Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vypínání antiviru - problémy s PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
whzy
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 08 lis 2014 15:37

Re: Vypínání antiviru - problémy s PC

#16 Příspěvek od whzy »

NTB to dovolil.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-11-2014 01
Ran by WHZYY at 2014-11-08 19:43:52 Run:2
Running from C:\Users\WHZYY\Desktop
Loaded Profile: WHZYY (Available profiles: WHZYY & pro Rohypnola)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-09] (IObit)
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\...\MountPoints2: {1f91f675-d383-11e3-bef3-0cd292264c64} - "J:\LGAutoRun.exe"
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\...\MountPoints2: {246942ac-19ee-11e3-be7c-8c89a50bfaaa} - "J:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\...\MountPoints2: {369b3b43-1e24-11e3-be85-8c89a50bfaaa} - "H:\Startme.exe"
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\...\MountPoints2: {64574e6f-601b-11e3-bec5-806e6f6e6963} - "G:\setup.exe"
HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
IFEO\ARP.EXE: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\at.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\auditpol.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\autochk.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\autoconv.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\autofmt.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\backgroundTaskHost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\BackgroundTransferHost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\bitsadmin.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\bootcfg.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\bthudtask.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ByteCodeGenerator.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\cacls.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\CertEnrollCtrl.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\certreq.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\charmap.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\CheckNetIsolation.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\chkdsk.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\chkntfs.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\choice.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\cipher.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\cliconfg.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\clip.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\cmdkey.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\cmdl32.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\cmmon32.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\cmstp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\colorcpl.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\comp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\compact.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ComputerDefaults.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\convert.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\CredentialUIBroker.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\credwiz.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\cttune.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\cttunesvr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dccw.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dcomcnfg.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ddodiag.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\DevicePairingWizard.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dfrgui.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dialer.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\diskpart.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\diskperf.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\diskraid.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Dism.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dllhst3g.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\doskey.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dpapimig.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\DpiScaling.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dplaysvr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dpnsvr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\driverquery.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dvdplay.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\dvdupgrd.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\EaseOfAccessDialog.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\efsui.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\EhStorAuthn.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\esentutl.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\eudcedit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\eventcreate.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\eventvwr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\expand.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\extrac32.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\fc.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\findstr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\finger.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\fixmapi.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\FlashPlayerApp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\FlashPlayerInstaller.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\fltMC.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Fondue.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\fontview.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\forfiles.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\fsutil.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ftp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\GameOverlayUI.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\getmac.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\gpresult.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\gpupdate.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\hdwwiz.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\help.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\hh.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\HOSTNAME.EXE: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\icacls.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\icsunattend.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ieUnatt.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\iexpress.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\InfDefaultInstall.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\instnm.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\iscsicli.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\isoburn.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\kstat.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ktmutil.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\label.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\licensingdiag.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\LocationNotifications.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\lodctr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\logagent.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\logman.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Magnify.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\mfpmp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\MigAutoPlay.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\mountvol.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\MRINFO.EXE: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\msfeedssync.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\mshta.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\msra.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\MsSpellCheckingHost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\mstsc.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\mtstocom.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\MuiUnattend.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\NAPSTAT.EXE: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Narrator.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ndadmin.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\netbtugc.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\netiougc.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Netplwiz.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\newdev.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\nslookup.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ntprint.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ocsetup.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\odbcad32.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\odbcconf.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\openfiles.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\osk.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\PasswordOnWakeSettingFlyout.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\pbsvc.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\perfhost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\perfmon.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\PkgMgr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\PnkBstrA.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\poqexec.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\PresentationHost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\prevhost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\print.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\printui.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\proquota.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\psr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\rasautou.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\rasdial.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\rasphone.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\rdrleakdiag.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ReAgentc.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\recover.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\regini.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Register-CimProvider.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\rekeywiz.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\relog.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\replace.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\ResDefA.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\RMActivate.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\RMActivate_isv.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\RMActivate_ssp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\RMActivate_ssp_isv.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\RmClient.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Robocopy.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\rrinstaller.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\runas.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\RunLegacyCPLElevated.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\sdbinst.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\sdchange.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SecEdit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\secinit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\setup16.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\setupugc.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\setx.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\shrpubw.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\shutdown.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SmartScreenSettings.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\sort.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\srdelayed.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Steam.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\steamerrorreporter.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\steamerrorreporter64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SteamTmp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\streaming_client.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\subst.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\sxstrace.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SyncHost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\syskey.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SystemPropertiesAdvanced.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SystemPropertiesComputerName.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SystemPropertiesDataExecutionPrevention.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SystemPropertiesHardware.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SystemPropertiesPerformance.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SystemPropertiesProtection.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SystemPropertiesRemote.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\systray.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\takeown.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\TapiUnattend.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\tcmsetup.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\TCPSVCS.EXE: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\TnglCtrl.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\TpmInit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\TSTheme.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\TsWpfWrp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Tunngle.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\typeperf.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\tzutil.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\unlodctr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\upnpcont.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\user.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\UserAccountBroker.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\verifier.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\vssadmin.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\waitfor.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\wecutil.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\WerFaultSecure.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\wevtutil.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\wextract.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\where.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\whoami.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\wiaacmgr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\winrs.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\winrshost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\winver.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\wlanext.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\WMPDMC.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\write.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\WriteMiniDump.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\WSManHTTPConfig.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\wsmprovhost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\wuapp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\wusa.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\WWAHost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\xliveinstallhost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\xpsrchvw.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\xstat.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\xwizard.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
SearchScopes: HKLM - DefaultScope {568E7922-4150-4E06-BBC1-23095D060860} URL = http://www.bing.com/search?q={searchTer ... &pc=MAMIJS;
SearchScopes: HKLM - {568E7922-4150-4E06-BBC1-23095D060860} URL = http://www.bing.com/search?q={searchTer ... &pc=MAMIJS;
SearchScopes: HKLM-x32 - DefaultScope {568E7922-4150-4E06-BBC1-23095D060860} URL = http://www.bing.com/search?q={searchTer ... &pc=MAMIJS;
SearchScopes: HKLM-x32 - {568E7922-4150-4E06-BBC1-23095D060860} URL = http://www.bing.com/search?q={searchTer ... &pc=MAMIJS;
SearchScopes: HKCU - DefaultScope {568E7922-4150-4E06-BBC1-23095D060860} URL =
SearchScopes: HKCU - {568E7922-4150-4E06-BBC1-23095D060860} URL =
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Extension: . - C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\Extensions\{546f7A73-c736-cf2d-c542-54687f7a1a32} [2014-11-16]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
CHR Extension: (cwwogwaoa) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgkfajodaliacghnafobjnclblcfmlm [2014-11-08]
2014-11-08 15:39 - 2014-11-08 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\WHZYY\Downloads\Nepotvrzeno 504960.crdownload
2014-11-08 15:39 - 2014-11-08 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\WHZYY\Downloads\Nepotvrzeno 335410.crdownload
Task: C:\Windows\Tasks\ASC7_SkipUac_WHZYY.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8c72f57d5948.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value not found.
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 7 => Value not found.
"HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f91f675-d383-11e3-bef3-0cd292264c64}" => Key not found.
"HKCR\CLSID\{1f91f675-d383-11e3-bef3-0cd292264c64}" => Key not found.
"HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{246942ac-19ee-11e3-be7c-8c89a50bfaaa}" => Key not found.
"HKCR\CLSID\{246942ac-19ee-11e3-be7c-8c89a50bfaaa}" => Key not found.
"HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{369b3b43-1e24-11e3-be85-8c89a50bfaaa}" => Key not found.
"HKCR\CLSID\{369b3b43-1e24-11e3-be85-8c89a50bfaaa}" => Key not found.
"HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64574e6f-601b-11e3-bec5-806e6f6e6963}" => Key not found.
"HKCR\CLSID\{64574e6f-601b-11e3-bec5-806e6f6e6963}" => Key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDriveTypeAutoRun => value deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ARP.EXE" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\at.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\auditpol.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\autochk.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\autoconv.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\autofmt.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\backgroundTaskHost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BackgroundTransferHost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitsadmin.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bootcfg.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bthudtask.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ByteCodeGenerator.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cacls.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CertEnrollCtrl.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\certreq.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\charmap.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CheckNetIsolation.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\chkdsk.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\chkntfs.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\choice.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cipher.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cliconfg.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\clip.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cmdkey.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cmdl32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cmmon32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cmstp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\colorcpl.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\comp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\compact.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ComputerDefaults.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\convert.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CredentialUIBroker.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\credwiz.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cttune.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cttunesvr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dccw.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dcomcnfg.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ddodiag.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\DevicePairingWizard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dfrgui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dialer.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\diskpart.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\diskperf.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\diskraid.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Dism.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dllhst3g.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\doskey.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dpapimig.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\DpiScaling.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dplaysvr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dpnsvr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\driverquery.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dvdplay.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dvdupgrd.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\EaseOfAccessDialog.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\efsui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\EhStorAuthn.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\esentutl.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\eudcedit.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\eventcreate.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\eventvwr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\expand.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\extrac32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\findstr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\finger.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fixmapi.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FlashPlayerApp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FlashPlayerInstaller.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fltMC.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Fondue.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fontview.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\forfiles.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fsutil.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ftp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GameOverlayUI.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\getmac.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\gpresult.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\gpupdate.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\hdwwiz.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\help.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\hh.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\HOSTNAME.EXE" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\icacls.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\icsunattend.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ieUnatt.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iexpress.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\InfDefaultInstall.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\instnm.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iscsicli.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\isoburn.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kstat.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ktmutil.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\label.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\licensingdiag.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\LocationNotifications.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\lodctr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\logagent.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\logman.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Magnify.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mfpmp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MigAutoPlay.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mountvol.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MRINFO.EXE" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msfeedssync.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mshta.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msra.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MsSpellCheckingHost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mstsc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mtstocom.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MuiUnattend.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NAPSTAT.EXE" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Narrator.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ndadmin.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\netbtugc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\netiougc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Netplwiz.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\newdev.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nslookup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ntprint.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ocsetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\odbcad32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\odbcconf.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\openfiles.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\osk.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PasswordOnWakeSettingFlyout.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\pbsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\perfhost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\perfmon.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PkgMgr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PnkBstrA.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\poqexec.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PresentationHost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\prevhost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\print.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\printui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\proquota.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\psr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rasautou.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rasdial.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rasphone.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rdrleakdiag.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ReAgentc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\recover.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\regini.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Register-CimProvider.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rekeywiz.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\relog.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\replace.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ResDefA.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RMActivate.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RMActivate_isv.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RMActivate_ssp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RMActivate_ssp_isv.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RmClient.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Robocopy.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rrinstaller.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\runas.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RunLegacyCPLElevated.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sdbinst.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sdchange.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SecEdit.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\secinit.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\setup16.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\setupugc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\setx.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\shrpubw.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\shutdown.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SmartScreenSettings.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sort.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\srdelayed.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Steam.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\steamerrorreporter.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\steamerrorreporter64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SteamTmp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\streaming_client.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\subst.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sxstrace.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SyncHost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\syskey.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SystemPropertiesAdvanced.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SystemPropertiesComputerName.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SystemPropertiesDataExecutionPrevention.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SystemPropertiesHardware.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SystemPropertiesPerformance.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SystemPropertiesProtection.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SystemPropertiesRemote.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\systray.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\takeown.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TapiUnattend.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\tcmsetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TCPSVCS.EXE" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TnglCtrl.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TpmInit.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TSTheme.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TsWpfWrp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Tunngle.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\typeperf.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\tzutil.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\unlodctr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\upnpcont.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\user.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UserAccountBroker.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\verifier.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vssadmin.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\waitfor.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wecutil.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WerFaultSecure.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wevtutil.exe" => Key not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wextract.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\where.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\whoami.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wiaacmgr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\winrs.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\winrshost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\winver.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wlanext.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WMPDMC.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\write.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WriteMiniDump.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WSManHTTPConfig.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wsmprovhost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wuapp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wusa.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WWAHost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\xliveinstallhost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\xpsrchvw.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\xstat.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\xwizard.exe" => Key deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{568E7922-4150-4E06-BBC1-23095D060860}" => Key deleted successfully.
"HKCR\CLSID\{568E7922-4150-4E06-BBC1-23095D060860}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{568E7922-4150-4E06-BBC1-23095D060860}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{568E7922-4150-4E06-BBC1-23095D060860}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{568E7922-4150-4E06-BBC1-23095D060860}" => Key deleted successfully.
"HKCR\CLSID\{568E7922-4150-4E06-BBC1-23095D060860}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key not found.
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2" => Key deleted successfully.
C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\Extensions\{546f7A73-c736-cf2d-c542-54687f7a1a32} => Moved successfully.
C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgkfajodaliacghnafobjnclblcfmlm => Moved successfully.
"C:\Users\WHZYY\Downloads\Nepotvrzeno 504960.crdownload" => File/Directory not found.
"C:\Users\WHZYY\Downloads\Nepotvrzeno 335410.crdownload" => File/Directory not found.
C:\Windows\Tasks\ASC7_SkipUac_WHZYY.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8c72f57d5948.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 773.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vypínání antiviru - problémy s PC

#17 Příspěvek od altrok »

:arrow: v pripade zlepseni me prosim informujte... zatim to vypada na nakopnuty system, takze Vam doporucim zazalohovat data

:arrow: nastalo nejake zlepseni? IObit sel odinstalovat, ESET jde spustit?

:arrow: dejte novy log z FRSTLauncheru
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
whzy
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 08 lis 2014 15:37

Re: Vypínání antiviru - problémy s PC

#18 Příspěvek od whzy »

ESET stále spustit nejde hlásí error v komunikaci s kernelem, malware antibytes je zaplý, ale i přes to, že u ochran vidím fajfky, mi to uvnitř programu hlásí, že reálná ochrana nefunguje. IObit už odinstalovat šel, nový log je zde.

EDIT// Ještě jeden software od IObit zůstal, takže jsem ho odstranil šlo o "Surfing Protection" teď už mám ntb komplet bez IObit software.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01
Ran by WHZYY (administrator) on WHZY on 08-11-2014 20:21:59
Running from C:\Users\WHZYY\Desktop
Loaded Profile: WHZYY (Available profiles: WHZYY & pro Rohypnola)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Dropbox, Inc.) C:\Users\WHZYY\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tunngle.net GmbH) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(forum.viry.cz) C:\Users\WHZYY\Desktop\FRST-OlderVersion\FRSTLauncher (2).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6148096 2014-10-31] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14232576 2014-10-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2503168 2014-10-31] (Valve Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-1364888623-3007056578-2871405216-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\Users\WHZYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\WHZYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\WHZYY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {568E7922-4150-4E06-BBC1-23095D060860} URL = http://www.bing.com/search?q={searchTer ... &pc=MAMIJS;
SearchScopes: HKCU - {568E7922-4150-4E06-BBC1-23095D060860} URL = http://www.bing.com/search?q={searchTer ... &pc=MAMIJS;
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll (Macromedia, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\Extensions\ascsurfingprotection@iobit.com [2014-03-06]
FF Extension: Flashblock - C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-12-06]
FF Extension: . - C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\Extensions\{546f7A73-c736-cf2d-c542-54687f7a1a32} [2014-11-08]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-10-04]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-11-10]
FF Extension: No Name - C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\extensions\WebSiteRecommendation@weliketheweb.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Profile: C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-08]
CHR Extension: (Dokumenty Google) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-11]
CHR Extension: (Disk Google) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-11]
CHR Extension: (YouTube) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-11]
CHR Extension: (Facebook Secret Emoticons) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe [2014-08-30]
CHR Extension: (Adblock Plus) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-30]
CHR Extension: (Vyhledávání Google) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-11]
CHR Extension: (AdBlock Plus) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecdfddndpamlpfpicfeoblidlbnmcpco [2014-08-30]
CHR Extension: (Tabulky Google) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-08]
CHR Extension: (cwwogwaoa) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgkfajodaliacghnafobjnclblcfmlm [2014-11-08]
CHR Extension: (Peněženka Google) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-11]
CHR Extension: (Gmail) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [819712 2014-11-01] (Adobe Systems Incorporated) [File not signed]
S2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-07] (BlueStack Systems, Inc.)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [839168 2014-11-01] (Intel Corporation) [File not signed]
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1889280 2014-10-31] (ESET) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [1238016 2014-11-16] (Microsoft Corporation) [File not signed]
S4 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [680960 2014-11-08] (Google Inc.) [File not signed]
S4 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [680960 2014-11-08] (Google Inc.) [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [3092480 2014-11-08] (LogMeIn Inc.) [File not signed]
