VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Notebook přestal komunikovat

https://forum.viry.cz:443/viewtopic.php?t=145857

Stránka 1 z 2

Notebook přestal komunikovat

Napsal: 28 srp 2015 19:01
od Daveson
Chlapci potřeboval bych prosím pomoct s tatínkovým notebookem. Zmizela mu ikona na mail a vůbec nejde otevřít Chrome a spoustu dalších podivností. A ještě malou radu bych prosil. Instalovat Desítky nebo raději ne? Každopádně zde log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kelos at 2015-08-28 19:51:00
Microsoft Windows 8.1
System drive C: has 21 GB (4%) free of 477 GB
Total RAM: 3977 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:07, on 28. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.8.0\ScriptHelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Kelos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={AE466608 ... 2015-03-03 23:13:56&v=4.1.0.411&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.1.5.143\AVG Web TuneUp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4DD0EF854589ED6CAA094897045A1DD0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.22.0.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.8.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 7630 bytes

======Listing Processes======




c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-5381-f603fadeeb0f /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"


wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
dashost.exe {db4e664f-5967-451c-bb25123855a540fa}
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
taskhost.exe $(Arg0)

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9747109f-ba37-45d9-a310-e717989fc95d -SystemEventPortName:HostProcess-587e4710-b733-444d-89c2-c8b7abbc7459 -IoCancelEventPortName:HostProcess-a16d9b72-5e70-4a1f-aea2-5041b564be1c -NonStateChangingEventPortName:HostProcess-ece18db9-9448-47ee-a5e5-1f901796fec5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e458704d-5e02-4114-b42f-1f5995a77b11 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.8.0\ScriptHelper.exe" -Embedding
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5448 CREDAT:267521 /prefetch:2
C:\WINDOWS\System32\svchost.exe -k smphost
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\Kelos\AppData\Local\Microsoft\Windows\INetCache\IE\33V3J45M\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files\AVG Web TuneUp\4.1.5.143\AVG Web TuneUp.dll [2015-07-23 2476432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.1.5.143\AVG Web TuneUp.dll [2015-07-23 2426256]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-09-27 13196432]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"GoogleChromeAutoLaunch_4DD0EF854589ED6CAA094897045A1DD0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-07-24 813896]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2015-07-23 3175312]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-07-07 3730344]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-28 19:51:01 ----D---- C:\Program Files\trend micro
2015-08-28 19:51:00 ----D---- C:\rsit
2015-08-28 19:42:19 ----D---- C:\WINDOWS\Panther
2015-08-28 19:42:06 ----HD---- C:\$Windows.~BT
2015-08-28 19:37:46 ----D---- C:\Program Files\CCleaner
2015-08-12 17:56:42 ----N---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-12 17:56:42 ----N---- C:\WINDOWS\system32\wininet.dll
2015-08-12 17:56:41 ----N---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-12 17:56:41 ----N---- C:\WINDOWS\system32\urlmon.dll
2015-08-12 17:56:41 ----N---- C:\WINDOWS\system32\actxprxy.dll
2015-08-12 17:56:40 ----N---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-12 17:56:40 ----N---- C:\WINDOWS\system32\iertutil.dll
2015-08-12 17:55:26 ----N---- C:\WINDOWS\system32\davclnt.dll
2015-08-12 17:55:25 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-12 17:55:25 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-12 17:54:46 ----N---- C:\WINDOWS\system32\csrsrv.dll
2015-08-12 17:54:46 ----N---- C:\WINDOWS\system32\basesrv.dll
2015-08-12 17:54:43 ----N---- C:\WINDOWS\system32\msxml6.dll
2015-08-12 17:54:14 ----N---- C:\WINDOWS\system32\DWrite.dll

======List of files/folders modified in the last 1 month======

2015-08-28 19:51:07 ----D---- C:\WINDOWS\Prefetch
2015-08-28 19:51:01 ----RD---- C:\Program Files
2015-08-28 19:48:52 ----D---- C:\WINDOWS\Temp
2015-08-28 19:48:42 ----HD---- C:\Program Files\WindowsApps
2015-08-28 19:48:30 ----D---- C:\WINDOWS\AppReadiness
2015-08-28 19:47:58 ----D---- C:\WINDOWS\system32\config
2015-08-28 19:42:19 ----D---- C:\Windows
2015-08-28 19:42:03 ----D---- C:\WINDOWS\Logs
2015-08-28 19:41:26 ----D---- C:\WINDOWS\CbsTemp
2015-08-28 19:40:57 ----D---- C:\Users\Kelos\AppData\Roaming\Media Player Classic
2015-08-28 19:40:57 ----D---- C:\Users\Kelos\AppData\Roaming\DAEMON Tools Lite
2015-08-28 19:40:48 ----RD---- C:\WINDOWS\System32
2015-08-28 19:40:48 ----D---- C:\WINDOWS\Inf
2015-08-28 19:40:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-28 19:40:47 ----D---- C:\WINDOWS\ModemLogs
2015-08-28 19:40:45 ----D---- C:\WINDOWS\Minidump
2015-08-28 19:40:45 ----D---- C:\WINDOWS\debug
2015-08-28 19:37:50 ----D---- C:\WINDOWS\system32\Tasks
2015-08-28 19:37:41 ----D---- C:\WINDOWS\WinSxS
2015-08-28 19:19:51 ----RD---- C:\Program Files (x86)
2015-08-28 19:18:28 ----D---- C:\ProgramData\MFAData
2015-08-28 19:14:04 ----D---- C:\WINDOWS\SysWOW64
2015-08-28 19:14:04 ----D---- C:\WINDOWS\system32\cs-CZ
2015-08-28 19:11:38 ----D---- C:\WINDOWS\system32\wbem
2015-08-28 19:10:13 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-28 19:10:13 ----RSD---- C:\WINDOWS\Media
2015-08-28 19:10:13 ----D---- C:\WINDOWS\WinStore
2015-08-28 19:10:13 ----D---- C:\WINDOWS\Tasks
2015-08-28 19:10:13 ----D---- C:\WINDOWS\SYSWOW64\wbem
2015-08-28 19:10:13 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-08-28 19:10:13 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-08-28 19:10:13 ----D---- C:\WINDOWS\system32\sru
2015-08-28 19:10:13 ----D---- C:\WINDOWS\system32\catroot2
2015-08-28 19:10:13 ----D---- C:\Program Files\Windows Defender
2015-08-28 19:10:13 ----D---- C:\Program Files\Internet Explorer
2015-08-28 19:10:13 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-28 19:10:12 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-08-28 19:10:12 ----D---- C:\WINDOWS\system32\migration
2015-08-28 19:10:12 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-28 19:10:12 ----D---- C:\WINDOWS\system32\drivers
2015-08-28 19:10:12 ----D---- C:\WINDOWS\PolicyDefinitions
2015-08-28 19:10:12 ----D---- C:\WINDOWS\apppatch
2015-08-28 19:09:58 ----RD---- C:\WINDOWS\ToastData
2015-08-28 19:09:57 ----D---- C:\WINDOWS\SYSWOW64\config
2015-08-28 19:09:56 ----SD---- C:\WINDOWS\system32\GWX
2015-08-28 19:09:56 ----D---- C:\WINDOWS\system32\Sysprep
2015-08-28 19:09:53 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-08-28 19:09:50 ----D---- C:\WINDOWS\servicing
2015-08-28 19:09:49 ----SHD---- C:\WINDOWS\Installer
2015-08-28 19:09:49 ----RSD---- C:\WINDOWS\Fonts
2015-08-28 19:09:33 ----D---- C:\ProgramData\Microsoft Help
2015-08-28 19:09:32 ----D---- C:\ProgramData\AVG Secure Search
2015-08-28 19:09:32 ----D---- C:\Program Files\Common Files\microsoft shared
2015-08-28 19:09:31 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2015-08-28 19:00:16 ----D---- C:\WINDOWS\registration
2015-08-28 18:57:47 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-28 18:56:06 ----SD---- C:\ProgramData\Microsoft
2015-08-28 17:51:53 ----SHD---- C:\System Volume Information
2015-08-27 22:17:00 ----HD---- C:\Config.Msi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-05-12 253408]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-05-07 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-06-10 226784]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-03-20 40928]
R0 TVALZ;@oem2.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-03-11 162784]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-06-26 293296]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-06-16 259040]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-06-15 295400]
R1 dtsoftbus01;@oem1.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-06-02 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-09-27 4155536]
R3 MEIx64;@oem7.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 RtkBtFilter2;@oem15.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Module; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2013-11-28 48856]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E – síťový adaptér; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-28 34544]
R3 SynTP;@oem91.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-08-28 524528]
R3 Thotkey;@oem63.inf,%Thotkey%;Toshiba Hotkey Driver; C:\WINDOWS\System32\drivers\Thotkey.sys [2013-08-19 32624]
R3 tosrfec;@oem79.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\WINDOWS\System32\drivers\tosrfec.sys [2013-11-01 27032]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-03-27 21152]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dot4;@oem81.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem82.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem81.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys []
S3 HtcVCom32;@oem146.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 WinUsb;@winusb.inf,%WinUSB_SvcDesc%;Ovladač WinUsb; C:\WINDOWS\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-07-07 3518376]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-07-07 314304]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-03-17 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2012-09-27 201360]
R2 vToolbarUpdater18.8.0;vToolbarUpdater18.8.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe [2015-07-23 1874320]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Re: Notebook přestal komunikovat

Napsal: 28 srp 2015 20:53
od Márty84
Zdravim :)
Daveson píše:a spoustu dalších podivností.
:???: Jakych?

Daveson píše:Instalovat Desítky nebo raději ne?
Co chcete slyset? Co clovek, to nazor :-) http://forum.viry.cz/viewtopic.php?f=4&t=144718 Ja osobne zatim zustavam na W8.1 . Cekam, az vychytaji nejake ty mouchy. U nekterych to probehlo bez problemu, nekteri s tim museli hodne zapasit, nekteri byli nuceni vratit se na stary system. Rozhodnuti je na vas ;-)


:arrow: Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.


:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Notebook přestal komunikovat

Napsal: 29 srp 2015 11:47
od Daveson
# AdwCleaner v5.004 - Logfile created 29/08/2015 at 09:58:28
# Updated 26/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Kelos - KELOS-NB
# Running from : C:\Users\Kelos\Desktop\adwcleaner_5.004.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater18.8.0

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
[-] Folder Deleted : C:\Program Files (x86)\Conduit
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Conduit
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0814tb
[-] Folder Deleted : C:\Users\Kelos\AppData\Local\Conduit
[-] Folder Deleted : C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam
[-] Folder Deleted : C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba
[-] Folder Deleted : C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc
[-] Folder Deleted : C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Folder Deleted : C:\Users\Kelos\AppData\LocalLow\Conduit

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : BackgroundContainer Startup Task

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[-] Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
[!] Key Not Deleted : HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\AppDataLow\Software\ConduitSearchScopes
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FAD1EABD-ED76-4188-8ADE-220CBA6BDD96}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FAD1EABD-ED76-4188-8ADE-220CBA6BDD96}
[!] Key Not Deleted : HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FAD1EABD-ED76-4188-8ADE-220CBA6BDD96}

***** [ Web browsers ] *****

[-] [C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted :

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5686 bytes] ##########

Re: Notebook přestal komunikovat

Napsal: 29 srp 2015 11:47
od Daveson
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 29. 8. 2015
Čas skenování: 10:15
Protokol: malware.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.29.01
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Kelos

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 542788
Uplynulý čas: 2 hod, 27 min, 8 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir, , [6f26d13de9a2c175b964052ba8588b75],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Notebook přestal komunikovat

Napsal: 29 srp 2015 11:49
od Daveson
Crystaldisk nejde vůbec spustit... A podivnostmi jsem měl na mysli více programů co nejdou spustit. Začne to načítat a z ničeho nic skončí a nic se neotevře.

Re: Notebook přestal komunikovat

Napsal: 29 srp 2015 15:33
od Márty84
:arrow: MBAM odinstalujte (nalez je neskodny, uz je v karantene ADWCleaneru).

Ten Crystal tedy regulerne nainstalujte. Pri instalaci pozorne ctete, co povolujete....

:arrow: Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Re: Notebook přestal komunikovat

Napsal: 29 srp 2015 18:48
od Daveson
Možná hloupá otázka, kam se to uložilo??? :?:

Re: Notebook přestal komunikovat

Napsal: 29 srp 2015 22:41
od Márty84
Do pameti. Proste staci kliknout do textoveho pole a vlozit text.

Re: Notebook přestal komunikovat

Napsal: 30 srp 2015 07:30
od Daveson
----------------------------------------------------------------------------
CrystalDiskInfo 6.3.2 (C) 2008-2015 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2015/08/30 8:30:27

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- TOSHIBA MK5075GSX
- TSSTcorp CDDVDW SN-208AB
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MK5075GSX : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MK5075GSX
----------------------------------------------------------------------------
Model : TOSHIBA MK5075GSX
Firmware : GT001M
Serial Number : 82I2YKY3F
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 5772 hod.
Power On Count : 2542 krát
Temperature : 26 C (78 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 0000000007B8 Čas na roztočení ploten
04 100 100 __0 000000000BB5 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _86 _86 __0 00000000168C Hodin v činnosti
0A 159 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 0000000009EE Počet cyklů zapnutí zařízení
BF 100 100 __0 00000000003B Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000005 Počet vypnutí disku
C1 _86 _86 __0 000000022BC6 Počet cyklů načítání/vymazání
C2 100 100 __0 00360006001A Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 00000000202F Posunutí disku vůči ose
DE _89 _89 __0 000000001166 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000F1 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2038 3249 3259 4B59 3346
020: 0000 4000 0000 4754 3030 314D 2020 544F 5348 4942
030: 4120 4D4B 3530 3735 4753 5820 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F06 0004 004C 0040
080: 01F8 0000 746B 7D09 6163 7469 BC09 6163 003F 005B
090: 005B 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 4000 0000 5000 0394
110: 3CE0 74E0 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 7BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 27 00 64 64 B8
020: 07 00 00 00 00 00 04 32 00 64 64 B5 0B 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 56 56 8C 16 00 00 00
060: 00 00 0A 33 00 9F 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 EE 09 00 00 00 00 00 BF 32 00 64 64 3B
080: 00 00 00 00 00 00 C0 32 00 64 64 05 00 00 00 00
090: 00 00 C1 32 00 56 56 C6 2B 02 00 00 00 00 C2 22
0A0: 00 64 64 1A 00 06 00 36 00 00 C4 32 00 64 64 00
0B0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0C0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 C8 C8 00 00 00 00 00 00 00 DC 02 00 64 64 2F
0E0: 20 00 00 00 00 00 DE 32 00 59 59 66 11 00 00 00
0F0: 00 00 DF 32 00 64 64 00 00 00 00 00 00 00 E0 22
100: 00 64 64 00 00 00 00 00 00 00 E2 26 00 64 64 F1
110: 00 00 00 00 00 00 F0 01 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 5B
170: 03 00 01 00 02 C0 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7A

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 01 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 32 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DC 00 00 00 00 00
0E0: 00 00 00 00 00 00 DE 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E0 00
100: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00
110: 00 00 00 00 00 00 F0 01 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36

Re: Notebook přestal komunikovat

Napsal: 30 srp 2015 08:11
od Márty84
:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)

Re: Notebook přestal komunikovat

Napsal: 31 srp 2015 22:00
od Daveson
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kelos at 2015-08-31 22:54:51
Microsoft Windows 8.1
System drive C: has 19 GB (4%) free of 477 GB
Total RAM: 3977 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:54:52, on 31. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Kelos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={AE466608 ... 2015-03-03 23:13:56&v=4.1.0.411&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4DD0EF854589ED6CAA094897045A1DD0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.22.0.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 7164 bytes

======Listing Processes======




c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-8b55-1f733a63a81f /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
dashost.exe {7778b146-7715-46fd-aba451310426cea5}
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
taskeng.exe {C18CDF3A-C9B8-4A39-8772-D4AC15876E7E}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3900 CREDAT:267521 /prefetch:2
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2604199024-2899163858-2028386788-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2604199024-2899163858-2028386788-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584

"C:\Users\Kelos\AppData\Local\Microsoft\Windows\INetCache\IE\33V3J45M\RSITx64 (1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-09-27 13196432]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"GoogleChromeAutoLaunch_4DD0EF854589ED6CAA094897045A1DD0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-08-18 813896]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-07-07 3730344]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-29 20:47:43 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-29 20:47:42 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-29 10:13:27 ----D---- C:\ProgramData\Malwarebytes
2015-08-29 09:53:41 ----D---- C:\AdwCleaner
2015-08-28 19:51:01 ----D---- C:\Program Files\trend micro
2015-08-28 19:51:00 ----D---- C:\rsit
2015-08-28 19:44:47 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-08-28 19:44:47 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-08-28 19:44:47 ----A---- C:\WINDOWS\system32\localspl.dll
2015-08-28 19:44:47 ----A---- C:\WINDOWS\system32\compstui.dll
2015-08-28 19:44:46 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-08-28 19:44:46 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2015-08-28 19:44:46 ----A---- C:\WINDOWS\system32\profsvc.dll
2015-08-28 19:44:46 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-08-28 19:44:46 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-08-28 19:44:43 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-08-28 19:44:42 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2015-08-28 19:44:31 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-28 19:44:30 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-28 19:44:30 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-28 19:44:30 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-28 19:44:30 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-28 19:44:30 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-28 19:44:30 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-28 19:44:30 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-28 19:44:30 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-28 19:44:30 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-28 19:44:30 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-28 19:44:30 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-28 19:44:28 ----A---- C:\WINDOWS\system32\shell32.dll
2015-08-28 19:44:27 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-08-28 19:44:26 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-08-28 19:44:26 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-28 19:44:25 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-08-28 19:44:24 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-08-28 19:44:13 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-08-28 19:44:13 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-28 19:44:12 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-08-28 19:44:12 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-08-28 19:44:12 ----A---- C:\WINDOWS\system32\drivers\sermouse.sys
2015-08-28 19:44:12 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2015-08-28 19:44:12 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys
2015-08-28 19:44:12 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2015-08-28 19:44:12 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys
2015-08-28 19:44:12 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys
2015-08-28 19:44:10 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-28 19:44:09 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-28 19:44:07 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-28 19:44:07 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-28 19:44:07 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-28 19:44:05 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-08-28 19:44:05 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-08-28 19:44:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-08-28 19:44:02 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-08-28 19:44:01 ----A---- C:\WINDOWS\system32\SRH.dll
2015-08-28 19:43:59 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-08-28 19:43:58 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-08-28 19:43:57 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-08-28 19:43:56 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-08-28 19:43:56 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-08-28 19:43:54 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-08-28 19:43:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-28 19:43:36 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-28 19:43:35 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-28 19:43:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-28 19:43:30 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-28 19:43:29 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-28 19:43:28 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-28 19:43:27 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-28 19:43:19 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-28 19:43:13 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-28 19:43:10 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-28 19:43:10 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-28 19:43:10 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-28 19:43:10 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-28 19:43:08 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-28 19:43:08 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-28 19:43:08 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-28 19:43:08 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-28 19:43:07 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-28 19:43:07 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-28 19:43:07 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-28 19:43:07 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-28 19:43:07 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-28 19:43:06 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-28 19:43:06 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-28 19:43:05 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-28 19:43:01 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-08-28 19:42:56 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-28 19:42:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-28 19:42:52 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-08-28 19:42:51 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-08-28 19:42:51 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-08-28 19:42:48 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-28 19:42:47 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-28 19:42:47 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-28 19:42:47 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-28 19:42:43 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-28 19:42:43 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-28 19:42:42 ----A---- C:\WINDOWS\system32\aepic.dll
2015-08-28 19:42:42 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-08-28 19:42:42 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-28 19:42:40 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-28 19:42:38 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-28 19:42:38 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-28 19:42:38 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-28 19:42:36 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-08-28 19:42:36 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2015-08-28 19:42:33 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-08-28 19:42:33 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-08-28 19:42:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-28 19:42:32 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-28 19:42:23 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-28 19:42:21 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-28 19:42:21 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-28 19:42:19 ----D---- C:\WINDOWS\Panther
2015-08-28 19:41:58 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-08-28 19:41:58 ----A---- C:\WINDOWS\system32\authz.dll
2015-08-28 19:41:49 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-28 19:41:49 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-28 19:41:48 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-08-28 19:41:48 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-28 19:41:48 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-28 19:41:48 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-28 19:41:48 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-28 19:41:47 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-28 19:41:47 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-28 19:41:46 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-28 19:41:46 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-28 19:41:45 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-28 19:41:45 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-28 19:41:44 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-28 19:41:44 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-28 19:41:44 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-28 19:41:44 ----A---- C:\WINDOWS\notepad.exe
2015-08-28 19:41:43 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-28 19:41:43 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-28 19:41:43 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-28 19:41:39 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-28 19:41:39 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-28 19:41:39 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-28 19:41:39 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-28 19:41:39 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-28 19:41:39 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-28 19:41:39 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-08-28 19:41:39 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-28 19:37:46 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2015-08-31 22:49:58 ----D---- C:\WINDOWS\Temp
2015-08-31 22:49:58 ----D---- C:\WINDOWS\Prefetch
2015-08-31 22:49:56 ----D---- C:\Windows
2015-08-31 22:49:03 ----D---- C:\WINDOWS\Inf
2015-08-31 22:47:50 ----D---- C:\WINDOWS\Minidump
2015-08-31 22:40:34 ----D---- C:\WINDOWS\system32\config
2015-08-31 22:35:17 ----RD---- C:\WINDOWS\System32
2015-08-31 22:35:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-31 22:34:39 ----D---- C:\ProgramData\MFAData
2015-08-31 22:27:28 ----D---- C:\WINDOWS\SysWOW64
2015-08-31 22:27:00 ----D---- C:\WINDOWS\system32\sru
2015-08-30 08:44:16 ----D---- C:\WINDOWS\debug
2015-08-29 20:48:15 ----D---- C:\WINDOWS\AppReadiness
2015-08-29 20:48:14 ----HD---- C:\Program Files\WindowsApps
2015-08-29 20:47:54 ----D---- C:\WINDOWS\CbsTemp
2015-08-29 19:35:02 ----RD---- C:\Program Files (x86)
2015-08-29 19:35:02 ----D---- C:\WINDOWS\system32\drivers
2015-08-29 19:31:27 ----D---- C:\WINDOWS\rescache
2015-08-29 13:01:10 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-29 12:54:17 ----SHD---- C:\System Volume Information
2015-08-29 11:28:29 ----HD---- C:\$Windows.~BT
2015-08-29 10:13:27 ----HD---- C:\ProgramData
2015-08-29 10:08:00 ----D---- C:\WINDOWS\WinSxS
2015-08-29 10:07:37 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-29 10:02:55 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-29 10:02:55 ----D---- C:\WINDOWS\system32\wbem
2015-08-29 10:02:55 ----D---- C:\WINDOWS\system32\appraiser
2015-08-29 10:02:55 ----D---- C:\WINDOWS\apppatch
2015-08-29 10:02:48 ----RD---- C:\WINDOWS\ToastData
2015-08-29 10:02:45 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-08-29 10:02:44 ----RSD---- C:\WINDOWS\Fonts
2015-08-29 10:02:44 ----D---- C:\Program Files\Internet Explorer
2015-08-29 10:02:44 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-29 10:02:41 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-29 10:02:37 ----D---- C:\Program Files\Windows Defender
2015-08-29 10:02:37 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-29 10:02:36 ----D---- C:\WINDOWS\WinStore
2015-08-29 09:58:32 ----D---- C:\WINDOWS\system32\Tasks
2015-08-29 09:58:29 ----D---- C:\Program Files (x86)\Common Files
2015-08-29 09:52:01 ----SHD---- C:\WINDOWS\Installer
2015-08-29 09:52:01 ----HD---- C:\Config.Msi
2015-08-29 09:47:22 ----D---- C:\WINDOWS\Tasks
2015-08-28 20:26:59 ----D---- C:\WINDOWS\system32\MRT
2015-08-28 20:21:30 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-28 19:51:01 ----RD---- C:\Program Files
2015-08-28 19:42:03 ----D---- C:\WINDOWS\Logs
2015-08-28 19:40:57 ----D---- C:\Users\Kelos\AppData\Roaming\Media Player Classic
2015-08-28 19:40:57 ----D---- C:\Users\Kelos\AppData\Roaming\DAEMON Tools Lite
2015-08-28 19:40:47 ----D---- C:\WINDOWS\ModemLogs
2015-08-28 19:14:04 ----D---- C:\WINDOWS\system32\cs-CZ
2015-08-28 19:10:13 ----RSD---- C:\WINDOWS\Media
2015-08-28 19:10:13 ----D---- C:\WINDOWS\SYSWOW64\wbem
2015-08-28 19:10:13 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-08-28 19:10:13 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-08-28 19:10:13 ----D---- C:\WINDOWS\system32\catroot2
2015-08-28 19:10:12 ----D---- C:\WINDOWS\system32\migration
2015-08-28 19:10:12 ----D---- C:\WINDOWS\PolicyDefinitions
2015-08-28 19:09:57 ----D---- C:\WINDOWS\SYSWOW64\config
2015-08-28 19:09:56 ----SD---- C:\WINDOWS\system32\GWX
2015-08-28 19:09:56 ----D---- C:\WINDOWS\system32\Sysprep
2015-08-28 19:09:53 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-08-28 19:09:50 ----D---- C:\WINDOWS\servicing
2015-08-28 19:09:33 ----D---- C:\ProgramData\Microsoft Help
2015-08-28 19:09:32 ----D---- C:\Program Files\Common Files\microsoft shared
2015-08-28 19:09:31 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2015-08-28 19:00:16 ----D---- C:\WINDOWS\registration
2015-08-28 18:56:06 ----SD---- C:\ProgramData\Microsoft
2015-08-14 03:50:25 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-05-12 253408]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-05-07 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-06-10 226784]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-03-20 40928]
R0 TVALZ;@oem2.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-03-11 162784]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-06-26 293296]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-06-16 259040]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-06-15 295400]
R1 dtsoftbus01;@oem1.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-06-02 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-09-27 4155536]
R3 MEIx64;@oem7.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 RtkBtFilter2;@oem15.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Module; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2013-11-28 48856]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E – síťový adaptér; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-28 34544]
R3 SynTP;@oem91.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-08-28 524528]
R3 Thotkey;@oem63.inf,%Thotkey%;Toshiba Hotkey Driver; C:\WINDOWS\System32\drivers\Thotkey.sys [2013-08-19 32624]
R3 tosrfec;@oem79.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\WINDOWS\System32\drivers\tosrfec.sys [2013-11-01 27032]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-03-27 21152]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dot4;@oem81.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem82.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem81.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys []
S3 HtcVCom32;@oem146.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-07-07 3518376]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-07-07 314304]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-03-17 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2012-09-27 201360]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Re: Notebook přestal komunikovat

Napsal: 31 srp 2015 22:02
od Daveson
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Kelos (administrator) on KELOS-NB (31-08-2015 22:57:27)
Running from C:\Users\Kelos\Desktop
Loaded Profiles: Kelos (Available Profiles: Kelos)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Kelos\AppData\Local\Microsoft\Windows\INetCache\IE\33V3J45M\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\...\Run: [GoogleChromeAutoLaunch_4DD0EF854589ED6CAA094897045A1DD0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-04-13]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [50176 2015-03-23] (Microsoft Corporation)
Winsock: Catalog5 09 C:\WINDOWS\SysWOW64\wlidNSP.dll [50176 2015-03-23] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [74240 2015-03-23] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [74240 2015-03-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{05988249-AEFE-4D84-9EC2-3002A3724DCF}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{A8D43874-D7B2-464C-A783-B7E73468B2F2}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={AE466608-34E6-4F73-B487-1785591E45E7}&mid=87540d908d2247d29dd19d3bff51ad1f-4e8b9981bb13bf31bda21fdad812285941212d6d&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-03-03 23:13:56&v=4.1.0.411&pid=wtu&sg=&sap=hp
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll [2014-02-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll [2014-02-21] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.cz/"
CHR DefaultSuggestURL: Default -> https://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AVG Secure Search) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-08-31]
CHR Extension: (Spry this!) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2015-08-31]
CHR Extension: (CSS reload!) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2015-08-31]
CHR Extension: (Avast Online Security) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-31]
CHR Extension: (WebSite Recommendation Lite) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jopdpbolklklaiookikgmdinfbooiipj [2015-08-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-09-27] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1195920 2015-07-23] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [295400 2015-06-15] (AVG Technologies CZ, s.r.o.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-02] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R3 RtkBtFilter2; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [48856 2013-11-28] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-31 22:57 - 2015-08-31 22:57 - 00012005 _____ C:\Users\Kelos\Desktop\FRST.txt
2015-08-31 22:57 - 2015-08-31 22:57 - 00000000 ____D C:\Users\Kelos\Desktop\FRST-OlderVersion
2015-08-31 22:57 - 2015-08-31 22:57 - 00000000 ____D C:\FRST
2015-08-31 22:47 - 2015-08-31 22:48 - 00285552 _____ C:\WINDOWS\Minidump\083115-44953-01.dmp
2015-08-31 22:43 - 2015-08-31 22:43 - 00112640 _____ (forum.viry.cz) C:\Users\Kelos\FRSTLauncher.exe
2015-08-31 22:29 - 2015-08-31 22:47 - 00000231 _____ C:\WINDOWS\setupact.log
2015-08-31 22:29 - 2015-08-31 22:29 - 00000372 _____ C:\WINDOWS\PFRO.log
2015-08-31 22:29 - 2015-08-31 22:29 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-30 12:01 - 2015-08-31 22:57 - 02188800 _____ (Farbar) C:\Users\Kelos\Desktop\FRST64.exe
2015-08-29 20:47 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-29 20:47 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-29 19:41 - 2015-08-29 19:41 - 02863750 _____ C:\Users\Kelos\Downloads\CrystalDiskInfo6_3_2.zip
2015-08-29 10:13 - 2015-08-29 10:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-29 10:12 - 2015-08-29 10:12 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Kelos\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-29 09:53 - 2015-08-29 09:58 - 00000000 ____D C:\AdwCleaner
2015-08-29 09:52 - 2015-08-29 09:52 - 01618432 _____ C:\Users\Kelos\Desktop\adwcleaner_5.004.exe
2015-08-28 19:51 - 2015-08-31 22:54 - 00000000 ____D C:\Program Files\trend micro
2015-08-28 19:51 - 2015-08-28 19:51 - 00000000 ____D C:\rsit
2015-08-28 19:44 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-28 19:44 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-28 19:44 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-28 19:44 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-28 19:44 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-28 19:44 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-28 19:44 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-28 19:44 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-28 19:44 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-28 19:44 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-28 19:44 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-28 19:44 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-28 19:44 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-28 19:44 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-28 19:44 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-28 19:44 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-28 19:44 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-28 19:44 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-28 19:44 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-28 19:44 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-28 19:44 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-28 19:44 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-28 19:44 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-28 19:44 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-28 19:44 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-08-28 19:44 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-08-28 19:44 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-28 19:44 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-08-28 19:44 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-28 19:44 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-28 19:44 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-08-28 19:44 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-08-28 19:44 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-08-28 19:44 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-08-28 19:44 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-08-28 19:44 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-28 19:44 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-08-28 19:44 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-28 19:44 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-08-28 19:44 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-08-28 19:44 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-08-28 19:44 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-08-28 19:44 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-28 19:44 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-08-28 19:44 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-08-28 19:44 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-08-28 19:44 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-08-28 19:44 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-08-28 19:44 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-08-28 19:44 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-08-28 19:43 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-28 19:43 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-28 19:43 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-28 19:43 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-28 19:43 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-28 19:43 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-28 19:43 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-28 19:43 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-28 19:43 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-28 19:43 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-28 19:43 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-28 19:43 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-28 19:43 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-28 19:43 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-28 19:43 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-28 19:43 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-28 19:43 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-28 19:43 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-28 19:43 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-28 19:43 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-28 19:43 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-28 19:43 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-28 19:43 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-28 19:43 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-28 19:43 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-28 19:43 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-28 19:43 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-28 19:43 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-28 19:43 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-28 19:43 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-28 19:43 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-08-28 19:43 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-08-28 19:43 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-08-28 19:43 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-08-28 19:43 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-08-28 19:43 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-08-28 19:42 - 2015-08-29 12:54 - 00000000 ____D C:\WINDOWS\Panther
2015-08-28 19:42 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-28 19:42 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-28 19:42 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-28 19:42 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-28 19:42 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-28 19:42 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-28 19:42 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-28 19:42 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-28 19:42 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-28 19:42 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-28 19:42 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-28 19:42 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-28 19:42 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-28 19:42 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-28 19:42 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-08-28 19:42 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-28 19:42 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-28 19:42 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-08-28 19:42 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-28 19:42 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-28 19:42 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-08-28 19:42 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-08-28 19:42 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-08-28 19:42 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-08-28 19:42 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-08-28 19:42 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-08-28 19:42 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-08-28 19:41 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-28 19:41 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-28 19:41 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-28 19:41 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-28 19:41 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-28 19:41 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-28 19:41 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-28 19:41 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-28 19:41 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-28 19:41 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-28 19:41 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-28 19:41 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-28 19:41 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-28 19:41 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-28 19:41 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-28 19:41 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-28 19:41 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-28 19:41 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-28 19:41 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-28 19:41 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-28 19:41 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-28 19:41 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-28 19:41 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-28 19:41 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-28 19:41 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-28 19:41 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-28 19:41 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-08-28 19:41 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-08-28 19:41 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-28 19:41 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-28 19:37 - 2015-08-28 19:37 - 00002790 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-28 19:37 - 2015-08-28 19:37 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-28 19:37 - 2015-08-28 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-28 19:37 - 2015-08-28 19:37 - 00000000 ____D C:\Program Files\CCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-31 22:52 - 2014-02-22 12:38 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-31 22:50 - 2014-02-22 15:17 - 00000000 __RDO C:\Users\Kelos\SkyDrive
2015-08-31 22:48 - 2014-02-22 12:38 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-31 22:47 - 2014-09-11 08:29 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-31 22:47 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-31 22:45 - 2014-02-21 18:04 - 01816100 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-31 22:45 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-08-31 22:43 - 2014-02-21 17:53 - 00000000 ____D C:\Users\Kelos
2015-08-31 22:38 - 2014-02-22 12:37 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2476DF7C-5D08-4F38-B396-CAC032A9462B}
2015-08-31 22:35 - 2013-11-14 14:40 - 01658450 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-31 22:35 - 2013-11-14 14:24 - 00705506 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-31 22:35 - 2013-11-14 14:24 - 00143830 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-31 22:34 - 2015-01-20 11:15 - 00000000 ____D C:\ProgramData\MFAData
2015-08-31 22:27 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-30 08:44 - 2014-02-21 13:41 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2604199024-2899163858-2028386788-1001
2015-08-29 20:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-29 20:47 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-29 19:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-29 11:28 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-29 10:06 - 2013-08-22 16:44 - 00371776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-29 10:02 - 2014-12-12 23:33 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-29 10:02 - 2014-07-10 08:21 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-29 10:02 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-29 10:02 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-29 10:02 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-29 10:02 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-29 10:02 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-29 10:02 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-29 10:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-08-29 10:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-29 10:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-29 09:55 - 2014-02-22 12:38 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-29 09:47 - 2014-02-22 12:38 - 00003950 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-29 09:47 - 2014-02-22 12:38 - 00003714 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 20:26 - 2014-02-21 14:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-28 20:21 - 2014-02-21 14:42 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-28 19:40 - 2014-06-02 13:21 - 00000000 ____D C:\Users\Kelos\AppData\Roaming\DAEMON Tools Lite
2015-08-28 19:40 - 2014-04-25 16:06 - 00000000 ____D C:\Users\Kelos\AppData\Roaming\Media Player Classic
2015-08-28 19:18 - 2015-01-20 11:15 - 00000000 ____D C:\Users\Kelos\AppData\Local\Avg2015
2015-08-28 19:10 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-08-28 19:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-28 19:09 - 2015-04-07 11:27 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-08-28 19:09 - 2015-03-04 00:13 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-08-28 19:09 - 2014-02-22 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-28 19:09 - 2014-02-21 14:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-28 19:09 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-28 19:09 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-28 19:09 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2015-08-28 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2015-08-27 22:17 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-22 19:44 - 2015-01-20 11:13 - 00000000 __SHD C:\Users\Kelos\AppData\Local\EmieUserList
2015-08-22 19:44 - 2015-01-20 11:13 - 00000000 __SHD C:\Users\Kelos\AppData\Local\EmieSiteList
2015-08-22 19:44 - 2015-01-20 11:13 - 00000000 __SHD C:\Users\Kelos\AppData\Local\EmieBrowserModeList
2015-08-14 03:50 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-14 03:50 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 07:55 - 2015-05-18 21:55 - 00000993 _____ C:\Users\Public\Desktop\AVG 2015.lnk

==================== Files in the root of some directories =======

2014-11-22 19:04 - 2014-11-22 19:04 - 0000000 _____ () C:\Users\Kelos\AppData\Local\{BA017FE2-238B-45CF-9131-478CD553CD73}
2014-04-13 19:41 - 2014-09-26 18:51 - 0001351 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\Kelos\FRSTLauncher.exe


Some files in TEMP:
====================
C:\Users\Kelos\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-28 20:07

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.42 GB) (Free:18.14 GB) NTFS

Available physical RAM: 2734.53 MB
Total physical RAM: 3977.3 MB
Percentage of memory in use: 31%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D2803EB6)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Kelos\SkyDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kelos\Desktop" je 50547 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Notebook přestal komunikovat

Napsal: 31 srp 2015 22:03
od Daveson
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Kelos (2015-08-31 22:58:26)
Running from C:\Users\Kelos\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2604199024-2899163858-2028386788-500 - Administrator - Disabled)
Guest (S-1-5-21-2604199024-2899163858-2028386788-501 - Limited - Disabled)
Kelos (S-1-5-21-2604199024-2899163858-2028386788-1001 - Administrator - Enabled) => C:\Users\Kelos

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3100_3200_3300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
3100_3200_3300trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
3200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_STANDARD_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_STANDARD_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_STANDARD_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6086 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4409 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.6086 - AVG Technologies CZ, s.r.o.) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.5.143 - AVG Technologies)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{175a73c0-7c05-417b-95b6-073036f3b3ad}) (Version: - Nero AG)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sony PC Companion (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

14-08-2015 21:19:28 Windows Update
22-08-2015 19:11:05 Windows Update
28-08-2015 17:51:23 Operace obnovení

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {26A6EC42-E8F0-4A3A-8332-3BE3F8C89789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {29A148FA-277D-4B21-A65E-A6581B53711F} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {3536E7B0-2749-45E1-8865-0EFAED81012F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {3B08C6A1-89FE-4CA3-B3A4-5AF6C957380C} - System32\Tasks\{87F75512-F07B-4615-9EF3-E21DA4BD165A} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -c -runfromtemp -l0x0409 -removeonly
Task: {4B860472-18B6-429D-AC75-1B2B7C90645A} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2604199024-2899163858-2028386788-1001
Task: {5B4C1138-F338-4A60-915E-E962198EC73C} - System32\Tasks\Online aktualizační program HP => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {99DF08FE-20B8-4B04-9BC9-E392800AD0B2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-28] (Microsoft Corporation)
Task: {BE9B21CA-5865-47F7-A846-C27C0A1BF084} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D5D100B3-AEA3-488F-B196-14E2468424B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E7BA76A0-5AEA-493D-A139-A0BDE0D32984} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-04 00:13 - 2015-07-23 21:40 - 01195920 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2014-01-30 00:02 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-17 19:34 - 2015-07-17 19:34 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Kelos\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kelos\Desktop\fotky a stazene veci\170320__rali-ivanova-women-girls-sexy-girls-blondes-models-model-waist-figure-lingerie-sexy_p.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "HP Software Update"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{87929481-36E8-4FA2-8EA6-66AB153B2E18}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{E110242D-7BF8-4A36-9806-1E4ABD184D3A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1196EDEE-70FF-4263-B777-47736CBCDEDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{23BB9273-4A5B-40F8-9470-B9D79E0811CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{3D7A7E49-D482-49CF-B20A-44AF2F06762E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{F0559A5D-E93C-4C41-970C-619E9707A5C4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{13B51D0A-81E9-41CB-B2AE-7BCCA5602A69}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{8E48E1E8-FC91-4E38-BCB0-ADDE3D2B739C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1FD251D5-097F-4890-93FC-42BE71A3C606}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{BF00BA3C-14EE-40EA-B456-AB230AAC760E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{8D21A438-EAEB-47DB-A2E6-0CF17C530EAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{0390167B-FC07-4A26-8590-540A71BEBE6A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5271FB86-A18F-4953-98E4-A87924538AFB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{F25F150A-9117-4B70-9067-A8915574097F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{C6F55041-25B3-42F0-9304-35A58DC2FABA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{9E9C75F3-D93C-47EA-9D68-9FCFC5DA37E9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{AF72DE45-0D08-4235-A4DD-75266BB9C96E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A937A017-D047-474D-86EA-476FC42E0D7C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{CFD56C05-9D44-4845-A2AD-50B1CDC1E4CB}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{D94D7DD1-622E-4362-83FA-24C033204D22}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{2AFEC3C9-76C2-418E-ABB0-8EC01998FE01}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{CE3A462E-FEA9-437F-AAD2-6CAE8E360458}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{7CC2AEB9-FDE9-48C5-BC4B-9B81E52CE5A2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{D492A8D4-4695-4B73-9777-D93C72DEC9CF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{4F799AE5-380D-41ED-8A7B-C47DF273D582}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{1E22F3C5-B86D-4234-87CB-CDE82EB6BD9E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{7C3481B8-0444-49E0-944A-D5826B21C1C3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{83545AE7-E6AD-4F85-8B79-EB490EA13526}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{0C70E531-49E3-4138-A6B1-8516DD2E00B4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{4B44C40B-FA1D-4A1C-9CD4-17D699AB9ED2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F86919E7-D2EF-49D7-840E-FF19FC614D58}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{004B3831-FBB1-4E79-8D77-A01F59C06520}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{194A5BB0-775F-4F2D-9115-0DE86C81A077}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{ECFFA4EC-51C0-414D-B846-D8D249DF8C6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/31/2015 10:45:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRSTLauncher.exe, verze: 30.9.13.1, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.17415, časové razítko: 0x54504ade
Kód výjimky: 0x0eedfade
Posun chyby: 0x00014598
ID chybujícího procesu: 0x1190
Čas spuštění chybující aplikace: 0xFRSTLauncher.exe0
Cesta k chybující aplikaci: FRSTLauncher.exe1
Cesta k chybujícímu modulu: FRSTLauncher.exe2
ID zprávy: FRSTLauncher.exe3
Úplný název chybujícího balíčku: FRSTLauncher.exe4
ID aplikace související s chybujícím balíčkem: FRSTLauncher.exe5

Error: (08/29/2015 09:50:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WWAHost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 8bc

Čas spuštění: 01d0e22f22b21d6a

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\WWAHost.exe

ID hlášení: 90f9497a-4e22-11e5-beab-4c72b9b544ec

Úplný název chybujícího balíčku: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy

ID aplikace související s chybujícím balíčkem: Windows.Store

Error: (08/29/2015 09:50:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KELOS-NB)
Description: Balíček winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (08/29/2015 09:49:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 153c

Čas spuštění: 01d0e1c205a1167c

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 890adb32-4e22-11e5-beab-4c72b9b544ec

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (08/29/2015 09:49:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KELOS-NB)
Description: Aplikaci BooStudioLLC.8ZipLite_b6e429xa66pga!App se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/29/2015 09:49:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KELOS-NB)
Description: Balíček BooStudioLLC.8ZipLite_1.1.0.10_x86__b6e429xa66pga+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (08/29/2015 09:49:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WSHost.exe, verze: 6.3.9600.17415, časové razítko: 0x545040f3
Název chybujícího modulu: WinStoreUI.dll, verze: 6.3.9600.17669, časové razítko: 0x54c984d7
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000569d9
ID chybujícího procesu: 0x19f0
Čas spuštění chybující aplikace: 0xWSHost.exe0
Cesta k chybující aplikaci: WSHost.exe1
Cesta k chybujícímu modulu: WSHost.exe2
ID zprávy: WSHost.exe3
Úplný název chybujícího balíčku: WSHost.exe4
ID aplikace související s chybujícím balíčkem: WSHost.exe5

Error: (08/29/2015 09:48:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KELOS-NB)
Description: Aplikaci winstore_cw5n1h2txyewy!Windows.Store se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/29/2015 09:48:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WWAHost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 134c

Čas spuštění: 01d0e22f1e707c76

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\WWAHost.exe

ID hlášení: 5d52fe36-4e22-11e5-beab-4c72b9b544ec

Úplný název chybujícího balíčku: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy

ID aplikace související s chybujícím balíčkem: Windows.Store

Error: (08/29/2015 09:48:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: KELOS-NB)
Description: Aplikace winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store se nespustila ve stanovenou dobu.


System errors:
=============
Error: (08/31/2015 10:49:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba AVGIDSAgent přestala během spouštění reagovat.

Error: (08/31/2015 10:48:11 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000005 (0xffffe0001c3054c0, 0xffffe0001ff6b080, 0x0000000000000000, 0x0000000000000001)C:\WINDOWS\MEMORY.DMP083115-44953-01

Error: (08/31/2015 10:47:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:46:37, ‎31. ‎8. ‎2015) bylo neočekávané.

Error: (08/31/2015 10:30:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba AVGIDSAgent přestala během spouštění reagovat.

Error: (08/29/2015 07:56:04 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače PAVILION-HP,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{05988249-AEFE-4D84-9EC2-3002A3724DCF}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (08/29/2015 07:41:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240020): Upgrade na Windows 10 Home.

Error: (08/29/2015 12:54:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073cf1): Microsoft.ZuneMusic.

Error: (08/29/2015 12:54:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073cf1): Microsoft.Reader.

Error: (08/29/2015 12:54:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073cf1): Microsoft.ZuneMusic.

Error: (08/29/2015 12:54:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073cf1): Microsoft.ZuneVideo.


Microsoft Office:
=========================

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
Percentage of memory in use: 31%
Total physical RAM: 3977.3 MB
Available physical RAM: 2734.53 MB
Total Virtual: 10091.02 MB
Available Virtual: 8755.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:18.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D2803EB6)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Notebook přestal komunikovat

Napsal: 01 zář 2015 08:14
od Márty84
:arrow: Pozor na pouzivani TuneUp. Dokaze to nadelat peknou paseku :boxed:


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kelos\Desktop" je 50547 MB.
:arrow: Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :)





:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)

HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={AE466608-34E6-4F73-B487-1785591E45E7}&mid=87540d908d2247d29dd19d3bff51ad1f-4e8b9981bb13bf31bda21fdad812285941212d6d&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-03-03 23:13:56&v=4.1.0.411&pid=wtu&sg=&sap=hp

CHR DefaultSuggestURL: Default -> https://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Extension: (AVG Secure Search) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-08-31]
CHR Extension: (Avast Online Security) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-31]
CHR Extension: (Spry this!) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2015-08-31]
CHR Extension: (CSS reload!) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2015-08-31]
CHR Extension: (WebSite Recommendation Lite) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jopdpbolklklaiookikgmdinfbooiipj [2015-08-31]

S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-03-17 935208]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]

2015-08-29 10:13 - 2015-08-29 10:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-29 10:12 - 2015-08-29 10:12 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Kelos\Downloads\mbam-setup-2.1.8.1057.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Re: Notebook přestal komunikovat

Napsal: 01 zář 2015 19:15
od Daveson
Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Kelos (2015-09-01 20:04:39) Run:1
Running from C:\Users\Kelos\Desktop
Loaded Profiles: Kelos (Available Profiles: Kelos)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)

HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={AE466608-34E6-4F73-B487-1785591E45E7}&mid=87540d908d2247d29dd19d3bff51ad1f-4e8b9981bb13bf31bda21fdad812285941212d6d&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-03-03 23:13:56&v=4.1.0.411&pid=wtu&sg=&sap=hp

CHR DefaultSuggestURL: Default -> https://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Extension: (AVG Secure Search) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-08-31]
CHR Extension: (Avast Online Security) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-31]
CHR Extension: (Spry this!) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2015-08-31]
CHR Extension: (CSS reload!) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2015-08-31]
CHR Extension: (WebSite Recommendation Lite) - C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jopdpbolklklaiookikgmdinfbooiipj [2015-08-31]

S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-03-17 935208]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]

2015-08-29 10:13 - 2015-08-29 10:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-29 10:12 - 2015-08-29 10:12 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Kelos\Downloads\mbam-setup-2.1.8.1057.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-2604199024-2899163858-2028386788-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
Chrome DefaultSuggestURL not found.
C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn => moved successfully
C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => moved successfully
C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam => moved successfully
C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba => moved successfully
C:\Users\Kelos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jopdpbolklklaiookikgmdinfbooiipj => moved successfully
MBAMSwissArmy => service removed successfully
AdobeARMservice => service removed successfully
Nero BackItUp Scheduler 4.0 => Unable to stop service.
Nero BackItUp Scheduler 4.0 => service removed successfully
gupdate => service removed successfully
gupdatem => service removed successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Users\Kelos\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 85.2 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 20:05:25 ====

Jo a ten Tune up kdoví kdo mu tam nainstaloval, stejně bych jej odstranil.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz