10-12 07:16 107008 ----a-w- c:\windows\system32\acmigration.dll
2016-09-08 20:34 . 2016-10-12 07:16 208896 ----a-w- c:\windows\system32\WebClnt.dll
2016-09-08 20:34 . 2016-10-12 07:16 87040 ----a-w- c:\windows\system32\davclnt.dll
2016-09-08 14:49 . 2016-10-12 07:16 117248 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-09-08 14:49 . 2016-10-12 07:16 81408 ----a-w- c:\windows\system32\drivers\dfsc.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2013-01-09 2916352]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2014-11-19 1092448]
"World of Tanks"="c:\games\World_of_Tanks\WargamingGameUpdater.exe" [2016-11-18 3135752]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2016-11-15 27226072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2015-01-29 103936]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1002984]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-12-02 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-09-20 324224]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-10-22 102912]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-12-04 1343400]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
S1 MpKslDrv;MpKslDrv;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AAF725F-9E92-4ADC-8F7E-02377D64EAF8}\MpKslDrv.sys [2016-12-02 39168]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
S3 3xHybrid;WinFast DTV1000 S;c:\windows\system32\DRIVERS\3xHybrid.sys [2010-10-13 1040512]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-12-03 243128]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLDRV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
utcsvc REG_MULTI_SZ DiagTrack
.
Obsah adresáře 'Naplánované úlohy'
.
2016-12-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-24 16:03]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page =
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\phfw7fmu.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_23_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_23_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2016-12-02 18:34:37
ComboFix-quarantined-files.txt 2016-12-02 17:34
ComboFix2.txt 2016-12-01 18:04
.
Před spuštěním: Volných bajtů: 54 546 464 768
Po spuštění: Volných bajtů: 54 335 463 424
.
- - End Of File - - C42489CB3B40142A0E0D9B24FDF5651C
A36C5E4F47E84449FF07ED3517B43A31

#10 Příspěvek od **Roli** » 04 pro 2016 17:19

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Pak dej vědět jak se PC chová.

David27 · #11 Příspěvek od **David27** » 05 pro 2016 15:01

Ještě mám dotaz.V nabídce start zničeho nic zmizely položky.Zkoušel jsem obnovení systému , ale bez úspěchu.
Viz.příloha.Nevím jestli kvůli tomu přeinstalovávat Windows.Microsoft už zařízl stránku s doplňkama pro IE....

#12 Příspěvek od **Roli** » 05 pro 2016 16:48

David27 píše:Zkoušel jsem obnovení systému , ale bez úspěchu.

Ajaj, vždyť to tu nějaký ten den čistíme od breberek, doufám že si nešel časově moc zpět ?

David27 píše:Ještě mám dotaz.V nabídce start zničeho nic zmizely položky.

Z ničehož nic samo nic nemizí

klik pravým myšítkem na tlačítko Start, vyber Vlastnosti, na kartě Nabídka Start klik na Přizpůsobit, tam nastav co chceš vidět a potvrď tlačítkem OK a následně klik na tlačítko Použít, jinak se nic nezmění.

David27 · #13 Příspěvek od **David27** » 05 pro 2016 16:56

Myslím na té nabídce start vlevo se stratily položky a bod obnovení jsem dával combofix created restore point.
Udělalo se to při přihlašování

#14 Příspěvek od **Roli** » 05 pro 2016 17:11

David27 píše:Myslím na té nabídce start vlevo se stratily položky

Však jo jen v seznamu zatrhni Oblíbené položky plus níže zaškrtni Uložit a zobrazit naposledy spuštěné programy .......
Pokud tam chceš mít nějaký program hned rozbal Všechny programy, klikni na požadovaný pravým myšítkem a vyber Připnout k nabídce Start.

David27 · #15 Příspěvek od **David27** » 05 pro 2016 17:22

ještě další problém.Když nainstaluji CrystalDiskInfo tak to píše disk nenalezen.I když ho spustím jako správce.Na Windows XP nebo 10 to funguje bez problému.
Další problém na 7 je,když chci vytisknou obrázek z Windows prohlížeču fotografijí,tak z tiskárny vyjede prázdný papír.

VIRY.CZ

Prosím o kontrolu logu.

Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.

Re: Prosím o kontrolu logu.