R2 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [638976 2014-11-16] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [1195520 2014-10-31] (Intel(R) Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [729600 2014-11-08] (Intel Corporation) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [981504 2014-11-08] (LogMeIn, Inc.) [File not signed]
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [838656 2014-11-16] (Intel Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2431488 2014-11-08] (Malwarebytes Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1532416 2014-11-08] () [File not signed]
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [728064 2014-11-08] (Micro-Star International Co., Ltd.) [File not signed]
S2 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [681472 2014-11-16] (Mozilla Foundation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [712704 2014-11-16] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [695296 2014-11-16] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [633344 2014-11-16] (Microsoft Corporation) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [721920 2014-11-08] (MSI) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2175488 2014-11-08] (NVIDIA Corporation) [File not signed]
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21569024 2014-10-31] (NVIDIA Corporation) [File not signed]
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [1486848 2014-11-08] (NVIDIA Corporation) [File not signed]
R2 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [711168 2014-11-16] (Microsoft Corporation) [File not signed]
S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [5487104 2014-10-31] (Microsoft Corporation) [File not signed]
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [103736 2013-12-06] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [1058816 2014-10-31] () [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [583680 2014-11-16] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [1338368 2014-11-08] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [5485568 2014-11-16] (Microsoft Corporation) [File not signed]
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1395712 2014-11-16] (Valve Corporation) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S2 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [1079808 2014-11-16] (Adobe Systems Incorporated) [File not signed]
R3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]
S2 UI0Detect; C:\Windows\system32\UI0Detect.exe [609792 2014-11-16] (Microsoft Corporation) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [927232 2014-11-16] (Intel Corporation) [File not signed]
R2 vds; C:\Windows\System32\vds.exe [1250816 2014-11-16] (Microsoft Corporation) [File not signed]
R2 VSS; C:\Windows\system32\vssvc.exe [2051584 2014-11-16] (Microsoft Corporation) [File not signed]
S2 wbengine; C:\Windows\system32\wbengine.exe [2187264 2014-11-16] (Microsoft Corporation) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1883648 2014-10-31] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [1384448 2014-11-08] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [1240576 2014-11-16] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-12-14] () [File not signed]
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2012-09-25] (Qualcomm Atheros, Inc.)
R2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-07] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2014-09-14] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [254528 2013-09-09] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-09-28] (Sony Mobile Communications)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-11-03] (LogMeIn Inc.)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows (R) Win 7 DDK provider)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2014-07-06] (Qualcomm Atheros, Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-12-14] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-08] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-07-06] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3349984 2014-07-06] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2013-12-08] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
U3 a3dw8js7; C:\Windows\System32\Drivers\a3dw8js7.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 20:21 - 2014-11-08 20:21 - 00029696 _____ () C:\Users\WHZYY\AppData\Local\MSGBOX.EXE
2014-11-08 20:21 - 2014-11-08 20:21 - 00015327 _____ () C:\Users\WHZYY\Desktop\LM.bat
2014-11-08 20:18 - 2014-11-08 20:18 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-11-08 19:43 - 2014-11-08 20:21 - 00000000 ____D () C:\Users\WHZYY\Desktop\FRST-OlderVersion
2014-11-08 19:18 - 2014-11-08 19:47 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-11-08 19:18 - 2014-11-08 19:18 - 00000936 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-11-08 19:18 - 2014-11-08 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-11-08 18:19 - 2014-11-08 18:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1364888623-3007056578-2871405216-1005
2014-11-08 18:09 - 2014-11-08 18:12 - 00000000 ____D () C:\Users\pro Rohypnola\AppData\Local\CrashDumps
2014-11-08 18:08 - 2014-11-08 18:24 - 00000000 ____D () C:\Users\pro Rohypnola\AppData\Local\LogMeIn Hamachi
2014-11-08 18:08 - 2014-11-08 18:09 - 00000000 ____D () C:\Users\pro Rohypnola\AppData\Local\NVIDIA Corporation
2014-11-08 18:08 - 2014-11-08 18:08 - 00000000 ____D () C:\Users\pro Rohypnola\AppData\Local\LogMeIn
2014-11-08 18:06 - 2014-11-08 18:06 - 00000000 ____D () C:\Users\pro Rohypnola\AppData\Local\NVIDIA
2014-11-08 17:51 - 2014-11-08 17:51 - 00000000 __SHD () C:\found.000
2014-11-08 16:51 - 2014-11-08 16:53 - 00000000 ____D () C:\AdwCleaner
2014-11-08 16:50 - 2014-11-08 16:50 - 02145792 _____ () C:\Users\WHZYY\Desktop\AdwCleaner.exe
2014-11-08 16:42 - 2014-11-08 16:42 - 01441791 _____ () C:\Users\WHZYY\Desktop\Untitled-1.psd
2014-11-08 15:45 - 2014-11-08 15:45 - 00012100 _____ () C:\Users\WHZYY\Desktop\Addition.rar
2014-11-08 15:45 - 2014-11-08 15:45 - 00012084 _____ () C:\Users\WHZYY\Desktop\Addition.zip
2014-11-08 15:41 - 2014-11-08 20:22 - 00023146 _____ () C:\Users\WHZYY\Desktop\FRST.txt
2014-11-08 15:41 - 2014-11-08 20:22 - 00000000 ____D () C:\FRST
2014-11-08 15:39 - 2014-11-08 20:21 - 02115584 _____ (Farbar) C:\Users\WHZYY\Desktop\FRST64.exe
2014-11-08 15:25 - 2014-11-08 15:26 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\WHZYY\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-08 15:23 - 2014-11-08 15:23 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\WHZYY\Downloads\rkill.exe
2014-11-08 15:20 - 2014-11-08 15:21 - 05593178 _____ (Swearware) C:\Users\WHZYY\Downloads\ComboFix.exe
2014-11-08 15:18 - 2014-11-08 18:24 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-11-08 15:18 - 2014-11-08 15:18 - 01187896 _____ (Piriform Ltd) C:\Users\WHZYY\Downloads\ccleaner.exe
2014-11-08 15:08 - 2014-11-08 15:10 - 00005082 _____ () C:\Users\WHZYY\Downloads\ESETSirefefCleaner.exe_20141108.150828.1464.log
2014-11-08 15:08 - 2014-11-08 15:10 - 00001530 _____ () C:\Users\WHZYY\Downloads\ESETSirefefCleaner.exe_20141108.150828.1464.zip
2014-11-08 15:08 - 2014-11-08 15:08 - 00368992 _____ (ESET) C:\Users\WHZYY\Downloads\ESETSirefefCleaner.exe
2014-11-08 13:44 - 2014-11-08 13:44 - 03075893 _____ () C:\Users\WHZYY\Downloads\Technix_business_card_by_hertzz.zip
2014-11-03 18:12 - 2014-11-03 18:12 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-10-31 17:28 - 2014-10-31 17:28 - 00006960 ____N () C:\bootsqm.dat
2014-10-14 15:38 - 2014-10-14 15:38 - 00130016 _____ () C:\Users\WHZYY\Downloads\MTS_plasticbox_1472174_halliburton.zip
2014-10-14 12:35 - 2014-10-14 12:39 - 00000000 ____D () C:\Users\WHZYY\Downloads\[R.G. Mechanics] Middle Earth - Shadow of Mordor
2014-10-14 11:58 - 2014-11-08 16:54 - 00028922 _____ () C:\Windows\PFRO.log
2014-10-14 10:20 - 2014-10-14 11:08 - 147821985 _____ () C:\Users\WHZYY\Downloads\SC-741874FF154U1.rar
2014-10-14 00:09 - 2014-10-14 00:10 - 00000000 ____D () C:\Users\WHZYY\AppData\Roaming\MKKE
2014-10-13 23:58 - 2014-10-13 23:58 - 00000728 _____ () C:\Users\Public\Desktop\Mortal Kombat Complete Edition.lnk
2014-10-13 23:58 - 2014-10-13 23:58 - 00000711 _____ () C:\Users\Public\Desktop\Cat-A-Cat Games.lnk
2014-10-13 23:58 - 2014-10-13 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat Complete Edition
2014-10-13 19:56 - 2014-10-13 20:28 - 97307499 _____ () C:\Users\WHZYY\Downloads\The.Sims.4.Update.3.and.Crack.v7.rar
2014-10-13 18:53 - 2014-10-13 18:53 - 00001099 _____ () C:\Users\WHZYY\Desktop\Cheat Engine.lnk
2014-10-13 18:53 - 2014-10-13 18:53 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2014-10-13 18:50 - 2014-10-13 18:50 - 00000000 ____D () C:\Users\WHZYY\AppData\Roaming\fizzy
2014-10-13 16:47 - 2014-10-13 16:47 - 00000000 ____D () C:\Users\WHZYY\Documents\Ghost Games
2014-10-13 13:41 - 2014-10-13 13:49 - 00000110 _____ () C:\Users\WHZYY\Desktop\mok.bat
2014-10-13 12:19 - 2014-10-13 12:21 - 00000000 ____D () C:\Users\WHZYY\Documents\Battlefield 4
2014-10-13 09:18 - 2014-10-13 09:18 - 97726398 _____ () C:\Users\WHZYY\Desktop\IMG_2030.psd
2014-10-13 08:16 - 2014-11-08 14:31 - 00000000 ____D () C:\Users\WHZYY\Desktop\Vizitka
2014-10-12 13:53 - 2014-10-13 11:13 - 00000000 ____D () C:\Users\WHZYY\Downloads\FIFA 15-ULTIMATE TEAM EDITION-SC
2014-10-12 11:18 - 2014-10-12 11:17 - 00000318 _____ () C:\Users\WHZYY\Desktop\Curse Client.appref-ms

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 16:45 - 2013-12-08 01:46 - 00000000 ____D () C:\Users\WHZYY\AppData\Roaming\.minecraft
2014-11-16 16:40 - 2013-10-06 22:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-16 16:40 - 2013-09-22 18:46 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-11-16 16:40 - 2013-09-20 19:24 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-11-16 16:40 - 2013-09-20 18:49 - 02051584 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-11-16 16:40 - 2013-09-12 15:41 - 05485568 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-11-16 16:40 - 2012-07-26 03:15 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe
2014-11-16 16:40 - 2012-07-26 03:06 - 00633344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2014-11-16 16:40 - 2012-07-26 03:00 - 00695296 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2014-11-16 16:40 - 2012-07-26 02:58 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
2014-11-16 16:40 - 2012-07-26 01:18 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-11-16 16:40 - 2012-07-26 00:53 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\msdtc.exe
2014-11-16 16:38 - 2012-07-26 01:26 - 01238016 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2014-11-16 16:35 - 2014-09-09 11:17 - 00000000 ____D () C:\Users\WHZYY\Desktop\COD2
2014-11-08 20:19 - 2014-09-06 11:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-08 20:18 - 2014-03-06 19:37 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-08 20:18 - 2013-12-19 17:52 - 00003494 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-WHZY-WHZYY
2014-11-08 20:18 - 2013-10-29 18:06 - 00003214 _____ () C:\Windows\System32\Tasks\Origin
2014-11-08 20:18 - 2013-09-13 22:47 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-08 20:18 - 2013-09-13 22:47 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 20:18 - 2013-09-13 14:13 - 00003542 _____ () C:\Windows\System32\Tasks\CreateChoiceProcessTask
2014-11-08 20:06 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-11-08 20:02 - 2013-09-13 22:00 - 00000000 ____D () C:\Users\WHZYY\AppData\Roaming\Skype
2014-11-08 19:59 - 2013-02-22 10:19 - 00791060 _____ () C:\Windows\system32\perfh00C.dat
2014-11-08 19:59 - 2013-02-22 10:19 - 00155620 _____ () C:\Windows\system32\perfc00C.dat
2014-11-08 19:59 - 2013-02-22 09:15 - 00728526 _____ () C:\Windows\system32\perfh005.dat
2014-11-08 19:59 - 2013-02-22 09:15 - 00148542 _____ () C:\Windows\system32\perfc005.dat
2014-11-08 19:59 - 2012-07-26 08:28 - 02664590 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 19:57 - 2013-09-09 22:05 - 00000000 ____D () C:\Users\WHZYY\AppData\Local\CrashDumps
2014-11-08 19:54 - 2014-09-28 13:54 - 00000000 ___RD () C:\Users\WHZYY\Dropbox
2014-11-08 19:54 - 2014-09-28 13:50 - 00000000 ____D () C:\Users\WHZYY\AppData\Roaming\Dropbox
2014-11-08 19:54 - 2014-06-04 08:20 - 00000000 ___RD () C:\Users\WHZYY\Disk Google
2014-11-08 19:54 - 2013-09-10 08:53 - 01440390 _____ () C:\Windows\WindowsUpdate.log
2014-11-08 19:53 - 2014-05-25 15:20 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-11-08 19:53 - 2013-10-25 18:37 - 00000000 ____D () C:\Users\WHZYY\AppData\Local\LogMeIn Hamachi
2014-11-08 19:53 - 2013-09-10 09:07 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1364888623-3007056578-2871405216-1002
2014-11-08 19:53 - 2013-03-13 21:35 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2014-11-08 19:47 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-08 19:44 - 2012-07-26 09:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-08 18:55 - 2013-03-13 21:30 - 01486848 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-08 18:55 - 2012-07-26 00:27 - 01338368 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-11-08 18:25 - 2013-03-13 21:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-08 18:24 - 2014-09-06 11:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-08 18:24 - 2014-06-18 22:14 - 00000000 ____D () C:\Users\pro Rohypnola
2014-11-08 18:24 - 2014-06-04 08:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-08 18:24 - 2014-03-08 12:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-08 18:24 - 2014-03-06 19:38 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-08 18:24 - 2013-09-09 22:35 - 00000000 ____D () C:\Fraps
2014-11-08 18:24 - 2012-07-26 09:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-08 18:23 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2014-11-08 17:58 - 2013-09-10 08:57 - 00000000 ____D () C:\Users\WHZYY
2014-11-08 16:53 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-08 16:44 - 2014-07-01 10:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-08 15:27 - 2014-09-06 11:05 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-08 15:14 - 2014-07-31 20:24 - 00000000 ____D () C:\Users\WHZYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-11-08 15:14 - 2014-04-11 07:09 - 00000000 ____D () C:\Users\WHZYY\AppData\Local\Deployment
2014-11-08 15:14 - 2013-09-13 17:02 - 00000000 ____D () C:\Users\WHZYY\AppData\Roaming\uTorrent
2014-11-08 14:40 - 2013-09-20 19:24 - 01384448 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-11-08 13:44 - 2014-06-04 21:12 - 02504192 ___SH () C:\Users\WHZYY\Downloads\Thumbs.db
2014-11-08 12:02 - 2014-06-04 12:30 - 03621376 ___SH () C:\Users\WHZYY\Desktop\Thumbs.db
2014-11-08 12:02 - 2013-10-12 21:14 - 00001456 _____ () C:\Users\WHZYY\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-11-08 11:42 - 2013-10-28 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
2014-11-08 11:38 - 2014-06-20 11:32 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8c72f57d5948
2014-11-08 11:38 - 2014-04-11 07:09 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-08 11:38 - 2014-03-08 12:07 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-11-08 11:37 - 2014-03-06 19:21 - 00000000 ____D () C:\Program Files (x86)\7 Days To Die
2014-11-08 11:35 - 2013-09-10 22:45 - 00000000 ____D () C:\Users\WHZYY\Desktop\EVERYTHING
2014-11-01 07:15 - 2013-03-13 18:23 - 00839168 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-10-31 19:44 - 2010-04-27 14:45 - 00633856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xliveinstallhost.exe
2014-10-31 19:42 - 2014-07-06 13:12 - 00828416 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-31 19:42 - 2014-07-06 13:12 - 00736256 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-31 19:42 - 2014-07-06 13:12 - 00736256 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-31 19:42 - 2013-03-13 22:09 - 00728064 _____ (Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
2014-10-31 19:41 - 2014-08-17 11:10 - 01265152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-31 19:41 - 2013-10-08 19:28 - 06339072 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-10-31 18:32 - 2013-10-24 19:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-31 17:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-10-31 17:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-31 17:41 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-31 17:39 - 2013-03-13 21:37 - 00000000 ____D () C:\Program Files\Elantech
2014-10-31 17:38 - 2012-07-26 01:53 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-10-14 08:49 - 2013-09-09 21:09 - 00000000 ____D () C:\Users\WHZYY\AppData\Roaming\DAEMON Tools Lite
2014-10-14 00:09 - 2013-11-23 12:51 - 00000000 ____D () C:\ProgramData\Steam
2014-10-13 16:41 - 2013-10-12 23:56 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-10-12 11:07 - 2014-02-01 01:13 - 00000000 ____D () C:\Users\WHZYY\AppData\Roaming\vlc
2014-10-12 01:21 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\WHZYY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbqr2mr.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-29 14:45

==================== End Of Log ============================
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vypínání antiviru - problémy s PC

#19 Příspěvek od altrok »

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
FF user.js: detected! => C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\user.js
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\Extensions\ascsurfingprotection@iobit.com [2014-03-06]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
CHR Extension: (cwwogwaoa) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgkfajodaliacghnafobjnclblcfmlm [2014-11-08]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
2014-11-08 20:21 - 2014-11-08 20:21 - 00029696 _____ () C:\Users\WHZYY\AppData\Local\MSGBOX.EXE
2014-11-08 20:21 - 2014-11-08 20:21 - 00015327 _____ () C:\Users\WHZYY\Desktop\LM.bat
C:\Program Files (x86)\IObit
Hosts:
EmptyTemp:
End
:arrow: ESET mate zaplaceny?

:arrow: Vas edit jsem cetl, pouzijte tento fixlist
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
whzy
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 08 lis 2014 15:37

Re: Vypínání antiviru - problémy s PC

#20 Příspěvek od whzy »

ESET mám koupený.

LOG:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-11-2014 01
Ran by WHZYY at 2014-11-08 20:46:17 Run:3
Running from C:\Users\WHZYY\Desktop
Loaded Profiles: WHZYY & (Available profiles: WHZYY & pro Rohypnola)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
FF user.js: detected! => C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\user.js
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\Extensions\ascsurfingprotection@iobit.com [2014-03-06]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
CHR Extension: (cwwogwaoa) - C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgkfajodaliacghnafobjnclblcfmlm [2014-11-08]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
2014-11-08 20:21 - 2014-11-08 20:21 - 00029696 _____ () C:\Users\WHZYY\AppData\Local\MSGBOX.EXE
2014-11-08 20:21 - 2014-11-08 20:21 - 00015327 _____ () C:\Users\WHZYY\Desktop\LM.bat
C:\Program Files (x86)\IObit
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key not found.
"HKCR\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key not found.
C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\user.js => Moved successfully.
C:\Users\WHZYY\AppData\Roaming\Mozilla\Firefox\Profiles\aivxr4c5.default\Extensions\ascsurfingprotection@iobit.com not found.
C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
C:\Users\WHZYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgkfajodaliacghnafobjnclblcfmlm => Moved successfully.
LiveUpdateSvc => Service deleted successfully.
"C:\Users\WHZYY\AppData\Local\MSGBOX.EXE" => File/Directory not found.
"C:\Users\WHZYY\Desktop\LM.bat" => File/Directory not found.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 115.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vypínání antiviru - problémy s PC

#21 Příspěvek od altrok »

:arrow: Spustte prikazovou radku jako spravce (start -> spustit -> cmd) a vepiste

Kód: Vybrat vše

sfc /scannow
:arrow: V prubehu kontroly nezavirejte okno prikazove radky! Po dokonceni se ukaze okno s vysledky, ktere mi klidne vyfotte (tlacitko PrtScr, otevrit malovani a ctrl+v).
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
whzy
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 08 lis 2014 15:37

Re: Vypínání antiviru - problémy s PC

#22 Příspěvek od whzy »

Omlouvám se za zpoždění, byl jsem mimo ntb, už jsem to spustil a čekám.
Nahoru
whzy
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 08 lis 2014 15:37

Re: Vypínání antiviru - problémy s PC

#23 Příspěvek od whzy »

Při cca. 74% systém zamrznul a nereagoval na nic, musel jsem tvrdě vypnout. Mám proces opakovat?
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vypínání antiviru - problémy s PC

#24 Příspěvek od altrok »

Ano zopakujte to, ale nevypada to dobre :/

Mezitim promyslim dalsi postup...
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
whzy
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 08 lis 2014 15:37

Re: Vypínání antiviru - problémy s PC

#25 Příspěvek od whzy »

Moc děkuji za pomoc.
Všiml jsem si ještě jedné podivnosti, a to té, že mi to hlásí, že nemám aktivovaný Windows a v pravo dole mám napsaný (Windows 8 Build 9200), což jsem nemýval a Windows určitě aktivovaný mám, měl jsem ho už v ntb nainstalovaný při koupi.
Nahoru
whzy
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 08 lis 2014 15:37

Re: Vypínání antiviru - problémy s PC

#26 Příspěvek od whzy »

Obrázek
Napodruhé se povedlo, tady je výsledek. Co dál?
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vypínání antiviru - problémy s PC

#27 Příspěvek od altrok »

:arrow: Log z opravy vlozte do pristi odpovedi
  • C:\Windows\Logs\CBS\CBS.log
    pokud bude dlouhy, zabalte ho napr. do zipu/raru a prilozte k prispevku.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
whzy
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 08 lis 2014 15:37

Re: Vypínání antiviru - problémy s PC

#28 Příspěvek od whzy »

Nedaří se mi otevřít ani zararovat, "přístup odepřen".
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vypínání antiviru - problémy s PC

#29 Příspěvek od altrok »

:arrow: restartujte PC, at se projevi zmeny alespon po teto oprave

:arrow:
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
whzy
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 08 lis 2014 15:37

Re: Vypínání antiviru - problémy s PC

#30 Příspěvek od whzy »

Restaroval jsem ntb, čekal jsem asi 3 min. když na obrazovce bylo "Prosím počkejte." poté se ukázao příprava konfigurací systému windows 35%, znovu restart, chvilku jsem zase čekal a potom to oznámilo, že se konfigurace nových aktualizací nezdařila a vracení změn, takže nevím jestli nějáké změny proběhly, teď jsem se dostal do windows a stáhl ten program, při pokusu ho spustit z archivu vyhodí chybu: "Not found Graph.html"

Mimochodem, takhle vypadá ESET při nabootování, poté nahlásí chybu ESET Main GUI a spadne.
Obrázek
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“