VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

https://forum.viry.cz:443/viewtopic.php?t=140998

Stránka 1 z 2

Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 17:28
od CassiusClay
mám asi moc virů a malwarů v PC, internet je pomalý PC se často seká, a nejde vypnout POČÍTAČ, vypnu ho a píše to vypínání i tři hodiny a nevypne se...musís vypnout odpojením kabelu potřebuju odbornou pomoc, někdy něco smažu a maže se to i 5 hodin a nic...


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-10-2014 01
Ran by Patrik (administrator) on PATRIK-PC on 29-10-2014 15:53:17
Running from C:\Users\Patrik\Desktop
Loaded Profile: Patrik (Available profiles: Patrik)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Users\Patrik\AppData\Roaming\Seznam.cz\szninstall.exe
() C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [Facebook Update] => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-02] (Facebook Inc.)
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Patrik\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [tmpA0C1] => wscript.exe //B "C:\Users\Patrik\AppData\Local\Temp\tmpA0C1.tmp.vbs" <===== ATTENTION
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {057a7823-baca-11e2-a60d-e069958b2749} - D:\setup.exe
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {7ef66163-d5e1-11e2-a1f6-e069958b2749} - D:\autorun.exe
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {bc30aede-6c85-11e3-8e69-e069958b2749} - D:\Autorun.exe
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\39f6fce3ff39d00951e44375c3a0d756.exe (ಈವಿಷಯಗಳುಹೇಗೆಮಾಡಬೇಕೋ)
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpA0C1.tmp.vbs ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKCU - {2030773F-84EF-49CE-994E-991B23F1CE99} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {34F9433E-8532-4974-9BE8-39991ADF6C02} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {440FF0DE-3FA1-461C-831B-0A5D2F19AF4D} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKCU - {4C66A2B1-921B-446D-990A-9F7A51303BB3} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {4F7B9730-8DB1-4D10-A7DA-CFB8A749FB3A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {6077AFA1-110F-47E5-B308-F49DC1441258} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {7D71E444-42AD-4461-8268-F64951703252} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {9CB9B278-8606-4538-8AD0-0AB556750C41} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKCU - {F8FC61C2-D4BF-4DED-B5A3-2A5DD859915B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKCU - ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48иpatm6ęo^Mp`Ëő÷_iŁw˜ľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll No File
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Patrik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-23]
CHR Extension: (Disk Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-23]
CHR Extension: (YouTube) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-23]
CHR Extension: (Savevid) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\liibpejlpebkfpddljfpipkpjhphifon [2014-07-23]
CHR Extension: (Peněženka Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-23]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-07-30]
CHR Extension: (Gmail) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-23]
CHR HKLM\...\Chrome\Extension: [liibpejlpebkfpddljfpipkpjhphifon] - C:\Program Files\Savevid\SavevidChrome.crx [2014-02-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-25] (Avira Operations GmbH & Co. KG)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-27] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation) [File not signed]
S2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed]
R2 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\system32\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2013-01-13] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2014-09-19] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-12] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75064 2014-08-04] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [214520 2014-10-26] ()
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-11] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-14] (Microsoft Corporation) [File not signed]
R2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [523264 2014-07-17] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-28] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-30] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-09-30] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-25] (Avira Operations GmbH & Co. KG)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-06-23] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-06-24] (Avira Operations GmbH & Co. KG)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [File not signed]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15384 2014-01-07] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation) [File not signed]
S3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation) [File not signed]
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [9036800 2011-02-11] (Intel Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed]
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Atheros Communications, Inc.) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [95304 2012-03-25] (MotioninJoy)
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\system32\Drivers\Msfs.sys [22528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () [File not signed]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation) [File not signed]
R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [18944 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [14848 2012-08-23] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-17] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2013-12-24] (Duplex Secure Ltd.)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] (Microsoft Corporation) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-17] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [49664 2012-08-23] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\system32\drivers\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [43520 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [24064 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation) [File not signed]
S3 cpuz134; \??\C:\Users\Patrik\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
U3 ayhab9n2; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 15:53 - 2014-10-29 16:23 - 00046046 _____ () C:\Users\Patrik\Desktop\FRST.txt
2014-10-29 15:51 - 2014-10-29 15:53 - 00000000 ____D () C:\FRST
2014-10-29 15:44 - 2014-10-29 15:45 - 01104896 _____ (Farbar) C:\Users\Patrik\Desktop\FRST.exe
2014-10-29 15:37 - 2014-10-29 15:37 - 01222144 _____ () C:\Users\Patrik\Downloads\RSITx64.exe
2014-10-29 15:37 - 2014-10-29 15:37 - 01107968 _____ () C:\Users\Patrik\Desktop\RSIT.exe
2014-10-29 15:21 - 2014-10-29 15:21 - 01141408 _____ ( ) C:\Users\Patrik\Downloads\hwmonitor_1.25-setup.exe
2014-10-29 15:21 - 2014-10-29 15:21 - 00001083 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2014-10-29 15:21 - 2014-10-29 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-10-29 15:21 - 2014-10-29 15:21 - 00000000 ____D () C:\Program Files\CPUID
2014-10-29 15:18 - 2014-10-29 15:24 - 350127064 _____ (Norman Shark AS) C:\Users\Patrik\Downloads\Norman_Malware_Cleaner.exe
2014-10-29 12:26 - 2014-10-29 12:26 - 12034292 _____ (Stripf Software ) C:\Users\Patrik\Downloads\hlsw_1_4_0_5_setup.exe
2014-10-28 12:25 - 2014-10-28 12:25 - 00001852 _____ () C:\Users\Patrik\Desktop\Call of Duty(R) 2 Multiplayer.lnk
2014-10-28 08:47 - 2014-10-28 08:47 - 00001072 _____ () C:\Users\Patrik\Desktop\GameRanger.lnk
2014-10-27 12:28 - 2014-10-27 12:28 - 11384305 _____ () C:\Users\Patrik\Downloads\cc-setup.exe
2014-10-27 12:22 - 2014-10-27 12:22 - 00146224 _____ () C:\Windows\Minidump\102714-75176-01.dmp
2014-10-26 07:35 - 2014-10-26 07:35 - 00023375 _____ () C:\Windows\Partizan.log
2014-10-25 20:51 - 2014-10-25 20:51 - 00146224 _____ () C:\Windows\Minidump\102514-17908-01.dmp
2014-10-25 20:11 - 2014-10-25 20:09 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-25 15:43 - 2014-10-25 15:43 - 00146224 _____ () C:\Windows\Minidump\102514-64319-01.dmp
2014-10-25 14:15 - 2014-10-27 12:21 - 197021426 _____ () C:\Windows\MEMORY.DMP
2014-10-25 14:15 - 2014-10-25 14:15 - 00146224 _____ () C:\Windows\Minidump\102514-23322-01.dmp
2014-10-25 12:56 - 2014-09-29 00:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-25 12:56 - 2014-08-29 01:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-25 12:56 - 2014-08-29 01:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-25 12:56 - 2014-08-29 01:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-25 12:56 - 2014-08-29 01:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-25 12:56 - 2014-08-29 01:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-25 12:56 - 2014-06-18 22:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-25 12:56 - 2014-06-18 22:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-25 12:56 - 2014-06-18 22:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-25 12:55 - 2014-10-07 02:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-25 12:55 - 2014-09-25 22:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-25 12:55 - 2014-09-25 22:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-25 12:55 - 2014-09-25 22:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-25 12:55 - 2014-09-25 22:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-25 12:55 - 2014-09-25 22:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-25 12:55 - 2014-09-19 01:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-25 12:55 - 2014-09-19 01:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-25 12:55 - 2014-09-19 01:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-25 12:55 - 2014-09-19 01:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-25 12:55 - 2014-09-19 01:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-25 12:55 - 2014-09-19 01:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-25 12:55 - 2014-09-19 01:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-25 12:55 - 2014-09-19 00:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-25 12:55 - 2014-09-19 00:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-25 12:55 - 2014-09-19 00:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-25 12:55 - 2014-09-19 00:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-25 12:55 - 2014-09-19 00:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-25 12:55 - 2014-09-19 00:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-25 12:55 - 2014-09-19 00:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-25 12:55 - 2014-09-19 00:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-25 12:55 - 2014-09-19 00:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-25 12:55 - 2014-09-19 00:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-25 12:55 - 2014-09-19 00:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-25 12:55 - 2014-09-19 00:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-25 12:55 - 2014-09-19 00:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-25 12:55 - 2014-09-19 00:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-25 12:55 - 2014-09-18 23:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-25 12:55 - 2014-09-18 23:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-25 12:55 - 2014-09-18 23:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-25 12:55 - 2014-09-18 01:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-25 12:55 - 2014-09-13 01:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-25 12:55 - 2014-09-04 05:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-25 12:55 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-25 12:55 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-25 12:55 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-25 12:55 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-25 12:55 - 2014-07-09 01:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-25 12:55 - 2014-07-08 22:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-25 12:49 - 2014-07-17 01:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-25 12:49 - 2014-07-17 01:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-25 12:49 - 2014-07-17 01:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-25 12:49 - 2014-07-17 01:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-25 12:49 - 2014-07-17 01:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-25 12:49 - 2014-07-17 01:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-25 12:49 - 2014-07-17 01:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-25 12:49 - 2014-07-17 01:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-25 12:47 - 2014-09-25 01:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-24 20:37 - 2014-10-24 20:37 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-10-24 20:37 - 2014-10-24 20:37 - 00000000 ____D () C:\sh4ldr
2014-10-24 20:37 - 2014-10-24 20:37 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-24 20:17 - 2014-10-24 20:37 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-10-24 20:17 - 2014-10-24 20:17 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-10-24 20:15 - 2014-10-24 20:15 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Patrik\Downloads\SpyHunter-Installer.exe
2014-10-24 20:05 - 2014-10-24 20:05 - 00000000 ____D () C:\@RestoreQuarantine
2014-10-24 20:04 - 2014-10-24 20:04 - 00000002 RSHOT () C:\Windows\winstart.bat
2014-10-24 20:04 - 2014-10-24 20:04 - 00000000 ____D () C:\Users\Patrik\Documents\RegRun2
2014-10-24 20:03 - 2014-10-26 07:39 - 00000000 ____D () C:\Program Files\UnHackMe
2014-10-24 20:03 - 2014-10-24 20:03 - 15790435 _____ () C:\Users\Patrik\Downloads\unhackme.zip
2014-10-24 19:29 - 2014-10-24 19:31 - 117317368 _____ (Microsoft Corporation) C:\Users\Patrik\Downloads\msert.exe
2014-10-24 15:33 - 2014-10-24 15:33 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\Avira
2014-10-24 13:49 - 2014-10-25 20:09 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-24 13:49 - 2014-10-25 20:09 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-24 13:49 - 2014-10-24 13:49 - 00000000 ____D () C:\ProgramData\Avira
2014-10-24 13:49 - 2014-10-24 13:49 - 00000000 ____D () C:\Program Files\Avira
2014-10-24 13:49 - 2014-06-24 19:39 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-10-24 13:49 - 2014-06-24 19:39 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2014-10-24 13:42 - 2014-10-24 13:45 - 141801528 _____ () C:\Users\Patrik\Downloads\avira_free_antivirus_en.exe
2014-10-24 13:38 - 2014-10-26 07:45 - 00323892 _____ () C:\Windows\PFRO.log
2014-10-24 13:31 - 2014-10-24 13:34 - 00000000 ____D () C:\AdwCleaner
2014-10-24 13:31 - 2014-10-24 13:31 - 01962496 _____ () C:\Users\Patrik\Downloads\adwcleaner_4.001.exe
2014-10-24 13:19 - 2014-10-24 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-10-24 13:18 - 2014-10-24 13:20 - 00000000 ____D () C:\rei
2014-10-24 13:17 - 2014-10-24 13:17 - 00756712 _____ (Reimage®) C:\Users\Patrik\Downloads\ReimageRepair.exe
2014-10-23 22:32 - 2014-10-23 22:32 - 00389561 _____ () C:\Users\Patrik\Downloads\karadayi_farsi_persian-761419.zip
2014-10-19 12:30 - 2014-10-19 12:31 - 11990847 _____ () C:\Users\Patrik\Downloads\sa-mp-0.3z-R1-install.exe
2014-10-19 12:18 - 2014-10-19 12:35 - 94944548 _____ () C:\Users\Patrik\Downloads\GP_Mappack2.rar
2014-10-19 12:18 - 2014-10-19 12:29 - 63266856 _____ () C:\Users\Patrik\Downloads\CoD2Mappack1.rar
2014-10-19 12:15 - 2014-10-19 12:15 - 00442880 _____ (Allstar Group, s.r.o.) C:\Users\Patrik\Downloads\gpcl64bit.exe
2014-10-19 12:14 - 2014-10-19 12:15 - 00409088 _____ (Allstar Group, s.r.o.) C:\Users\Patrik\Downloads\gpcl32bit.exe
2014-10-19 12:07 - 2014-10-19 12:08 - 00459700 _____ (GamePark ) C:\Users\Patrik\Downloads\GameParkSetup_v2090.exe
2014-10-17 12:42 - 2014-10-17 12:42 - 00001266 _____ () C:\Users\Patrik\Downloads\Game Of Thrones.htm
2014-10-17 12:42 - 2014-10-17 12:42 - 00000000 ____D () C:\Users\Patrik\Downloads\Game Of Thrones_files
2014-10-12 14:40 - 2014-10-12 14:40 - 00633886 _____ () C:\Users\Patrik\Downloads\wawa_3daim_tdm (1).iwd
2014-10-12 12:49 - 2014-10-12 12:49 - 00633886 _____ () C:\Users\Patrik\Downloads\wawa_3daim_tdm.iwd
2014-10-11 20:11 - 2014-10-11 20:11 - 00043160 _____ (Elit -e - Company) C:\Users\Patrik\Downloads\mp_shipment.exe
2014-10-11 20:07 - 2014-10-11 20:08 - 11240885 _____ () C:\Users\Patrik\Downloads\mp_dutch_harbor.zip
2014-10-09 21:13 - 2014-10-09 21:13 - 00000562 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-10-09 21:13 - 2014-10-09 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-10-09 21:12 - 2014-10-09 21:13 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Patrik\Downloads\setup.exe
2014-10-09 21:09 - 2014-10-09 21:10 - 20400981 _____ () C:\Users\Patrik\Downloads\Fraps.rar
2014-10-08 19:47 - 2014-10-08 19:47 - 09260231 _____ () C:\Users\Patrik\Downloads\mp_Argentan_France.iwd
2014-09-29 05:48 - 2014-09-09 21:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 16:22 - 2014-07-23 09:05 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-29 15:55 - 2013-04-01 20:44 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\Seznam.cz
2014-10-29 15:50 - 2014-07-23 09:05 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-29 15:50 - 2013-03-02 18:44 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\Skype
2014-10-29 15:49 - 2009-07-14 04:34 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-29 15:49 - 2009-07-14 04:34 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-29 15:47 - 2013-03-02 18:41 - 01613968 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-29 15:45 - 2013-03-02 18:16 - 01222184 _____ () C:\Windows\WindowsUpdate.log
2014-10-29 15:42 - 2014-02-01 08:44 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-29 15:41 - 2009-07-14 04:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 15:41 - 2001-12-31 23:03 - 00002576 _____ () C:\Windows\setupact.log
2014-10-29 15:19 - 2013-03-02 20:14 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA.job
2014-10-28 21:19 - 2013-03-02 20:14 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core.job
2014-10-28 08:33 - 2013-06-26 11:27 - 00000000 __RDC () C:\Users\Patrik\Desktop\HRY
2014-10-27 12:22 - 2013-03-03 12:57 - 00000000 ____D () C:\Windows\Minidump
2014-10-27 10:11 - 2013-05-12 10:35 - 00000000 ___RD () C:\Users\Patrik\Desktop\Fotky
2014-10-26 19:58 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\rescache
2014-10-26 17:28 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-26 14:40 - 2014-08-04 20:43 - 00214520 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-10-26 14:40 - 2014-08-04 20:43 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2014-10-26 14:39 - 2014-08-04 20:43 - 00137464 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-10-26 11:14 - 2009-07-14 02:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-26 11:13 - 2009-07-14 04:33 - 03846160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-26 08:22 - 2013-05-17 15:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-26 07:43 - 2013-06-08 17:52 - 00000000 ____D () C:\Program Files\FreeTime
2014-10-25 10:19 - 2014-06-10 18:59 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\vlc
2014-10-24 20:04 - 2009-07-14 02:04 - 00002577 _____ () C:\Windows\system32\config.nt
2014-10-24 20:04 - 2009-07-14 02:04 - 00001688 _____ () C:\Windows\system32\autoexec.nt
2014-10-24 13:47 - 2013-03-02 18:33 - 00000000 ____D () C:\Users\Patrik
2014-10-19 10:21 - 2013-08-10 13:27 - 00029696 ___SH () C:\Users\Patrik\Thumbs.db
2014-10-17 13:32 - 2013-08-06 17:18 - 00000000 ____D () C:\Program Files\Activision
2014-10-17 13:32 - 2013-06-10 15:01 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-17 13:31 - 2009-07-14 04:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-17 13:16 - 2013-11-09 21:27 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-10-13 23:10 - 2013-03-02 18:44 - 00000000 ____D () C:\ProgramData\Skype
2014-10-09 22:17 - 2013-06-08 15:07 - 00000000 ____D () C:\Fraps
2014-10-02 14:53 - 2013-03-02 18:50 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-02 14:42 - 2013-03-02 18:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-02 14:42 - 2013-03-02 18:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-02 13:56 - 2014-07-23 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

Some content of TEMP:
====================
C:\Users\Patrik\AppData\Local\Temp\conhost.exe
C:\Users\Patrik\AppData\Local\Temp\Quarantine.exe
C:\Users\Patrik\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Patrik\AppData\Local\Temp\SHSetup.exe
C:\Users\Patrik\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-10-25 12:49] - [2014-07-17 01:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 19:51

==================== End Of Log ============================

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 17:30
od CassiusClay
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-10-2014 01
Ran by Patrik at 2014-10-29 16:24:06
Running from C:\Users\Patrik\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
Call of Duty(R) 2 (HKLM\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (Version: 1.3 - ) Hidden
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fraps (HKLM\...\Fraps) (Version: - )
GameRanger (HKCU\...\GameRanger) (Version: - GameRanger Technologies)
GOM Player (HKLM\...\GOM Player) (Version: 2.1.40.5106 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
K-Lite Codec Pack 10.2.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Photoshop Plug-ins (HKLM\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
Savevid (HKCU\...\Savevid) (Version: 0.0.0.1011 - Bandoo Media Inc) <==== ATTENTION
Seznam Software (HKCU\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SpongeBob SquarePants Employee of the Month (HKLM\...\SpongeBob SquarePants Employee of the Month) (Version: - )
SpyHunter (HKLM\...\{455F074C-814E-4520-B69B-5584BD90400C}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Subtitle Workshop 2.51 (HKLM\...\SubtitleWorkshop) (Version: - )
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Patrik\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{cb4c77f0-ab2a-407c-93ac-963769824b18}\localserver32 -> C:\Users\Patrik\AppData\Local\Temp\{b3ede298-ae75-4a1c-ab7e-1b9229b77bbe}\IDriver.NonElevated.exe No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

==================== Restore Points =========================

29-09-2014 05:52:09 Windows Update
29-09-2014 20:38:47 Windows Update
25-10-2014 12:40:13 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:04 - 2013-05-25 16:19 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {4C00DA2A-6A08-4058-B2E6-2A83DED3EE79} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1104271970-2634627720-626090414-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {5A8B4EBF-A051-4F8F-AD5C-A42D29C74469} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-23] (Google Inc.)
Task: {6C6AEBE1-5AFB-4B3B-BCCA-CDCB57A247D0} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files\UnHackMe\hackmon.exe
Task: {A4BC767C-D1CC-4BD0-9329-CD129E1CD0DC} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {C0E2ED2F-4732-4FA5-B685-2C22F3E7F008} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-02] (Adobe Systems Incorporated)
Task: {C5EAD0E6-D166-4D8E-A119-7CBC05088488} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.)
Task: {D56DDD65-5E3C-4F6F-AB55-DDB8DEC4CE1E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1104271970-2634627720-626090414-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {EABCADBA-0B54-4DE6-90E5-0E69E67221B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-23] (Google Inc.)
Task: {F51BF43B-3845-437E-B512-0636004494C1} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-01-09] (Enigma Software Group USA, LLC.)
Task: {FD0AC68F-5AB6-4CA4-995B-392EF2C4C209} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-04 20:42 - 2014-08-04 20:42 - 00075064 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-04 20:43 - 2014-10-26 14:40 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2014-01-18 16:18 - 2013-03-29 11:37 - 00059384 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\6288libfoxloader.dll
2014-01-18 16:18 - 2013-05-16 13:25 - 01062472 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\szninstall.exe
2014-01-18 16:18 - 2013-04-12 08:13 - 00457208 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-01-18 16:18 - 2013-03-25 14:39 - 00894968 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-01-18 16:18 - 2013-04-24 10:31 - 00081992 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2014-10-28 09:25 - 2014-10-22 04:04 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 09:25 - 2014-10-22 04:04 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 09:25 - 2014-10-22 04:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 09:25 - 2014-10-22 04:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1104271970-2634627720-626090414-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1104271970-2634627720-626090414-1004 - Limited - Enabled)
Guest (S-1-5-21-1104271970-2634627720-626090414-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1104271970-2634627720-626090414-1002 - Limited - Enabled)
Patrik (S-1-5-21-1104271970-2634627720-626090414-1001 - Administrator - Enabled) => C:\Users\Patrik

==================== Faulty Device Manager Devices =============

Name: ezplay device ...
Description: ezplay device ...
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AC7FJE1O IDE Controller
Description: AC7FJE1O IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: ayhab9n2
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/29/2014 01:04:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 15ec

Čas spuštění: 01cff378b50f76f6

Čas ukončení: 8

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/29/2014 01:03:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: fd8

Čas spuštění: 01cff378902527f6

Čas ukončení: 8

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/29/2014 07:54:11 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x81000101).

Error: (10/28/2014 00:31:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b88

Čas spuštění: 01cff2ab144c6af1

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:27:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: c98

Čas spuštění: 01cff2aa6d240d9c

Čas ukončení: 6

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:25:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 870

Čas spuštění: 01cff2aa451f0579

Čas ukončení: 11

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:25:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1644

Čas spuštění: 01cff2aa25686c69

Čas ukončení: 19

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:23:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: ab8

Čas spuštění: 01cff2a9f8003934

Čas ukončení: 18

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:22:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b28

Čas spuštění: 01cff2a9d3885cc1

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:22:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: ee0

Čas spuštění: 01cff2a9c019dd7a

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:


System errors:
=============
Error: (10/29/2014 03:42:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba AVG Firewall ukončena s chybou %%-536805289, specifickou pro službu.

Error: (10/29/2014 03:41:24 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba AVG WatchDog ukončena s chybou %%-536769021, specifickou pro službu.

Error: (10/29/2014 03:41:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/29/2014 03:41:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Apple Mobile Device bylo dosaženo časového limitu (30000 ms).

Error: (10/29/2014 03:39:14 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AVGIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.

Error: (10/29/2014 02:52:51 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba AVG Firewall ukončena s chybou %%-536805289, specifickou pro službu.

Error: (10/29/2014 02:52:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba AVG WatchDog ukončena s chybou %%-536769021, specifickou pro službu.

Error: (10/29/2014 02:52:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/29/2014 02:52:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Apple Mobile Device bylo dosaženo časového limitu (30000 ms).

Error: (10/29/2014 02:49:18 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AVGIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.


Microsoft Office Sessions:
=========================
Error: (10/29/2014 01:04:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.015ec01cff378b50f76f68C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/29/2014 01:03:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0fd801cff378902527f68C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/29/2014 07:54:11 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (10/28/2014 00:31:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0b8801cff2ab144c6af17C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:27:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0c9801cff2aa6d240d9c6C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:25:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.087001cff2aa451f057911C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:25:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0164401cff2aa25686c6919C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:23:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0ab801cff2a9f800393418C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:22:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0b2801cff2a9d3885cc17C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:22:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0ee001cff2a9c019dd7a7C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 55%
Total physical RAM: 2013.12 MB
Available physical RAM: 888.42 MB
Total Pagefile: 4026.23 MB
Available Pagefile: 2483.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.75 GB) (Free:284.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 50215020)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 18:35
od Rudy
Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 18:51
od CassiusClay
# AdwCleaner v4.002 - Report created 29/10/2014 at 17:47:01
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Patrik - PATRIK-PC
# Running from : C:\Users\Patrik\Desktop\adwcleaner_4.002.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Windows\system32\EsgScanner.sys

***** [ Scheduled Tasks ] *****

Task Deleted : SpyHunter4Startup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\39f6fce3ff39d00951e44375c3a0d756
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Google Chrome v38.0.2125.111


*************************

AdwCleaner[R0].txt - [20925 octets] - [24/10/2014 13:31:30]
AdwCleaner[R1].txt - [1120 octets] - [29/10/2014 17:45:06]
AdwCleaner[S0].txt - [21099 octets] - [24/10/2014 13:33:55]
AdwCleaner[S1].txt - [1043 octets] - [29/10/2014 17:47:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1103 octets] ##########

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 19:15
od Rudy
Dejte nový log FRST.

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 19:59
od CassiusClay
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-10-2014 01
Ran by Patrik (administrator) on PATRIK-PC on 29-10-2014 18:27:09
Running from C:\Users\Patrik\Downloads
Loaded Profile: Patrik (Available profiles: Patrik)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
() C:\Users\Patrik\AppData\Roaming\Seznam.cz\szninstall.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(ಈವಿಷಯಗಳುಹೇಗೆಮಾಡಬೇಕೋ) C:\Users\Patrik\AppData\Local\Temp\conhost.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [Facebook Update] => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-02] (Facebook Inc.)
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Patrik\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [tmpA0C1] => wscript.exe //B "C:\Users\Patrik\AppData\Local\Temp\tmpA0C1.tmp.vbs" <===== ATTENTION
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {057a7823-baca-11e2-a60d-e069958b2749} - D:\setup.exe
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {7ef66163-d5e1-11e2-a1f6-e069958b2749} - D:\autorun.exe
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {bc30aede-6c85-11e3-8e69-e069958b2749} - D:\Autorun.exe
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\39f6fce3ff39d00951e44375c3a0d756.exe ()
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpA0C1.tmp.vbs ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKCU - {2030773F-84EF-49CE-994E-991B23F1CE99} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {34F9433E-8532-4974-9BE8-39991ADF6C02} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {440FF0DE-3FA1-461C-831B-0A5D2F19AF4D} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKCU - {4C66A2B1-921B-446D-990A-9F7A51303BB3} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {4F7B9730-8DB1-4D10-A7DA-CFB8A749FB3A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {6077AFA1-110F-47E5-B308-F49DC1441258} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {7D71E444-42AD-4461-8268-F64951703252} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {9CB9B278-8606-4538-8AD0-0AB556750C41} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKCU - {F8FC61C2-D4BF-4DED-B5A3-2A5DD859915B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKCU - ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48иpatm6ęo^Mp`Ëő÷_iŁw˜ľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll No File
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Patrik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-23]
CHR Extension: (Disk Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-23]
CHR Extension: (YouTube) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-23]
CHR Extension: (Savevid) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\liibpejlpebkfpddljfpipkpjhphifon [2014-07-23]
CHR Extension: (Peněženka Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-23]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-07-30]
CHR Extension: (Gmail) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-23]
CHR HKLM\...\Chrome\Extension: [liibpejlpebkfpddljfpipkpjhphifon] - C:\Program Files\Savevid\SavevidChrome.crx [2014-02-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-25] (Avira Operations GmbH & Co. KG)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-27] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation) [File not signed]
S2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed]
R2 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\system32\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2013-01-13] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2014-09-19] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-12] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75064 2014-08-04] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [214520 2014-10-26] ()
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-11] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-14] (Microsoft Corporation) [File not signed]
R2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [523264 2014-07-17] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-28] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-30] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-09-30] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-25] (Avira Operations GmbH & Co. KG)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-06-23] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-06-24] (Avira Operations GmbH & Co. KG)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [File not signed]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15384 2014-01-07] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation) [File not signed]
S3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation) [File not signed]
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [9036800 2011-02-11] (Intel Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed]
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Atheros Communications, Inc.) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [95304 2012-03-25] (MotioninJoy)
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\system32\Drivers\Msfs.sys [22528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () [File not signed]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation) [File not signed]
R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [18944 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [14848 2012-08-23] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-17] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2013-12-24] (Duplex Secure Ltd.)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] (Microsoft Corporation) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-17] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [49664 2012-08-23] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\system32\drivers\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [43520 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [24064 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation) [File not signed]
S3 cpuz134; \??\C:\Users\Patrik\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
U3 a3v2ja5g; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 18:27 - 2014-10-29 18:56 - 00046372 _____ () C:\Users\Patrik\Downloads\FRST.txt
2014-10-29 18:26 - 2014-10-29 18:26 - 01104896 _____ (Farbar) C:\Users\Patrik\Downloads\FRST.exe
2014-10-29 17:44 - 2014-10-29 17:44 - 01998336 _____ () C:\Users\Patrik\Downloads\adwcleaner_4.002 (1).exe
2014-10-29 17:43 - 2014-10-29 17:43 - 01998336 _____ () C:\Users\Patrik\Desktop\adwcleaner_4.002.exe
2014-10-29 16:24 - 2014-10-29 16:24 - 00023568 _____ () C:\Users\Patrik\Desktop\Addition.txt
2014-10-29 15:53 - 2014-10-29 16:24 - 00064449 _____ () C:\Users\Patrik\Desktop\FRST.txt
2014-10-29 15:51 - 2014-10-29 18:27 - 00000000 ____D () C:\FRST
2014-10-29 15:44 - 2014-10-29 15:45 - 01104896 _____ (Farbar) C:\Users\Patrik\Desktop\FRST.exe
2014-10-29 15:37 - 2014-10-29 15:37 - 01222144 _____ () C:\Users\Patrik\Downloads\RSITx64.exe
2014-10-29 15:37 - 2014-10-29 15:37 - 01107968 _____ () C:\Users\Patrik\Desktop\RSIT.exe
2014-10-29 15:21 - 2014-10-29 15:21 - 01141408 _____ ( ) C:\Users\Patrik\Downloads\hwmonitor_1.25-setup.exe
2014-10-29 15:21 - 2014-10-29 15:21 - 00001083 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2014-10-29 15:21 - 2014-10-29 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-10-29 15:21 - 2014-10-29 15:21 - 00000000 ____D () C:\Program Files\CPUID
2014-10-29 15:18 - 2014-10-29 15:24 - 350127064 _____ (Norman Shark AS) C:\Users\Patrik\Downloads\Norman_Malware_Cleaner.exe
2014-10-29 12:26 - 2014-10-29 12:26 - 12034292 _____ (Stripf Software ) C:\Users\Patrik\Downloads\hlsw_1_4_0_5_setup.exe
2014-10-28 12:25 - 2014-10-28 12:25 - 00001852 _____ () C:\Users\Patrik\Desktop\Call of Duty(R) 2 Multiplayer.lnk
2014-10-28 08:47 - 2014-10-28 08:47 - 00001072 _____ () C:\Users\Patrik\Desktop\GameRanger.lnk
2014-10-27 12:28 - 2014-10-27 12:28 - 11384305 _____ () C:\Users\Patrik\Downloads\cc-setup.exe
2014-10-27 12:22 - 2014-10-27 12:22 - 00146224 _____ () C:\Windows\Minidump\102714-75176-01.dmp
2014-10-26 07:35 - 2014-10-26 07:35 - 00023375 _____ () C:\Windows\Partizan.log
2014-10-25 20:51 - 2014-10-25 20:51 - 00146224 _____ () C:\Windows\Minidump\102514-17908-01.dmp
2014-10-25 20:11 - 2014-10-25 20:09 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-25 15:43 - 2014-10-25 15:43 - 00146224 _____ () C:\Windows\Minidump\102514-64319-01.dmp
2014-10-25 14:15 - 2014-10-27 12:21 - 197021426 _____ () C:\Windows\MEMORY.DMP
2014-10-25 14:15 - 2014-10-25 14:15 - 00146224 _____ () C:\Windows\Minidump\102514-23322-01.dmp
2014-10-25 12:56 - 2014-09-29 00:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-25 12:56 - 2014-08-29 01:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-25 12:56 - 2014-08-29 01:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-25 12:56 - 2014-08-29 01:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-25 12:56 - 2014-08-29 01:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-25 12:56 - 2014-08-29 01:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-25 12:56 - 2014-06-18 22:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-25 12:56 - 2014-06-18 22:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-25 12:56 - 2014-06-18 22:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-25 12:55 - 2014-10-07 02:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-25 12:55 - 2014-09-25 22:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-25 12:55 - 2014-09-25 22:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-25 12:55 - 2014-09-25 22:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-25 12:55 - 2014-09-25 22:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-25 12:55 - 2014-09-25 22:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-25 12:55 - 2014-09-19 01:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-25 12:55 - 2014-09-19 01:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-25 12:55 - 2014-09-19 01:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-25 12:55 - 2014-09-19 01:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-25 12:55 - 2014-09-19 01:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-25 12:55 - 2014-09-19 01:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-25 12:55 - 2014-09-19 01:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-25 12:55 - 2014-09-19 00:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-25 12:55 - 2014-09-19 00:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-25 12:55 - 2014-09-19 00:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-25 12:55 - 2014-09-19 00:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-25 12:55 - 2014-09-19 00:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-25 12:55 - 2014-09-19 00:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-25 12:55 - 2014-09-19 00:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-25 12:55 - 2014-09-19 00:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-25 12:55 - 2014-09-19 00:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-25 12:55 - 2014-09-19 00:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-25 12:55 - 2014-09-19 00:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-25 12:55 - 2014-09-19 00:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-25 12:55 - 2014-09-19 00:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-25 12:55 - 2014-09-19 00:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-25 12:55 - 2014-09-18 23:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-25 12:55 - 2014-09-18 23:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-25 12:55 - 2014-09-18 23:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-25 12:55 - 2014-09-18 01:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-25 12:55 - 2014-09-13 01:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-25 12:55 - 2014-09-04 05:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-25 12:55 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-25 12:55 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-25 12:55 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-25 12:55 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-25 12:55 - 2014-07-09 01:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-25 12:55 - 2014-07-08 22:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-25 12:49 - 2014-07-17 01:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-25 12:49 - 2014-07-17 01:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-25 12:49 - 2014-07-17 01:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-25 12:49 - 2014-07-17 01:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-25 12:49 - 2014-07-17 01:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-25 12:49 - 2014-07-17 01:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-25 12:49 - 2014-07-17 01:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-25 12:49 - 2014-07-17 01:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-25 12:47 - 2014-09-25 01:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-24 20:37 - 2014-10-24 20:37 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-10-24 20:37 - 2014-10-24 20:37 - 00000000 ____D () C:\sh4ldr
2014-10-24 20:37 - 2014-10-24 20:37 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-24 20:17 - 2014-10-24 20:37 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-10-24 20:17 - 2014-10-24 20:17 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-10-24 20:15 - 2014-10-24 20:15 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Patrik\Downloads\SpyHunter-Installer.exe
2014-10-24 20:05 - 2014-10-24 20:05 - 00000000 ____D () C:\@RestoreQuarantine
2014-10-24 20:04 - 2014-10-24 20:04 - 00000002 RSHOT () C:\Windows\winstart.bat
2014-10-24 20:04 - 2014-10-24 20:04 - 00000000 ____D () C:\Users\Patrik\Documents\RegRun2
2014-10-24 20:03 - 2014-10-26 07:39 - 00000000 ____D () C:\Program Files\UnHackMe
2014-10-24 20:03 - 2014-10-24 20:03 - 15790435 _____ () C:\Users\Patrik\Downloads\unhackme.zip
2014-10-24 19:29 - 2014-10-24 19:31 - 117317368 _____ (Microsoft Corporation) C:\Users\Patrik\Downloads\msert.exe
2014-10-24 15:33 - 2014-10-24 15:33 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\Avira
2014-10-24 13:49 - 2014-10-25 20:09 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-24 13:49 - 2014-10-25 20:09 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-24 13:49 - 2014-10-24 13:49 - 00000000 ____D () C:\ProgramData\Avira
2014-10-24 13:49 - 2014-10-24 13:49 - 00000000 ____D () C:\Program Files\Avira
2014-10-24 13:49 - 2014-06-24 19:39 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-10-24 13:49 - 2014-06-24 19:39 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2014-10-24 13:42 - 2014-10-24 13:45 - 141801528 _____ () C:\Users\Patrik\Downloads\avira_free_antivirus_en.exe
2014-10-24 13:38 - 2014-10-29 17:49 - 00324210 _____ () C:\Windows\PFRO.log
2014-10-24 13:31 - 2014-10-29 17:47 - 00000000 ____D () C:\AdwCleaner
2014-10-24 13:31 - 2014-10-24 13:31 - 01962496 _____ () C:\Users\Patrik\Downloads\adwcleaner_4.001.exe
2014-10-24 13:19 - 2014-10-24 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-10-24 13:18 - 2014-10-24 13:20 - 00000000 ____D () C:\rei
2014-10-24 13:17 - 2014-10-24 13:17 - 00756712 _____ (Reimage®) C:\Users\Patrik\Downloads\ReimageRepair.exe
2014-10-23 22:32 - 2014-10-23 22:32 - 00389561 _____ () C:\Users\Patrik\Downloads\karadayi_farsi_persian-761419.zip
2014-10-19 12:30 - 2014-10-19 12:31 - 11990847 _____ () C:\Users\Patrik\Downloads\sa-mp-0.3z-R1-install.exe
2014-10-19 12:18 - 2014-10-19 12:35 - 94944548 _____ () C:\Users\Patrik\Downloads\GP_Mappack2.rar
2014-10-19 12:18 - 2014-10-19 12:29 - 63266856 _____ () C:\Users\Patrik\Downloads\CoD2Mappack1.rar
2014-10-19 12:15 - 2014-10-19 12:15 - 00442880 _____ (Allstar Group, s.r.o.) C:\Users\Patrik\Downloads\gpcl64bit.exe
2014-10-19 12:14 - 2014-10-19 12:15 - 00409088 _____ (Allstar Group, s.r.o.) C:\Users\Patrik\Downloads\gpcl32bit.exe
2014-10-19 12:07 - 2014-10-19 12:08 - 00459700 _____ (GamePark ) C:\Users\Patrik\Downloads\GameParkSetup_v2090.exe
2014-10-17 12:42 - 2014-10-17 12:42 - 00001266 _____ () C:\Users\Patrik\Downloads\Game Of Thrones.htm
2014-10-17 12:42 - 2014-10-17 12:42 - 00000000 ____D () C:\Users\Patrik\Downloads\Game Of Thrones_files
2014-10-12 14:40 - 2014-10-12 14:40 - 00633886 _____ () C:\Users\Patrik\Downloads\wawa_3daim_tdm (1).iwd
2014-10-12 12:49 - 2014-10-12 12:49 - 00633886 _____ () C:\Users\Patrik\Downloads\wawa_3daim_tdm.iwd
2014-10-11 20:11 - 2014-10-11 20:11 - 00043160 _____ (Elit -e - Company) C:\Users\Patrik\Downloads\mp_shipment.exe
2014-10-11 20:07 - 2014-10-11 20:08 - 11240885 _____ () C:\Users\Patrik\Downloads\mp_dutch_harbor.zip
2014-10-09 21:13 - 2014-10-09 21:13 - 00000562 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-10-09 21:13 - 2014-10-09 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-10-09 21:12 - 2014-10-09 21:13 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Patrik\Downloads\setup.exe
2014-10-09 21:09 - 2014-10-09 21:10 - 20400981 _____ () C:\Users\Patrik\Downloads\Fraps.rar
2014-10-08 19:47 - 2014-10-08 19:47 - 09260231 _____ () C:\Users\Patrik\Downloads\mp_Argentan_France.iwd
2014-09-29 05:48 - 2014-09-09 21:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 18:46 - 2013-03-02 18:44 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\Skype
2014-10-29 18:42 - 2014-02-01 08:44 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-29 18:27 - 2013-04-01 20:44 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\Seznam.cz
2014-10-29 18:22 - 2014-07-23 09:05 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-29 18:22 - 2014-07-23 09:05 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-29 18:19 - 2013-03-02 20:14 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA.job
2014-10-29 17:57 - 2009-07-14 04:34 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-29 17:57 - 2009-07-14 04:34 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-29 17:54 - 2013-03-02 18:41 - 01613968 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-29 17:53 - 2013-03-02 18:16 - 01229210 _____ () C:\Windows\WindowsUpdate.log
2014-10-29 17:49 - 2009-07-14 04:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 17:49 - 2001-12-31 23:03 - 00002632 _____ () C:\Windows\setupact.log
2014-10-28 21:19 - 2013-03-02 20:14 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core.job
2014-10-28 08:33 - 2013-06-26 11:27 - 00000000 __RDC () C:\Users\Patrik\Desktop\HRY
2014-10-27 12:22 - 2013-03-03 12:57 - 00000000 ____D () C:\Windows\Minidump
2014-10-27 10:11 - 2013-05-12 10:35 - 00000000 ___RD () C:\Users\Patrik\Desktop\Fotky
2014-10-26 19:58 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\rescache
2014-10-26 17:28 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-26 14:40 - 2014-08-04 20:43 - 00214520 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-10-26 14:40 - 2014-08-04 20:43 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2014-10-26 14:39 - 2014-08-04 20:43 - 00137464 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-10-26 11:14 - 2009-07-14 02:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-26 11:13 - 2009-07-14 04:33 - 03846160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-26 08:22 - 2013-05-17 15:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-26 07:43 - 2013-06-08 17:52 - 00000000 ____D () C:\Program Files\FreeTime
2014-10-25 10:19 - 2014-06-10 18:59 - 00000000 ____D () C:\Users\Patrik\AppData\Roaming\vlc
2014-10-24 20:04 - 2009-07-14 02:04 - 00002577 _____ () C:\Windows\system32\config.nt
2014-10-24 20:04 - 2009-07-14 02:04 - 00001688 _____ () C:\Windows\system32\autoexec.nt
2014-10-24 13:47 - 2013-03-02 18:33 - 00000000 ____D () C:\Users\Patrik
2014-10-19 10:21 - 2013-08-10 13:27 - 00029696 ___SH () C:\Users\Patrik\Thumbs.db
2014-10-17 13:32 - 2013-08-06 17:18 - 00000000 ____D () C:\Program Files\Activision
2014-10-17 13:32 - 2013-06-10 15:01 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-17 13:31 - 2009-07-14 04:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-17 13:16 - 2013-11-09 21:27 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-10-13 23:10 - 2013-03-02 18:44 - 00000000 ____D () C:\ProgramData\Skype
2014-10-09 22:17 - 2013-06-08 15:07 - 00000000 ____D () C:\Fraps
2014-10-02 14:53 - 2013-03-02 18:50 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-02 14:42 - 2013-03-02 18:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-02 14:42 - 2013-03-02 18:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-02 13:56 - 2014-07-23 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

Some content of TEMP:
====================
C:\Users\Patrik\AppData\Local\Temp\conhost.exe
C:\Users\Patrik\AppData\Local\Temp\Quarantine.exe
C:\Users\Patrik\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Patrik\AppData\Local\Temp\SHSetup.exe
C:\Users\Patrik\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-10-25 12:49] - [2014-07-17 01:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 19:51

==================== End Of Log ============================

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 20:00
od CassiusClay
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-10-2014 01
Ran by Patrik at 2014-10-29 18:57:50
Running from C:\Users\Patrik\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
Call of Duty(R) 2 (HKLM\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (Version: 1.3 - ) Hidden
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fraps (HKLM\...\Fraps) (Version: - )
GameRanger (HKCU\...\GameRanger) (Version: - GameRanger Technologies)
GOM Player (HKLM\...\GOM Player) (Version: 2.1.40.5106 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
K-Lite Codec Pack 10.2.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Photoshop Plug-ins (HKLM\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
Savevid (HKCU\...\Savevid) (Version: 0.0.0.1011 - Bandoo Media Inc) <==== ATTENTION
Seznam Software (HKCU\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SpongeBob SquarePants Employee of the Month (HKLM\...\SpongeBob SquarePants Employee of the Month) (Version: - )
SpyHunter (HKLM\...\{455F074C-814E-4520-B69B-5584BD90400C}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Subtitle Workshop 2.51 (HKLM\...\SubtitleWorkshop) (Version: - )
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Patrik\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{cb4c77f0-ab2a-407c-93ac-963769824b18}\localserver32 -> C:\Users\Patrik\AppData\Local\Temp\{b3ede298-ae75-4a1c-ab7e-1b9229b77bbe}\IDriver.NonElevated.exe No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

==================== Restore Points =========================

29-09-2014 05:52:09 Windows Update
29-09-2014 20:38:47 Windows Update
25-10-2014 12:40:13 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:04 - 2013-05-25 16:19 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {4C00DA2A-6A08-4058-B2E6-2A83DED3EE79} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1104271970-2634627720-626090414-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {5A8B4EBF-A051-4F8F-AD5C-A42D29C74469} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-23] (Google Inc.)
Task: {6C6AEBE1-5AFB-4B3B-BCCA-CDCB57A247D0} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files\UnHackMe\hackmon.exe
Task: {A4BC767C-D1CC-4BD0-9329-CD129E1CD0DC} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {C0E2ED2F-4732-4FA5-B685-2C22F3E7F008} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-02] (Adobe Systems Incorporated)
Task: {C5EAD0E6-D166-4D8E-A119-7CBC05088488} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.)
Task: {D56DDD65-5E3C-4F6F-AB55-DDB8DEC4CE1E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1104271970-2634627720-626090414-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {EABCADBA-0B54-4DE6-90E5-0E69E67221B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-23] (Google Inc.)
Task: {FD0AC68F-5AB6-4CA4-995B-392EF2C4C209} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-04 20:42 - 2014-08-04 20:42 - 00075064 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-04 20:43 - 2014-10-26 14:40 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2014-01-18 16:18 - 2013-03-29 11:37 - 00059384 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\6288libfoxloader.dll
2014-01-18 16:18 - 2013-05-16 13:25 - 01062472 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\szninstall.exe
2014-01-18 16:18 - 2013-04-12 08:13 - 00457208 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-01-18 16:18 - 2013-03-25 14:39 - 00894968 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-01-18 16:18 - 2013-04-24 10:31 - 00081992 _____ () C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2014-10-28 09:25 - 2014-10-22 04:04 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 09:25 - 2014-10-22 04:04 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 09:25 - 2014-10-22 04:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 09:25 - 2014-10-22 04:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1104271970-2634627720-626090414-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1104271970-2634627720-626090414-1004 - Limited - Enabled)
Guest (S-1-5-21-1104271970-2634627720-626090414-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1104271970-2634627720-626090414-1002 - Limited - Enabled)
Patrik (S-1-5-21-1104271970-2634627720-626090414-1001 - Administrator - Enabled) => C:\Users\Patrik

==================== Faulty Device Manager Devices =============

Name: ezplay device ...
Description: ezplay device ...
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AC7FJE1O IDE Controller
Description: AC7FJE1O IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a3v2ja5g
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/29/2014 01:04:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 15ec

Čas spuštění: 01cff378b50f76f6

Čas ukončení: 8

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/29/2014 01:03:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: fd8

Čas spuštění: 01cff378902527f6

Čas ukončení: 8

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/29/2014 07:54:11 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x81000101).

Error: (10/28/2014 00:31:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b88

Čas spuštění: 01cff2ab144c6af1

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:27:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: c98

Čas spuštění: 01cff2aa6d240d9c

Čas ukončení: 6

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:25:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 870

Čas spuštění: 01cff2aa451f0579

Čas ukončení: 11

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:25:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1644

Čas spuštění: 01cff2aa25686c69

Čas ukončení: 19

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:23:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: ab8

Čas spuštění: 01cff2a9f8003934

Čas ukončení: 18

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:22:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b28

Čas spuštění: 01cff2a9d3885cc1

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:

Error: (10/28/2014 00:22:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cod2mp_s.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: ee0

Čas spuštění: 01cff2a9c019dd7a

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

ID hlášení:


System errors:
=============
Error: (10/29/2014 05:50:11 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba AVG Firewall ukončena s chybou %%-536805289, specifickou pro službu.

Error: (10/29/2014 05:49:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba AVG WatchDog ukončena s chybou %%-536769021, specifickou pro službu.

Error: (10/29/2014 05:49:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/29/2014 05:49:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Apple Mobile Device bylo dosaženo časového limitu (30000 ms).

Error: (10/29/2014 05:47:54 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AVGIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.

Error: (10/29/2014 03:42:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba AVG Firewall ukončena s chybou %%-536805289, specifickou pro službu.

Error: (10/29/2014 03:41:24 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba AVG WatchDog ukončena s chybou %%-536769021, specifickou pro službu.

Error: (10/29/2014 03:41:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/29/2014 03:41:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Apple Mobile Device bylo dosaženo časového limitu (30000 ms).

Error: (10/29/2014 03:39:14 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AVGIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.


Microsoft Office Sessions:
=========================
Error: (10/29/2014 01:04:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.015ec01cff378b50f76f68C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/29/2014 01:03:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0fd801cff378902527f68C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/29/2014 07:54:11 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (10/28/2014 00:31:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0b8801cff2ab144c6af17C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:27:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0c9801cff2aa6d240d9c6C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:25:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.087001cff2aa451f057911C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:25:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0164401cff2aa25686c6919C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:23:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0ab801cff2a9f800393418C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:22:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0b2801cff2a9d3885cc17C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe

Error: (10/28/2014 00:22:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: cod2mp_s.exe0.0.0.0ee001cff2a9c019dd7a7C:\Program Files\Activision\Call of Duty 2\cod2mp_s.exe


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 48%
Total physical RAM: 2013.12 MB
Available physical RAM: 1032.1 MB
Total Pagefile: 4026.23 MB
Available Pagefile: 2624.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1912.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.75 GB) (Free:284.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 50215020)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 20:19
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
C:\Users\Patrik\AppData\Local\Facebook\Update
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
Task: {C5EAD0E6-D166-4D8E-A119-7CBC05088488} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.)
Task: {EABCADBA-0B54-4DE6-90E5-0E69E67221B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-23] (Google Inc.)
Task: {FD0AC68F-5AB6-4CA4-995B-392EF2C4C209} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [tmpA0C1] => wscript.exe //B "C:\Users\Patrik\AppData\Local\Temp\tmpA0C1.tmp.vbs" <===== ATTENTION
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {057a7823-baca-11e2-a60d-e069958b2749} - D:\setup.exe
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {7ef66163-d5e1-11e2-a1f6-e069958b2749} - D:\autorun.exe
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {bc30aede-6c85-11e3-8e69-e069958b2749} - D:\Autorun.exe
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\39f6fce3ff39d00951e44375c3a0d756.exe ()
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpA0C1.tmp.vbs ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKCU - ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48иpatm6ęo^Mp`Ëő÷_iŁw˜ľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ URL =
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
CHR Extension: (Savevid) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\liibpejlpebkfpddljfpipkpjhphifon [2014-07-23]
CHR HKLM\...\Chrome\Extension: [liibpejlpebkfpddljfpipkpjhphifon] - C:\Program Files\Savevid\SavevidChrome.crx [2014-02-02]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]
U3 a3v2ja5g; No ImagePath
C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
C:\Users\Patrik\AppData\Local\Temp
End
Uložte do C:\Users\Patrik\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 20:23
od CassiusClay
mám tám C/Users/Patrik/Stažené soubory

Downloads tam nemám :D

A fixlist ? to nechápu

jsem lama na PC :D

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 20:36
od Rudy
CassiusClay píše:Running from C:\Users\Patrik\Downloads
Zkrátka a dobře fixlist musí být v stejném adresáři, jako FRST. Jinak to nebude fungovat.

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 20:45
od CassiusClay
Tak jestli jsem to dobře pochopil tak jsem to uložil ten text do složky ve ktere mám FRST program.....Název souboru jsem přepsal na fixlist.txt. a uložil...spustil jsem ten program a dal fix..správně ? :D

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 20:49
od CassiusClay
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-10-2014 01
Ran by Patrik at 2014-10-29 19:43:49 Run:1
Running from C:\Users\Patrik\Downloads
Loaded Profile: Patrik (Available profiles: Patrik)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
C:\Users\Patrik\AppData\Local\Facebook\Update
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
Task: {C5EAD0E6-D166-4D8E-A119-7CBC05088488} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.)
Task: {EABCADBA-0B54-4DE6-90E5-0E69E67221B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-23] (Google Inc.)
Task: {FD0AC68F-5AB6-4CA4-995B-392EF2C4C209} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\Run: [tmpA0C1] => wscript.exe //B "C:\Users\Patrik\AppData\Local\Temp\tmpA0C1.tmp.vbs" <===== ATTENTION
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {057a7823-baca-11e2-a60d-e069958b2749} - D:\setup.exe
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {7ef66163-d5e1-11e2-a1f6-e069958b2749} - D:\autorun.exe
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\...\MountPoints2: {bc30aede-6c85-11e3-8e69-e069958b2749} - D:\Autorun.exe
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\39f6fce3ff39d00951e44375c3a0d756.exe ()
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpA0C1.tmp.vbs ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKCU - ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48иpatm6ęo^Mp`Ëő÷_iŁw˜ľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ URL =
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
CHR Extension: (Savevid) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\liibpejlpebkfpddljfpipkpjhphifon [2014-07-23]
CHR HKLM\...\Chrome\Extension: [liibpejlpebkfpddljfpipkpjhphifon] - C:\Program Files\Savevid\SavevidChrome.crx [2014-02-02]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]
U3 a3v2ja5g; No ImagePath
C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
C:\Users\Patrik\AppData\Local\Temp
End
*****************

"HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}" => Key deleted successfully.
C:\Users\Patrik\AppData\Local\Facebook\Update => Moved successfully.
"HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}" => Key deleted successfully.
"HKU\S-1-5-21-1104271970-2634627720-626090414-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5EAD0E6-D166-4D8E-A119-7CBC05088488}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5EAD0E6-D166-4D8E-A119-7CBC05088488}" => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EABCADBA-0B54-4DE6-90E5-0E69E67221B1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EABCADBA-0B54-4DE6-90E5-0E69E67221B1}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD0AC68F-5AB6-4CA4-995B-392EF2C4C209}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD0AC68F-5AB6-4CA4-995B-392EF2C4C209}" => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core" => Key deleted successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1104271970-2634627720-626090414-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1104271970-2634627720-626090414-1001\Software\Microsoft\Windows\CurrentVersion\Run\\tmpA0C1 => value deleted successfully.
"HKU\S-1-5-21-1104271970-2634627720-626090414-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{057a7823-baca-11e2-a60d-e069958b2749}" => Key deleted successfully.
"HKCR\CLSID\{057a7823-baca-11e2-a60d-e069958b2749}" => Key not found.
"HKU\S-1-5-21-1104271970-2634627720-626090414-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ef66163-d5e1-11e2-a1f6-e069958b2749}" => Key deleted successfully.
"HKCR\CLSID\{7ef66163-d5e1-11e2-a1f6-e069958b2749}" => Key not found.
"HKU\S-1-5-21-1104271970-2634627720-626090414-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc30aede-6c85-11e3-8e69-e069958b2749}" => Key deleted successfully.
"HKCR\CLSID\{bc30aede-6c85-11e3-8e69-e069958b2749}" => Key not found.
"C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\39f6fce3ff39d00951e44375c3a0d756.exe" => Could not move.
C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpA0C1.tmp.vbs => Moved successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48иpatm6ęo^Mp`Ëő÷_iŁw˜ľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­" => Key not found.
"HKCR\CLSID\ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48иpatm6ęo^Mp`Ëő÷_iŁw˜ľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\liibpejlpebkfpddljfpipkpjhphifon => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\liibpejlpebkfpddljfpipkpjhphifon" => Key deleted successfully.
C:\Program Files\Savevid\SavevidChrome.crx => Moved successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
Partizan => Service deleted successfully.
a3v2ja5g => Service deleted successfully.
C:\Windows\455F074C814E4520B69B5584BD90400C.TMP => Moved successfully.

"C:\Users\Patrik\AppData\Local\Temp" directory move:

C:\Users\Patrik\AppData\Local\Temp\ack.txt => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\ack0.txt => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\AppRemover_Log.txt => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\autoexec.bat.bk => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\conhost.exe => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\DMI1517.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\DMI821A.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\downloader log.txt => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\downloader_version.xml => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_8W80oyfpqb1CDX3 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_9DXdkEal0jhOxEp => Moved successfully.
Could not move "C:\Users\Patrik\AppData\Local\Temp\etilqs_BaK34A4YFGPDr3X" => Scheduled to move on reboot.
C:\Users\Patrik\AppData\Local\Temp\etilqs_bdU9PqoLtR1rEIT => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_E2LBqWlS2KsOiQv => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_ebrhbDzVQwSzfGF => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_hA2nns6JNAqn5Kh => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_K8Ut3BXkFD0jAP9 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_mLHvsFwOvLcjTQi => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_qptqARFbBwQV1tV => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_STomX1uqvsSzHNb => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_TJO1h7IjsK8mOX4 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_vIQeAdXnNEEUC6j => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_vJOLzyObhLLzFgA => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_yjIFeRdrRzdniAr => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_yQ9VCnqGW6PkNOJ => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_YvJShfbHUgbCnHJ => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\etilqs_zKoTOmbUt3WpxLm => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Patrik\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Patrik\AppData\Local\Temp\gomtemp.smi => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\hosts.bk => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\PCW9878.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\PCW9878.xml => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\PCWA15D.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\PCWA15D.xml => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\preferences => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\protector_version.xml => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\reimage.log => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\ReimagePackage.exe => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\repair setup log.txt => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\repair_version.xml => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\scaninfo(4004).tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\sh4plist.dat => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SHSetup.exe => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\system.ini.bk => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\win.ini.bk => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\~DF24AA55A559BA6ABF.TMP => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\~DF8D67410DDB3CB0C2.TMP => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\{f0bb5edb-d128-46f4-84bf-aa6d2bd68904}\GameRanger.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\{d1bd5e16-cf50-4812-9951-3a3162ee9d97}\GameRanger.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\{B6D10DFD-0A6B-4C94-891A-D8C06F903499}\fpb.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\{919ebf20-8a03-4e33-bdb0-836591eab943}\GameRanger.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\{57af459f-94b6-42b7-addf-9aaeb1b71671}\GameRanger.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\{3ce3ae9b-a19f-48de-89f6-5e09a0942853}\GameRanger.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\{3BC5FC94-9210-427B-8024-32F51825B210}\fpb.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\{26bc8fdc-4c97-4e7d-ba98-4b630e59f3af}\GameRanger.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\{1cc484a3-f12c-42b2-8615-4961db8cdd22}\GameRanger.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_e5dac407-9665-4a96-9a29-98f511fac529\DiagPackage.diagpkg => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_e5dac407-9665-4a96-9a29-98f511fac529\DiagPackage.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_e5dac407-9665-4a96-9a29-98f511fac529\RS_ProgramCompatibilityWizard.ps1 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_e5dac407-9665-4a96-9a29-98f511fac529\TS_ProgramCompatibilityWizard.ps1 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_e5dac407-9665-4a96-9a29-98f511fac529\VF_ProgramCompatibilityWizard.ps1 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_e5dac407-9665-4a96-9a29-98f511fac529\cs-CZ\CL_LocalizationData.psd1 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_e5dac407-9665-4a96-9a29-98f511fac529\cs-CZ\DiagPackage.dll.mui => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_56165753-d67c-4656-9c7b-a30dfa353a27\DiagPackage.diagpkg => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_56165753-d67c-4656-9c7b-a30dfa353a27\DiagPackage.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_56165753-d67c-4656-9c7b-a30dfa353a27\RS_ProgramCompatibilityWizard.ps1 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_56165753-d67c-4656-9c7b-a30dfa353a27\TS_ProgramCompatibilityWizard.ps1 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_56165753-d67c-4656-9c7b-a30dfa353a27\VF_ProgramCompatibilityWizard.ps1 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_56165753-d67c-4656-9c7b-a30dfa353a27\cs-CZ\CL_LocalizationData.psd1 => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\SDIAG_56165753-d67c-4656-9c7b-a30dfa353a27\cs-CZ\DiagPackage.dll.mui => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\msdt\_FD196F72-CD1E-4AB0-8645-943D71DF984E_\inuse => Moved successfully.
Could not move "C:\Users\Patrik\AppData\Local\Temp\msdt\_7BD23CF5-A93D-4EB5-AAAE-4A71D6E50B6D_\inuse" => Scheduled to move on reboot.
C:\Users\Patrik\AppData\Local\Temp\is-U6C7H.tmp\hlsw_1_4_0_5_setup.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\is-SQQO8.tmp\is-N01D7.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\is-L46UC.tmp\_isetup\_RegDLL.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\is-L46UC.tmp\_isetup\_shfoldr.dll => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\is-GVFFS.tmp\GameParkSetup_v2090.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\is-9KP8N.tmp\GameParkSetup_v2090.tmp => Moved successfully.
C:\Users\Patrik\AppData\Local\Temp\e742b90b-6ce3-4c92-9731-92b5f2f307fe\AgileDotNetRT.dll => Moved successfully.
Could not move "C:\Users\Patrik\AppData\Local\Temp" directory. => Scheduled to move on reboot.


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-10-29 19:48:44)<=

C:\Users\Patrik\AppData\Local\Temp\etilqs_BaK34A4YFGPDr3X => Is moved successfully.
C:\Users\Patrik\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Patrik\AppData\Local\Temp\msdt\_7BD23CF5-A93D-4EB5-AAAE-4A71D6E50B6D_\inuse => Is moved successfully.
C:\Users\Patrik\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 21:57
od Rudy
Správně. Věe smazáno. Nastala nějaká změna?

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 22:01
od CassiusClay
počítač už se dá vypnout normálně moc ti děkuji :oops:

ale mám ještě jeden problém hele vždycky když chci zapnout google chrome tak nejdřív musím máčknout CTRL+ALT+DELETE správce úloh procesy a ukončit všechny procesy chrome.exe a teprve pak jde otevřít google chrome jestli bys mi neporadil....a jinak PC je pomalí to se nedá nějak vylepšít ? :oops:

Jinak ti moc Děkuji :)

Re: Potřebuju odbornou pomoc mám asi moc virů a malwarů v PC

Napsal: 29 říj 2014 22:16
od Rudy
Kolik volného místa je na systémovém disku?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz