Preventivka

Zpráva

Megatron · #1 Příspěvek od **Megatron** » 04 bře 2015 16:51

Dobrý den, prosím o preventivní kontrolu.

1) PC startuje záhandě rychle ( poslední měsíc ) - Tj po spuštění skoro ihned skáče log do WIN. Dřív to trvalo 30s ÷ 1 min.
2) Poslední pul rok mi skáče hláška že nemuže najít nějaký soubor

Log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by CaligulaIIIV at 2015-03-04 16:44:57
Microsoft Windows 8
System drive C: has 387 GB (55%) free of 699 GB
Total RAM: 3976 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:45:03, on 4. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17183)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\CaligulaIIIV.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={63B02A24- ... 2014-02-09 08:09:07&v=18.3.0.879&pid=safeguard&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.3.0.879\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.3.0.879\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\CaligulaIIIV\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0414c] "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" /PROMPT /CMPID=0414c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem46.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11832 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\atiesrxx.exe
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
dashost.exe {3943e47c-63be-4c12-a700773e34c1ad58}
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-78204a06-2f11-4776-b66a-04219ce64565 -SystemEventPortName:HostProcess-ec3fb638-181b-457a-9586-737cbf3c2a14 -IoCancelEventPortName:HostProcess-218cfe9f-2410-4833-a7f5-cf7b0699bcfd -NonStateChangingEventPortName:HostProcess-545d55eb-71e0-4c84-894f-ec5e2bde1ca6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:14d427da-910b-4147-a85e-5184797e8203 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-086958e3-adc9-495d-a0b9-0ee76ac9945f -SystemEventPortName:HostProcess-a9bcd6b6-ca12-479b-8eda-693db4297a82 -IoCancelEventPortName:HostProcess-999c2b93-889d-49b8-af9c-ba90dc963bc0 -NonStateChangingEventPortName:HostProcess-0092289a-22f4-4680-b7ce-f98de86b4f8b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:eb821e9d-55ae-4bf4-96f4-de65a1803f46 -DeviceGroupId:WudfDefaultDevicePool
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-ab1b-e22be7f7ce73 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
taskeng.exe {359B348E-D6ED-4964-AEC5-47AEAC01842F}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" --RELAUNCH=1 --CMPID=0414c
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" /PROMPT /CMPID=0414c
"C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
ctfmon.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
taskhost.exe $(Arg0)
taskhost.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Stažené soubory\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\AVG-Secure-Search-Update_0414c_rel.job - C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe

info.txt logfile of random's system information tool 1.10 2015-03-04 16:45:06

======MBR======

0x000003060000D8182F011400E39EE3DDE39EE3DD0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007D1C0EA5000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -maintain plugin
AMD Accelerated Video Transcoding-->MsiExec.exe /X{4E167297-588E-F5B4-B74C-E8EA0B55CA30}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{45324571-83B7-307A-6114-DAE65A50DC8E} REBOOT=ReallySuppress
Assassin's Creed III 1.01-->C:\Users\CaligulaIIIV\AppData\Roaming\Assassin's Creed III\Uninstall\unins000.exe
Assassin's Creed III-->"C:\Users\CaligulaIIIV\AppData\Roaming\Assassin's Creed III\Uninstall\unins000.exe"
AVG 2014-->MsiExec.exe /I{34883B9C-CDFE-46F0-9C5B-935484C218C3}
AVG 2015-->"C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe" /AppMode=SETUP /Uninstall /UDS=1
AVG 2015-->MsiExec.exe /I{33AED80B-0122-442E-B625-873C03F8C99A}
AVG 2015-->MsiExec.exe /I{FD2E3F93-331A-493F-919E-04CEE9A662E3}
AVG SafeGuard toolbar-->C:\Program Files (x86)\AVG SafeGuard toolbar\UNINSTALL.exe /PROMPT /UNINSTALL
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSPlayer\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{26D000B8-A2CF-4AE5-9DAA-B5243F4434ED}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike 1.6-->RunDll32 C:\Program Files (x86)\Common Files\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19
CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\setup.exe" /z-uninstall
CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\setup.exe" /z-uninstall
CyberLink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\setup.exe" /z-uninstall
CyberLink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\setup.exe" /z-uninstall
CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall
CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Device Access Manager for HP ProtectTools-->MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B}
Direct Show Ogg Vorbis Filter (remove only)-->"C:\Windows\system32\OggDSuninst.exe"
Dota 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/570
Energy Star-->MsiExec.exe /I{0FA995CC-C849-4755-B14B-5404CC75DC24}
Evernote v. 4.5.7-->MsiExec.exe /X{0BE73D3C-B5AF-11E1-933A-984BE15F174E}
Face Recognition for HP ProtectTools-->msiexec.exe /i {D3A775F2-2674-4452-8D80-1FC1446052EE} /qf
Face Recognition for HP ProtectTools-->MsiExec.exe /X{D3A775F2-2674-4452-8D80-1FC1446052EE}
Hewlett-Packard ACLM.NET v1.2.2.3-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
HP 3D DriveGuard-->MsiExec.exe /X{EE6D6D5E-539C-44B6-BEF0-AA7C20DE170B}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Documentation-->MsiExec.exe /X{FCD58C04-324A-40D1-BA9E-1A754DF1736D}
HP ESU for Microsoft Windows 8-->MsiExec.exe /X{2F8A00FC-1F12-44B2-AA37-F9A358EDC161}
HP HD Webcam Driver-->C:\Program Files (x86)\HP HD Webcam Driver\uninstall.exe
HP Hotkey Support-->MsiExec.exe /X{7F7E2060-7212-4A53-9875-55173E4BA3F0}
HP ProtectTools Security Manager-->c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\setup.exe
HP ProtectTools Security Manager-->MsiExec.exe /X{4B4FBA41-7ABF-4DFF-94AC-5C85640CF557}
HP Quick Start-->MsiExec.exe /X{C001689B-4EAD-4CB4-B5F7-4A85A32785DC}
HP Registration Service-->MsiExec.exe /X{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}
HP SoftPaq Download Manager-->MsiExec.exe /I{B50981AD-95E8-4E4D-912A-7C4B738387CA}
HP Software Framework-->MsiExec.exe /X{835B275B-F29B-464B-BD4B-097FD55FAB0A}
HP Software Setup-->MsiExec.exe /X{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP System Default Settings-->MsiExec.exe /X{357FE1E9-5890-4697-95DD-B15E01B4AA2A}
HP Wireless Button Driver-->MsiExec.exe /X{941DE69D-6CEE-4171-8F1F-3D7E352AA498}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly
Intel(R) Display Audio Driver-->C:\Program Files (x86)\Intel\Intel(R) Display Audio Driver\Uninstall\setup.exe -uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{FA00A3CC-7440-4938-A271-F186F50DD40D}
Java 7 Update 71-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217071FF}
Java 8 Update 25 (64-bit)-->MsiExec.exe /I{26A24AE4-039D-4CA4-87B4-2F86418025F0}
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
MediaCoder 0.8.28.5582-->C:\Program Files (x86)\MediaCoder\uninst.exe
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)-->MsiExec.exe /I{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}
Microsoft Office-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mozilla Firefox 35.0.1 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mumble 1.2.5-->MsiExec.exe /I{5C623121-7734-4E29-BDA0-B12BF02D3F4A}
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OpenOffice.org 3.4.1-->MsiExec.exe /I{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}
OpenTTD 1.3.0-->C:\Hry\tycon\uninstall.exe
PDF Complete Corporate Edition-->C:\Program Files (x86)\PDF Complete\uninstall.exe
Qualcomm Atheros Bluetooth Suite (64)-->MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}
Qualcomm Atheros Driver Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\Setup.exe" -runfromtemp -removeonly
Realtek Ethernet Controller All-In-One Windows Driver-->C:\Program Files (x86)\InstallShield Installation Information\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}\Setup.exe -runfromtemp -l0x0409 -removeonly
StarCraft II-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enGB --uid=s2_engb --displayname="StarCraft II"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Subtitle Edit 3.2.8-->"C:\Program Files (x86)\Subtitle Edit\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TeamSpeak 3 Client-->"C:\Program Files (x86)\TeamSpeak 3 Client\uninstall.exe"
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
Theft Recovery for HP ProtectTools-->"C:\Program Files (x86)\InstallShield Installation Information\{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}\setup.exe" -runfromtemp -l0x0409 -removeonly
Theft Recovery for HP ProtectTools-->MsiExec.exe /X{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}
Validity Fingerprint Sensor Driver-->MsiExec.exe /X{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}
Visual Studio 2010 x64 Redistributables-->MsiExec.exe /I{21B133D6-5979-47F0-BE1C-F6A6B304693F}
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
WinRAR 5.21 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
XCOM - Enemy Unknown CZ 1.0.0.11052-->C:\Hry\XCOM - Enemy Unknown CZ\Uninstall.exe

======System event log======

Computer Name: Caligula
Event Code: 37
Message: Rychlost procesoru 0 skupiny 3 je omezena systémovým firmwarem. Procesor byl v tomto stavu sníženého výkonu od posledního hlášení 68496 sekund.
Record Number: 18538
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20131125145104.840389-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: Caligula
Event Code: 37
Message: Rychlost procesoru 0 skupiny 2 je omezena systémovým firmwarem. Procesor byl v tomto stavu sníženého výkonu od posledního hlášení 68496 sekund.
Record Number: 18537
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20131125145104.730993-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: Caligula
Event Code: 37
Message: Rychlost procesoru 0 skupiny 1 je omezena systémovým firmwarem. Procesor byl v tomto stavu sníženého výkonu od posledního hlášení 68496 sekund.
Record Number: 18536
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20131125145104.621608-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: Caligula
Event Code: 37
Message: Rychlost procesoru 0 skupiny 0 je omezena systémovým firmwarem. Procesor byl v tomto stavu sníženého výkonu od posledního hlášení 68496 sekund.
Record Number: 18535
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20131125145104.512246-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: Caligula
Event Code: 12
Message: Schéma zásad resetování procesu C:\Windows\System32\atieclxx.exe (ID procesu: 5636) od {8759706D-706B-4C22-B2EC-F91E1EF6ED38} do {8759706D-706B-4C22-B2EC-F91E1EF6ED38}
Record Number: 18534
Source Name: Microsoft-Windows-UserModePowerService
Time Written: 20131125145029.322799-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Caligula
Event Code: 1001
Message: Chybný blok , typ 0
Název události: LiveKernelEvent
Reakce: Není k dispozici.
ID souboru CAB: 0

Podpis problému:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\LiveKernelReports\WATCHDOG\WD-20140607-1848.dmp
C:\Users\CaligulaIIIV\AppData\Local\Temp\WER-11912671-0.sysdata.xml
C:\Users\CaligulaIIIV\AppData\Local\Temp\WERC766.tmp.WERInternalMetadata.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Kernel_0_0_cab_1e61c7a5

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 99229e99-ee63-11e3-bf37-20689d0d128c
Stav hlášení: 0
Zakódovaný interval:
Record Number: 90988
Source Name: Windows Error Reporting
Time Written: 20140607174324.000000-000
Event Type: Informace
User:

Computer Name: Caligula
Event Code: 1001
Message: Chybný blok , typ 0
Název události: LiveKernelEvent
Reakce: Není k dispozici.
ID souboru CAB: 0

Podpis problému:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\LiveKernelReports\WATCHDOG\WD-20140607-1758.dmp
C:\Users\CaligulaIIIV\AppData\Local\Temp\WER-8867187-0.sysdata.xml
C:\Users\CaligulaIIIV\AppData\Local\Temp\WER4EBB.tmp.WERInternalMetadata.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Kernel_0_0_cab_1e2f4f19

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 81e3de07-ee5c-11e3-bf37-20689d0d128c
Stav hlášení: 0
Zakódovaný interval:
Record Number: 90987
Source Name: Windows Error Reporting
Time Written: 20140607174324.000000-000
Event Type: Informace
User:

Computer Name: Caligula
Event Code: 1001
Message: Chybný blok , typ 0
Název události: LiveKernelEvent
Reakce: Není k dispozici.
ID souboru CAB: 0

Podpis problému:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\LiveKernelReports\WATCHDOG\WD-20140607-1637.dmp
C:\Users\CaligulaIIIV\AppData\Local\Temp\WER-4063109-0.sysdata.xml
C:\Users\CaligulaIIIV\AppData\Local\Temp\WER11B.tmp.WERInternalMetadata.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Kernel_0_0_cab_1d820179

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 526e4db3-ee51-11e3-bf37-20689d0d128c
Stav hlášení: 0
Zakódovaný interval:
Record Number: 90986
Source Name: Windows Error Reporting
Time Written: 20140607174324.000000-000
Event Type: Informace
User:

Computer Name: Caligula
Event Code: 1001
Message: Chybný blok , typ 0
Název události: LiveKernelEvent
Reakce: Není k dispozici.
ID souboru CAB: 0

Podpis problému:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\LiveKernelReports\WATCHDOG\WD-20140607-1757-03.dmp
C:\Users\CaligulaIIIV\AppData\Local\Temp\WER-8828468-0.sysdata.xml
C:\Users\CaligulaIIIV\AppData\Local\Temp\WERB8D4.tmp.WERInternalMetadata.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Kernel_0_0_cab_1cc6bc7e

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 6ace290d-ee5c-11e3-bf37-20689d0d128c
Stav hlášení: 0
Zakódovaný interval:
Record Number: 90985
Source Name: Windows Error Reporting
Time Written: 20140607174324.000000-000
Event Type: Informace
User:

Computer Name: Caligula
Event Code: 1001
Message: Chybný blok , typ 0
Název události: LiveKernelEvent
Reakce: Není k dispozici.
ID souboru CAB: 0

Podpis problému:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\LiveKernelReports\WATCHDOG\WD-20140607-1758-04.dmp
C:\Users\CaligulaIIIV\AppData\Local\Temp\WER-8885468-0.sysdata.xml
C:\Users\CaligulaIIIV\AppData\Local\Temp\WER9682.tmp.WERInternalMetadata.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Kernel_0_0_cab_1ca7977c

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 8cc947bc-ee5c-11e3-bf37-20689d0d128c
Stav hlášení: 0
Zakódovaný interval:
Record Number: 90984
Source Name: Windows Error Reporting
Time Written: 20140607174324.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Caligula
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 97536
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140928155202.295417-000
Event Type: Úspěšný audit
User:

Computer Name: Caligula
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: CALIGULA$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2a0
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 97535
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140928155202.295417-000
Event Type: Úspěšný audit
User:

Computer Name: Caligula
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 97534
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140928154159.386614-000
Event Type: Úspěšný audit
User:

Computer Name: Caligula
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: CALIGULA$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2a0
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 97533
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140928154159.386614-000
Event Type: Úspěšný audit
User:

Computer Name: Caligula
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 97532
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140928154144.074250-000
Event Type: Úspěšný audit
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"OnlineServices"=Online Services
"Platform"=BNB
"PTSMInstallPath_X86"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
"PCBRAND"=Pavilion

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 04 bře 2015 23:18

Zdravim

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Megatron · #3 Příspěvek od **Megatron** » 05 bře 2015 17:13

Zdravím, tady je log.

Chybná hláška už nevyskakuje.

PS.: jen pro info před logem,který je v předchozím příspěvku jsem použil CCleaner. (cca 4,9 Gb smazáno )

# AdwCleaner v4.111 - Logfile created 05/03/2015 at 17:04:47
# Updated 18/02/2015 by Xplode
# Database : 2015-03-02.3 [Server]
# Operating system : Windows 8 (x64)
# Username : CaligulaIIIV - CALIGULA
# Running from : C:\Stažené soubory\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\SpeedItup Free
Folder Deleted : C:\Program Files (x86)\SquirrelWeb
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\CaligulaIIIV\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\CaligulaIIIV\AppData\Local\genienext
Folder Deleted : C:\Users\CaligulaIIIV\AppData\Local\Mobogenie
Folder Deleted : C:\Users\CaligulaIIIV\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\CaligulaIIIV\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\CaligulaIIIV\Documents\Mobogenie
Folder Deleted : C:\Users\CaligulaIIIV\Documents\Optimizer Pro
Folder Deleted : C:\Users\jan\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\jan\AppData\LocalLow\AVG SafeGuard toolbar
File Deleted : C:\END
File Deleted : C:\Users\CaligulaIIIV\daemonprocess.txt
File Deleted : C:\Users\CaligulaIIIV\AppData\Roaming\Mozilla\Firefox\Profiles\sxno1r47.default\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\CaligulaIIIV\AppData\Roaming\Mozilla\Firefox\Profiles\sxno1r47.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\CaligulaIIIV\AppData\Roaming\Mozilla\Firefox\Profiles\sxno1r47.default\user.js

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Video Player
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.17183

-\\ Mozilla Firefox v35.0.1 (x86 cs)

[sxno1r47.default\prefs.js] - Line Deleted : user_pref("CT1750559.smartbar.homepage", "true");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultthis.engineName", "BS Player ControlBar Customized Web Search");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&CUI=UN76240501211564156&UM=1&SearchSource=3&q={searchTerms}");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("browser.search.hiddenOneOffs", "Seznam,AVG Secure Search,BS Player ControlBar Customized Web Search,DuckDuckGo,Heuréka,Mapy.cz,Slunečnice,Wikipedie (cs)");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT1750559");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT1750559&CUI=UN76240501211564156&UM=1&SearchSource=13");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN76240501211564156&UM=1&q=");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT1750559");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT1750559");
[sxno1r47.default\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "EQPHBQUOKEQZ3WPAISBKDNOTIAQRIGBOHBG7WXKOENSIIMBVHTAHSYDIERQTP5SP9YHO+CTDSJOL6M1CGTSTHG");

*************************

AdwCleaner[R0].txt - [8848 bytes] - [05/03/2015 16:58:20]
AdwCleaner[S0].txt - [8717 bytes] - [05/03/2015 17:04:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8776 bytes] ##########

#4 Příspěvek od **altrok** » 05 bře 2015 17:45

Jeste tam neco preziva, takze

Ulozte na plochu verzi FRST dle Vaseho operacniho systemu (32b nebo 64b) http://www.bleepingcomputer.com/downloa ... scan-tool/

na stazeny FRST kliknete pravym, vyberte moznost Spustit jako spravce (v pripade Win XP staci obycejne dvojklikem)
zkontrolujte, ze je zaskrtnuta i moznost Addition
kliknete na Scan, tento proces vezme cca 5 minut
po dokonceni skenu se Vam na plose vytvorily logy FRST.txt a Addition.txt - oba sem vlozte.

Megatron · #5 Příspěvek od **Megatron** » 05 bře 2015 20:59

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by CaligulaIIIV (administrator) on CALIGULA on 05-03-2015 20:53:25
Running from C:\Stažené soubory
Loaded Profiles: CaligulaIIIV (Available profiles: jan & CaligulaIIIV)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
() C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-14] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-16] (IDT, Inc.)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Qualcomm Atheros Commnucations)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] ()
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-24] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3710416 2015-02-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-06-05] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [AVG-Secure-Search-Update_0414c] => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912 2014-04-27] ()
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\MountPoints2: {15ea9322-f5ed-11e3-bf42-20689d0d128c} - "H:\LG_PC_Programs.exe"
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={63B02A24- ... 2014-02-09 08:09:07&v=18.3.0.879&pid=safeguard&sg=&sap=hp
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\CaligulaIIIV\AppData\Roaming\Mozilla\Firefox\Profiles\sxno1r47.default
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-1183043918-2533521537-1736159323-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\CaligulaIIIV\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1183043918-2533521537-1736159323-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Extension: Flashlight - C:\Users\CaligulaIIIV\AppData\Roaming\Mozilla\Firefox\Profiles\sxno1r47.default\Extensions\flashlight@stephennolan.com.au [2013-04-06]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-09-22]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-08-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3411408 2015-02-19] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [308720 2015-02-19] (AVG Technologies CZ, s.r.o.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [488824 2012-08-24] (DigitalPersona, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-11-17] (EasyAntiCheat Ltd)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477088 2012-08-01] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-11-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-11-24] (Intel Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-06-05] (PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-06-16] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros) [File not signed]
S2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [270816 2015-02-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-01-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [289248 2015-01-23] (AVG Technologies CZ, s.r.o.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [64832 2012-07-25] (Hewlett-Packard Company)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-09-14] (Disc Soft Ltd)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwNe64.sys [11400192 2012-06-02] (Intel Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2013-06-16] (Sunplus)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 20:53 - 2015-03-05 20:53 - 00000000 ____D () C:\FRST
2015-03-05 18:58 - 2015-03-05 18:58 - 00000000 ___RD () C:\Users\CaligulaIIIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-03-05 17:07 - 2015-03-05 17:07 - 00000824 _____ () C:\Windows\PFRO.log
2015-03-05 16:58 - 2015-03-05 17:05 - 00000000 ____D () C:\AdwCleaner
2015-03-04 17:29 - 2015-03-05 20:44 - 00362736 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 16:44 - 2015-03-04 16:45 - 00000000 ____D () C:\rsit
2015-03-04 16:44 - 2015-03-04 16:45 - 00000000 ____D () C:\Program Files\trend micro
2015-03-04 16:21 - 2015-03-04 16:21 - 00002786 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-03-04 16:21 - 2015-03-04 16:21 - 00000828 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-04 16:21 - 2015-03-04 16:21 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-25 20:15 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 20:15 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\system32\locale.nls
2015-02-25 20:14 - 2015-01-09 07:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 20:14 - 2015-01-09 06:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-25 17:19 - 2015-02-25 17:19 - 00000000 ____D () C:\ProgramData\Avg_Update_0215tb
2015-02-23 19:41 - 2015-02-28 13:04 - 00000000 ____D () C:\Users\CaligulaIIIV\Desktop\American.Heist
2015-02-22 11:37 - 2015-01-24 15:49 - 00000000 ____D () C:\Users\CaligulaIIIV\Desktop\Stranded.Deep.v0.01
2015-02-22 10:35 - 2015-02-22 10:35 - 00000000 ____D () C:\Users\CaligulaIIIV\AppData\Local\Steam
2015-02-22 10:32 - 2015-02-22 10:32 - 00000977 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2015-02-22 10:32 - 2015-02-22 10:32 - 00000000 ____D () C:\Users\CaligulaIIIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 10:32 - 2015-02-22 10:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-22 09:06 - 2015-02-22 09:06 - 00000000 ___RD () C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-02-19 21:26 - 2015-02-19 21:26 - 00270816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-02-13 16:00 - 2015-01-23 06:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 16:00 - 2015-01-23 05:27 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 16:19 - 2015-01-09 05:33 - 04061696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 16:18 - 2015-01-15 12:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-02-11 16:18 - 2015-01-15 12:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-02-11 16:18 - 2015-01-15 12:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 16:18 - 2015-01-15 11:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-02-11 16:18 - 2015-01-15 11:00 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-02-11 16:18 - 2015-01-15 10:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 16:18 - 2015-01-15 10:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 16:18 - 2015-01-15 05:08 - 00568656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 16:14 - 2015-01-29 09:30 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-02-11 16:14 - 2015-01-29 09:30 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-02-11 16:14 - 2015-01-29 09:30 - 00011056 _____ () C:\Windows\system32\AutoconfigV2.cab
2015-02-11 16:14 - 2015-01-29 09:05 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-02-11 16:14 - 2015-01-29 09:05 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-11 16:14 - 2015-01-29 07:19 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-02-11 16:14 - 2015-01-29 07:19 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-11 16:13 - 2015-01-12 07:49 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 16:13 - 2015-01-12 07:49 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 16:13 - 2015-01-12 07:49 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-02-11 16:13 - 2015-01-12 07:49 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 16:13 - 2015-01-12 07:48 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 16:13 - 2015-01-12 07:48 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 16:13 - 2015-01-12 07:47 - 15403008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 16:13 - 2015-01-12 07:47 - 02655744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 16:13 - 2015-01-12 07:47 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 16:13 - 2015-01-12 07:47 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 16:13 - 2015-01-12 07:46 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 16:13 - 2015-01-12 06:07 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 16:13 - 2015-01-12 06:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 16:13 - 2015-01-12 06:07 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 16:13 - 2015-01-12 06:06 - 14373376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 16:13 - 2015-01-12 06:06 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 16:13 - 2015-01-12 06:06 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 16:13 - 2015-01-12 06:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 16:13 - 2015-01-12 06:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 16:13 - 2015-01-12 06:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 16:13 - 2015-01-12 05:16 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-11 16:13 - 2015-01-12 04:46 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-02-11 16:09 - 2015-01-12 07:49 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 16:09 - 2015-01-12 06:07 - 01338880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 16:09 - 2014-12-08 07:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 16:09 - 2014-12-08 06:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 16:08 - 2015-02-04 10:54 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 16:08 - 2015-02-04 10:52 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 16:08 - 2015-02-04 10:52 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 16:08 - 2015-02-04 10:52 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 16:08 - 2015-02-04 10:52 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 16:08 - 2015-02-03 00:18 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 16:08 - 2015-01-15 22:45 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 16:08 - 2014-12-18 09:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-02-11 16:08 - 2014-12-18 07:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-02-11 16:08 - 2014-12-18 07:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-02-11 16:08 - 2014-12-18 07:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-02-11 16:08 - 2014-12-18 07:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-02-11 16:08 - 2014-12-09 00:14 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 16:08 - 2014-11-26 07:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 16:08 - 2014-11-26 05:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-09 18:54 - 2015-02-09 18:54 - 00000000 ____D () C:\Users\jan\AppData\Roaming\AVG2015
2015-02-09 18:54 - 2015-02-09 18:54 - 00000000 ____D () C:\Users\jan\AppData\Local\Avg2015
2015-02-03 10:47 - 2015-02-03 10:47 - 00341472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 20:53 - 2013-04-06 09:54 - 00000000 ____D () C:\Stažené soubory
2015-03-05 20:45 - 2013-04-06 09:53 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1183043918-2533521537-1736159323-1004
2015-03-05 20:39 - 2013-10-30 19:22 - 00000000 ____D () C:\Users\CaligulaIIIV\AppData\Roaming\TS3Client
2015-03-05 20:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-05 18:58 - 2014-04-24 18:43 - 00000392 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2015-03-05 18:58 - 2014-04-24 18:43 - 00000392 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2015-03-05 18:58 - 2012-09-09 06:14 - 00000000 ____D () C:\ProgramData\PDFC
2015-03-05 18:57 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 18:45 - 2014-11-21 23:02 - 00000000 ___HD () C:\$Windows.~BT
2015-03-05 17:05 - 2013-04-06 09:47 - 00000000 ____D () C:\Users\CaligulaIIIV
2015-03-05 17:05 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-05 16:57 - 2013-04-06 10:33 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-05 16:53 - 2013-05-05 14:50 - 00146432 ___SH () C:\Users\CaligulaIIIV\Desktop\Thumbs.db
2015-03-04 19:46 - 2013-05-04 09:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-04 16:34 - 2014-06-14 12:05 - 00000000 ____D () C:\Users\CaligulaIIIV\Documents\CALIGULA
2015-03-04 16:28 - 2013-09-14 10:07 - 00000000 ____D () C:\Users\CaligulaIIIV\AppData\Roaming\DAEMON Tools Lite
2015-03-04 16:27 - 2013-04-13 11:10 - 00000000 ____D () C:\Users\CaligulaIIIV\AppData\Local\CrashDumps
2015-03-04 16:27 - 2013-04-11 17:15 - 00000000 ____D () C:\Windows\Minidump
2015-03-04 16:27 - 2012-08-01 23:22 - 00000000 ____D () C:\Windows\Panther
2015-03-04 16:08 - 2013-12-10 18:18 - 00000378 _____ () C:\Windows\Tasks\HPCeeScheduleForCaligulaIIIV.job
2015-03-03 16:06 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-03-02 22:16 - 2013-12-10 18:18 - 00003206 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForCaligulaIIIV
2015-03-02 18:42 - 2013-04-06 13:09 - 00000000 ____D () C:\Users\CaligulaIIIV\AppData\Roaming\Mumble
2015-03-01 09:23 - 2013-04-06 09:53 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-02-26 18:22 - 2014-03-31 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-02-26 18:22 - 2013-04-06 10:34 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-02-26 18:19 - 2014-10-20 16:47 - 00000989 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-02-26 18:17 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-25 20:15 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-22 10:34 - 2013-04-06 14:47 - 00000000 ____D () C:\Users\CaligulaIIIV\Desktop\Zastupce
2015-02-22 10:32 - 2013-04-23 18:25 - 00000000 ____D () C:\Program Files\WinRAR
2015-02-22 09:14 - 2012-09-09 06:46 - 00755956 _____ () C:\Windows\system32\perfh005.dat
2015-02-22 09:14 - 2012-09-09 06:46 - 00162886 _____ () C:\Windows\system32\perfc005.dat
2015-02-22 09:14 - 2012-07-26 08:28 - 01851486 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-22 08:42 - 2013-04-21 08:34 - 00000000 ____D () C:\Program Files (x86)\The Witcher 2 (CZ)
2015-02-22 08:42 - 2012-09-09 06:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-21 18:15 - 2013-07-25 18:46 - 00000000 ____D () C:\Users\CaligulaIIIV\Documents\OpenTTD
2015-02-21 13:26 - 2013-10-23 19:49 - 00000000 ____D () C:\Users\CaligulaIIIV\Desktop\Subs
2015-02-21 12:36 - 2014-12-28 20:31 - 00000000 ____D () C:\Program Files (x86)\Valve
2015-02-20 17:40 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2015-02-18 17:40 - 2013-04-06 09:54 - 00000000 ____D () C:\Hry
2015-02-13 15:45 - 2014-10-17 15:22 - 00318472 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 15:41 - 2014-07-11 15:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 15:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2015-02-13 15:40 - 2014-12-11 19:36 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 16:57 - 2013-07-18 18:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 16:51 - 2013-04-10 17:41 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 19:16 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-09 18:54 - 2013-06-08 13:28 - 00000000 ____D () C:\Users\jan\AppData\Local\Mozilla
2015-02-08 11:19 - 2013-04-06 09:53 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-02-03 20:29 - 2014-12-12 15:59 - 00714184 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:29 - 2014-12-12 15:59 - 00106440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-01-30 15:48 - 2014-06-03 16:05 - 0003744 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-12-08 14:26 - 2013-12-13 19:19 - 0045270 _____ () C:\Users\CaligulaIIIV\AppData\Roaming\room_v3.dat
2014-01-01 13:55 - 2014-01-01 13:56 - 0000040 _____ () C:\ProgramData\spds90.txt

Some content of TEMP:
====================
C:\Users\CaligulaIIIV\AppData\Local\Temp\Quarantine.exe
C:\Users\CaligulaIIIV\AppData\Local\Temp\sqlite3.dll
C:\Users\jan\AppData\Local\Temp\AcDeltree.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-22 03:00

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by CaligulaIIIV at 2015-03-05 20:54:36
Running from C:\Stažené soubory
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{45324571-83B7-307A-6114-DAE65A50DC8E}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Assassin's Creed III (HKLM-x32\...\Assassin's Creed III_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Assassin's Creed III 1.01 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
AVG 2014 (Version: 14.0.4259 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5751 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4299 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.5751 - AVG Technologies CZ, s.r.o.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1924 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.2006 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4330 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.0.3 - Hewlett-Packard Company)
Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version: - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.2.0.4542 - Hewlett-Packard Company)
Face Recognition for HP ProtectTools (Version: 7.2.0.4542 - Hewlett-Packard Company) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{EE6D6D5E-539C-44B6-BEF0-AA7C20DE170B}) (Version: 5.1.12.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{FCD58C04-324A-40D1-BA9E-1A754DF1736D}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 8 (HKLM-x32\...\{2F8A00FC-1F12-44B2-AA37-F9A358EDC161}) (Version: 1.2.2 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.16 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{7F7E2060-7212-4A53-9875-55173E4BA3F0}) (Version: 5.0.21.1 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 8.0.0.1314 - Hewlett-Packard Company)
HP Quick Start (HKLM-x32\...\{C001689B-4EAD-4CB4-B5F7-4A85A32785DC}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM-x32\...\{B50981AD-95E8-4E4D-912A-7C4B738387CA}) (Version: 3.4.6.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}) (Version: 8.5.4.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{357FE1E9-5890-4697-95DD-B15E01B4AA2A}) (Version: 1.3.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
MediaCoder 0.8.28.5582 (HKLM-x32\...\MediaCoder) (Version: 0.8.28.5582 - Mediatronic)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 cs)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mumble 1.2.5 (HKLM-x32\...\{5C623121-7734-4E29-BDA0-B12BF02D3F4A}) (Version: 1.2.5 - Thorvald Natvig)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
OpenTTD 1.3.0 (HKLM-x32\...\OpenTTD) (Version: 1.3.0 - OpenTTD)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.49 - PDF Complete, Inc)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.209 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subtitle Edit 3.2.8 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.2.8.1220 - Nikse)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.0.10 - Hewlett-Packard Company) Hidden
Unity Web Player (HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 4.0.1.13205 - Blizzard Entertainment)
XCOM - Enemy Unknown CZ 1.0.0.11052 (HKLM-x32\...\XCOM - Enemy Unknown CZ 1.0.0.11052) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

16-02-2015 18:12:03 Windows Update
21-02-2015 11:04:24 Windows Update
24-02-2015 16:02:53 Windows Update
27-02-2015 17:07:17 Windows Update
03-03-2015 16:04:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A969A26-6A83-4175-A1E0-A8C5A10BAAFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {0BE3D057-18CE-4A83-B2DC-1570F8CF7A5E} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-04-27] ()
Task: {0C62BD82-F750-4503-9464-B95B47549636} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {48C25BAA-F145-4009-9C4B-32E8CE472657} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-12] (Microsoft Corporation)
Task: {5FBBE2D4-F2AB-4464-93B6-163C34BE5BC9} - System32\Tasks\0814tbUpdateInfo => C:\ProgramData\Avg_Update_0814tb\0814tb_{3FD5FF35-B979-4F26-BDD5-2248F1F54618}.exe [2014-08-26] ()
Task: {600293B3-4571-4899-93AF-94A8E2F2E412} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {740AAB18-81F2-455E-B9DC-CF3645E7DDB0} - System32\Tasks\HPCeeScheduleForCaligulaIIIV => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {AA44A11F-FBB5-490D-83CF-2725A3220275} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C1772C20-D01D-4946-A53C-322B5B3B1290} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-04-27] ()
Task: {DC35B3BF-65F9-4DE2-A25B-46A6AC9BDB68} - System32\Tasks\1114tbUpdateInfo => C:\ProgramData\Avg_Update_1114tb\1114tb_{5EDCF339-6F7E-419F-924D-4C3FC4901BE8}.exe [2014-11-07] ()
Task: {F7D874DF-F8F0-4C50-A342-7D302CC5E2FC} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30] (Synaptics Incorporated)
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\HPCeeScheduleForCaligulaIIIV.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2012-01-18 00:57 - 2012-01-18 00:57 - 00298368 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2010-09-06 21:18 - 2010-09-06 21:18 - 01412608 _____ () C:\Windows\SYSTEM32\LIBEAY32.dll
2014-04-24 18:43 - 2014-04-27 07:25 - 02725912 _____ () C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
2012-08-23 12:07 - 2012-08-23 12:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-26 10:22 - 2012-07-26 10:22 - 00303480 _____ () C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
2012-08-06 19:54 - 2012-08-06 19:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-09-22 11:53 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-22 11:30 - 2013-11-24 09:39 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-01-27 16:15 - 2015-01-27 16:15 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\CaligulaIIIV\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run32: => "mobilegeni daemon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\StartupApproved\Run: => "AVG-Secure-Search-Update_1213b"
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\StartupApproved\Run: => "SpeedItupFree"

==================== Accounts: =============================

Administrator (S-1-5-21-1183043918-2533521537-1736159323-500 - Administrator - Disabled)
CaligulaIIIV (S-1-5-21-1183043918-2533521537-1736159323-1004 - Administrator - Enabled) => C:\Users\CaligulaIIIV
Guest (S-1-5-21-1183043918-2533521537-1736159323-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1183043918-2533521537-1736159323-1006 - Limited - Enabled)
jan (S-1-5-21-1183043918-2533521537-1736159323-1002 - Administrator - Enabled) => C:\Users\jan

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2015 10:42:14 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (03/01/2015 10:03:26 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (03/01/2015 08:24:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DPAgent.exe, verze: 5.4.0.1813, časové razítko: 0x5037cf4c
Název chybujícího modulu: ptdmlitemanagerdp.dll, verze: 7.1.0.3, časové razítko: 0x501914c6
Kód výjimky: 0xc000041d
Posun chyby: 0x0003e6b2
ID chybujícího procesu: 0x197c
Čas spuštění chybující aplikace: 0xDPAgent.exe0
Cesta k chybující aplikaci: DPAgent.exe1
Cesta k chybujícímu modulu: DPAgent.exe2
ID zprávy: DPAgent.exe3
Úplný název chybujícího balíčku: DPAgent.exe4
ID aplikace související s chybujícím balíčkem: DPAgent.exe5

Error: (03/01/2015 08:24:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DPAgent.exe, verze: 5.4.0.1813, časové razítko: 0x5037cf4c
Název chybujícího modulu: ptdmlitemanagerdp.dll, verze: 7.1.0.3, časové razítko: 0x501914c6
Kód výjimky: 0xc0000005
Posun chyby: 0x0003e6b2
ID chybujícího procesu: 0x197c
Čas spuštění chybující aplikace: 0xDPAgent.exe0
Cesta k chybující aplikaci: DPAgent.exe1
Cesta k chybujícímu modulu: DPAgent.exe2
ID zprávy: DPAgent.exe3
Úplný název chybujícího balíčku: DPAgent.exe4
ID aplikace související s chybujícím balíčkem: DPAgent.exe5

Error: (03/01/2015 08:23:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Wow.exe, verze: 4.3.4.15595, časové razítko: 0x4f84d63a
Název chybujícího modulu: Wow.exe, verze: 4.3.4.15595, časové razítko: 0x4f84d63a
Kód výjimky: 0xc0000005
Posun chyby: 0x0008e2e0
ID chybujícího procesu: 0x1844
Čas spuštění chybující aplikace: 0xWow.exe0
Cesta k chybující aplikaci: Wow.exe1
Cesta k chybujícímu modulu: Wow.exe2
ID zprávy: Wow.exe3
Úplný název chybujícího balíčku: Wow.exe4
ID aplikace související s chybujícím balíčkem: Wow.exe5

Error: (02/28/2015 01:04:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Caligula)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2015 01:03:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Caligula)
Description: Aplikace microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail se nespustila ve stanovenou dobu.

Error: (02/28/2015 09:47:57 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (02/27/2015 08:14:47 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (02/27/2015 07:59:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_wuauserv, verze: 6.2.9200.16420, časové razítko: 0x505a9a4e
Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.17046, časové razítko: 0x53b4864c
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000e9e99
ID chybujícího procesu: 0x210
Čas spuštění chybující aplikace: 0xsvchost.exe_wuauserv0
Cesta k chybující aplikaci: svchost.exe_wuauserv1
Cesta k chybujícímu modulu: svchost.exe_wuauserv2
ID zprávy: svchost.exe_wuauserv3
Úplný název chybujícího balíčku: svchost.exe_wuauserv4
ID aplikace související s chybujícím balíčkem: svchost.exe_wuauserv5

System errors:
=============
Error: (03/05/2015 06:57:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vToolbarUpdater18.3.0 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (03/05/2015 06:46:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0xc190010f): Czech ESD Bundle Parent.

Error: (03/05/2015 05:47:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vToolbarUpdater18.3.0 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (03/05/2015 05:23:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vToolbarUpdater18.3.0 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (03/05/2015 05:23:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:07:14, ‎5. ‎3. ‎2015) bylo neočekávané.

Error: (03/05/2015 05:12:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200d): Czech ESD Bundle Parent.

Error: (03/05/2015 05:07:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vToolbarUpdater18.3.0 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (03/05/2015 05:05:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Support Assistant Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/05/2015 05:05:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/05/2015 05:05:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office Sessions:
=========================
Error: (03/02/2015 10:42:14 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description:

Error: (03/01/2015 10:03:26 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description:

Error: (03/01/2015 08:24:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DPAgent.exe5.4.0.18135037cf4cptdmlitemanagerdp.dll7.1.0.3501914c6c000041d0003e6b2197c01d053ea5894f1b8c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exec:\Program Files (x86)\Hewlett-Packard\DeviceAccessManager\ptdmlitemanagerdp.dllfdbc9596-bfe3-11e4-8004-20689d0d128c

Error: (03/01/2015 08:24:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DPAgent.exe5.4.0.18135037cf4cptdmlitemanagerdp.dll7.1.0.3501914c6c00000050003e6b2197c01d053ea5894f1b8c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exec:\Program Files (x86)\Hewlett-Packard\DeviceAccessManager\ptdmlitemanagerdp.dllfb92ceaa-bfe3-11e4-8004-20689d0d128c

Error: (03/01/2015 08:23:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Wow.exe4.3.4.155954f84d63aWow.exe4.3.4.155954f84d63ac00000050008e2e0184401d053ec5b549269C:\Hry\wow cataclysm 4.3.4\Wow.exeC:\Hry\wow cataclysm 4.3.4\Wow.exedb452eca-bfe3-11e4-8004-20689d0d128c

Error: (02/28/2015 01:04:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Caligula)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142

Error: (02/28/2015 01:03:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Caligula)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail

Error: (02/28/2015 09:47:57 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description:

Error: (02/27/2015 08:14:47 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description:

Error: (02/27/2015 07:59:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_wuauserv6.2.9200.16420505a9a4entdll.dll6.2.9200.1704653b4864cc000037400000000000e9e9921001d052a64d432d8eC:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllb6f5c06a-beb2-11e4-8004-20689d0d128c

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 36%
Total physical RAM: 3976.21 MB
Available physical RAM: 2539.87 MB
Total Pagefile: 8072.21 MB
Available Pagefile: 6380.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:682.5 GB) (Free:377.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:12.94 GB) (Free:2.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A50E1C7D)

Partition: GPT Partition Type.

==================== End Of Log ============================

#6 Příspěvek od **altrok** » 05 bře 2015 22:13

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [AVG-Secure-Search-Update_0414c] => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912 2014-04-27] ()
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\MountPoints2: {15ea9322-f5ed-11e3-bf42-20689d0d128c} - "H:\LG_PC_Programs.exe" 

HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={63B02A24-A90E-4744-945C-0711C201787E}&mid=29710aee90a747d39dc2f121dbe9fb7f-8135aca1504fd8dc70fd18a132be1ce9d1497991&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-02-09 08:09:07&v=18.3.0.879&pid=safeguard&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
S2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [X]
C:\Program Files (x86)\Common Files\AVG Secure Search
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

2015-03-05 16:58 - 2015-03-05 17:05 - 00000000 ____D () C:\AdwCleaner
2015-03-04 16:44 - 2015-03-04 16:45 - 00000000 ____D () C:\rsit
2015-03-04 16:44 - 2015-03-04 16:45 - 00000000 ____D () C:\Program Files\trend micro
C:\Users\CaligulaIIIV\AppData\Local\Temp
C:\Users\jan\AppData\Local\Temp
Task: {0BE3D057-18CE-4A83-B2DC-1570F8CF7A5E} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-04-27] ()
Task: {5FBBE2D4-F2AB-4464-93B6-163C34BE5BC9} - System32\Tasks\0814tbUpdateInfo => C:\ProgramData\Avg_Update_0814tb\0814tb_{3FD5FF35-B979-4F26-BDD5-2248F1F54618}.exe [2014-08-26] ()
Task: {C1772C20-D01D-4946-A53C-322B5B3B1290} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-04-27] ()
Task: {DC35B3BF-65F9-4DE2-A25B-46A6AC9BDB68} - System32\Tasks\1114tbUpdateInfo => C:\ProgramData\Avg_Update_1114tb\1114tb_{5EDCF339-6F7E-419F-924D-4C3FC4901BE8}.exe [2014-11-07] ()
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
Hosts:
End

Megatron · #7 Příspěvek od **Megatron** » 07 bře 2015 08:55

DObré ráno, zde je požadovaný FIXLOG.

Version: 04-03-2015 01
Ran by CaligulaIIIV at 2015-03-07 08:49:08 Run:1
Running from C:\Users\CaligulaIIIV\Desktop
Loaded Profiles: CaligulaIIIV (Available profiles: jan & CaligulaIIIV)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [AVG-Secure-Search-Update_0414c] => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912 2014-04-27] ()
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\...\MountPoints2: {15ea9322-f5ed-11e3-bf42-20689d0d128c} - "H:\LG_PC_Programs.exe"

HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={63B02A24- ... 2014-02-09 08:09:07&v=18.3.0.879&pid=safeguard&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
S2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [X]
C:\Program Files (x86)\Common Files\AVG Secure Search
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

2015-03-05 16:58 - 2015-03-05 17:05 - 00000000 ____D () C:\AdwCleaner
2015-03-04 16:44 - 2015-03-04 16:45 - 00000000 ____D () C:\rsit
2015-03-04 16:44 - 2015-03-04 16:45 - 00000000 ____D () C:\Program Files\trend micro
C:\Users\CaligulaIIIV\AppData\Local\Temp
C:\Users\jan\AppData\Local\Temp
Task: {0BE3D057-18CE-4A83-B2DC-1570F8CF7A5E} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-04-27] ()
Task: {5FBBE2D4-F2AB-4464-93B6-163C34BE5BC9} - System32\Tasks\0814tbUpdateInfo => C:\ProgramData\Avg_Update_0814tb\0814tb_{3FD5FF35-B979-4F26-BDD5-2248F1F54618}.exe [2014-08-26] ()
Task: {C1772C20-D01D-4946-A53C-322B5B3B1290} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-04-27] ()
Task: {DC35B3BF-65F9-4DE2-A25B-46A6AC9BDB68} - System32\Tasks\1114tbUpdateInfo => C:\ProgramData\Avg_Update_1114tb\1114tb_{5EDCF339-6F7E-419F-924D-4C3FC4901BE8}.exe [2014-11-07] ()
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_0414c => value deleted successfully.
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15ea9322-f5ed-11e3-bf42-20689d0d128c}" => Key deleted successfully.
HKCR\CLSID\{15ea9322-f5ed-11e3-bf42-20689d0d128c} => Key not found.
HKU\S-1-5-21-1183043918-2533521537-1736159323-1004\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk" => Key deleted successfully.
vToolbarUpdater18.3.0 => Service deleted successfully.
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
GGSAFERDriver => Service deleted successfully.
C:\AdwCleaner => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\CaligulaIIIV\AppData\Local\Temp => Moved successfully.
C:\Users\jan\AppData\Local\Temp => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0BE3D057-18CE-4A83-B2DC-1570F8CF7A5E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BE3D057-18CE-4A83-B2DC-1570F8CF7A5E}" => Key deleted successfully.
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0414c_rel => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_0414c_rel" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FBBE2D4-F2AB-4464-93B6-163C34BE5BC9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FBBE2D4-F2AB-4464-93B6-163C34BE5BC9}" => Key deleted successfully.
C:\Windows\System32\Tasks\0814tbUpdateInfo => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0814tbUpdateInfo" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C1772C20-D01D-4946-A53C-322B5B3B1290}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1772C20-D01D-4946-A53C-322B5B3B1290}" => Key deleted successfully.
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_0414c_rmv" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC35B3BF-65F9-4DE2-A25B-46A6AC9BDB68}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC35B3BF-65F9-4DE2-A25B-46A6AC9BDB68}" => Key deleted successfully.
C:\Windows\System32\Tasks\1114tbUpdateInfo => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1114tbUpdateInfo" => Key deleted successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => Moved successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

The system needed a reboot.

==== End of Fixlog 08:49:12 ====

#8 Příspěvek od **altrok** » 07 bře 2015 11:36

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

VIRY.CZ

Preventivka

Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka