VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosim o kontrolu logu !!!!

https://forum.viry.cz:443/viewtopic.php?t=146747

Stránka 1 z 1

Prosim o kontrolu logu !!!!

Napsal: 06 lis 2015 11:49
od Marty1
Ahoj moc prosim o pomoc, stáhlo se me v pdf nejake svinstvo do pc a nemohu to dostat pryč. Děkuji za pomoc...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Marty (administrator) on MARTY (06-11-2015 23:36:56)
Running from C:\Users\Marty\Desktop
Loaded Profiles: Marty (Available Profiles: Marty)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Audio\OSD\RTVOSD64.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15081.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-14] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-19] (Hewlett-Packard Company)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-28] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-24] (Apple Inc.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-01-25] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-24] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2400494405-3608859707-3491806550-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-02-22] (Hewlett-Packard Company)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-04-22] (EasyBits Software Corp.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 203.97.78.43 203.97.78.44
Tcpip\..\Interfaces\{374b2eaa-15f5-49cf-9585-031109e33748}: [DhcpNameServer] 203.97.78.43 203.97.78.44

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1446 ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1446 ... earchTerms}
SearchScopes: HKLM-x32 -> {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> DefaultScope {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\2gbkyg0m.default-1446713449589
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-22] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!8DAC6E5E09D5BD5FE68C4BF2E7E9FBE08DAC.js [2015-11-06]

Opera:
=======
OPR Extension: (CinemaP-1.9cV05.11) - C:\Users\Marty\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-03] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-29] (Broadcom Corporation.)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-19] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-12] (Microsoft Corporation)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-06-28] (PS Media s.r.o.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-12] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-12] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-29] (Broadcom Corporation.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-12] (Microsoft Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-06 23:30 - 2015-11-06 23:37 - 00015062 _____ C:\Users\Marty\Desktop\FRST.txt
2015-11-06 23:30 - 2015-11-06 23:36 - 00000000 ____D C:\FRST
2015-11-06 23:29 - 2015-11-06 23:30 - 02198528 _____ (Farbar) C:\Users\Marty\Desktop\FRST64.exe
2015-11-06 23:22 - 2015-11-06 23:22 - 00016148 _____ C:\WINDOWS\system32\MARTY_Marty_HistoryPrediction.bin
2015-11-06 20:06 - 2015-11-06 23:25 - 00000000 ____D C:\AdwCleaner
2015-11-06 20:05 - 2015-11-06 20:06 - 01713664 _____ C:\Users\Marty\Desktop\adwcleaner_5.018.exe
2015-11-06 19:36 - 2015-11-06 19:37 - 00000000 ____D C:\ProgramData\iWMiniProi
2015-11-06 19:36 - 2015-11-06 19:36 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-06 19:33 - 2015-11-06 19:33 - 00003150 _____ C:\WINDOWS\System32\Tasks\Rush Form
2015-11-06 19:33 - 2015-11-06 19:33 - 00000000 ____D C:\Users\Marty\AppData\Local\Rush Form
2015-11-05 21:30 - 2015-11-06 21:30 - 00001006 _____ C:\WINDOWS\Tasks\R9citbZmsAD.job
2015-11-05 21:30 - 2015-11-05 21:30 - 00004136 _____ C:\WINDOWS\System32\Tasks\R9citbZmsAD
2015-11-05 21:29 - 2015-11-06 19:55 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-05 21:28 - 2015-11-05 21:28 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Opera Software
2015-11-05 21:28 - 2015-11-05 21:28 - 00000000 ____D C:\Users\Marty\AppData\Local\Opera Software
2015-11-05 21:28 - 2009-06-11 10:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-05 21:27 - 2015-11-05 21:30 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-05 18:31 - 2015-11-05 21:22 - 00000000 ____D C:\Users\Marty\Desktop\NZ-doklady
2015-11-04 10:24 - 2015-11-06 19:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 23:19 - 2015-11-03 23:20 - 07008328 _____ C:\Users\Marty\Downloads\prilohy_25668.zip
2015-11-03 16:03 - 2015-11-03 16:03 - 00035471 _____ C:\Users\Marty\Downloads\e-visa.html
2015-10-30 18:53 - 2015-10-28 12:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 18:53 - 2015-10-28 12:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 18:53 - 2015-10-22 01:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 18:53 - 2015-10-22 01:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 18:53 - 2015-10-22 01:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 18:53 - 2015-10-22 01:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 18:53 - 2015-10-22 01:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 18:53 - 2015-10-22 01:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 18:53 - 2015-10-22 00:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 18:53 - 2015-10-22 00:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 18:53 - 2015-10-22 00:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 18:53 - 2015-10-22 00:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 18:53 - 2015-10-22 00:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 18:53 - 2015-10-22 00:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 18:53 - 2015-10-22 00:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 18:53 - 2015-10-22 00:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 18:53 - 2015-10-22 00:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 18:53 - 2015-10-22 00:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 18:53 - 2015-10-22 00:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 18:53 - 2015-10-22 00:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 18:53 - 2015-10-22 00:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 18:53 - 2015-10-22 00:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 18:53 - 2015-10-22 00:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 18:53 - 2015-10-21 18:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 18:53 - 2015-10-21 18:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 18:53 - 2015-10-21 18:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 18:53 - 2015-10-21 18:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 18:53 - 2015-10-21 18:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 18:53 - 2015-10-21 18:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 18:53 - 2015-10-21 18:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 18:53 - 2015-10-21 18:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 18:53 - 2015-10-21 17:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 18:53 - 2015-10-21 17:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 18:53 - 2015-10-21 17:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 18:52 - 2015-11-06 21:11 - 00000000 ____D C:\Users\Marty\Desktop\Foto NZ
2015-10-27 02:13 - 2015-10-27 02:44 - 00000000 ____D C:\Users\Marty\Downloads\Muzika
2015-10-26 10:19 - 2015-10-27 02:28 - 00000000 ____D C:\Users\Marty\Downloads\Aj
2015-10-24 08:43 - 2015-10-27 02:28 - 00000000 ____D C:\Users\Marty\Downloads\Surové Foto
2015-10-24 08:42 - 2015-10-24 08:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-10-21 09:25 - 2015-10-21 09:25 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-21 09:25 - 2015-10-21 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-21 09:24 - 2015-10-21 09:25 - 00000000 ____D C:\Program Files\iTunes
2015-10-21 09:24 - 2015-10-21 09:24 - 00000000 ____D C:\Program Files\iPod
2015-10-21 09:24 - 2015-10-21 09:24 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-21 09:20 - 2015-10-21 09:20 - 00000000 ____D C:\Program Files\Bonjour
2015-10-21 09:20 - 2015-10-21 09:20 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-21 09:19 - 2015-10-21 09:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-10-21 09:19 - 2015-10-21 09:19 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-20 01:11 - 2015-10-20 01:12 - 00000000 ____D C:\Users\Marty\Downloads\Pojištění New Zeland
2015-10-15 05:46 - 2015-10-06 16:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-15 05:46 - 2015-10-01 17:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-15 05:46 - 2015-09-25 16:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-15 05:46 - 2015-09-25 16:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-15 05:46 - 2015-09-25 16:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-15 05:46 - 2015-09-25 15:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-15 05:45 - 2015-10-10 20:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-15 05:45 - 2015-10-06 15:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-15 05:45 - 2015-10-01 17:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-15 05:45 - 2015-10-01 17:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-15 05:45 - 2015-10-01 17:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-15 05:45 - 2015-10-01 17:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-15 05:45 - 2015-10-01 16:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-15 05:45 - 2015-09-25 17:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-15 05:45 - 2015-09-25 17:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-15 05:45 - 2015-09-25 16:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-15 05:45 - 2015-09-25 16:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-15 05:45 - 2015-09-25 16:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-15 05:45 - 2015-09-25 16:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-15 05:45 - 2015-09-25 16:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-15 05:45 - 2015-09-25 16:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-15 05:45 - 2015-09-25 16:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-15 05:45 - 2015-09-25 16:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-15 05:45 - 2015-09-25 16:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-15 05:45 - 2015-09-25 16:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-15 05:45 - 2015-09-25 16:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-15 05:45 - 2015-09-25 16:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-15 05:45 - 2015-09-25 16:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-15 05:45 - 2015-09-25 16:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-15 05:45 - 2015-09-25 16:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-15 05:45 - 2015-09-25 16:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-15 05:45 - 2015-09-25 16:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-15 05:45 - 2015-09-25 16:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-15 05:45 - 2015-09-25 15:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-15 05:45 - 2015-09-25 15:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-15 05:45 - 2015-09-25 15:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-15 05:45 - 2015-09-25 15:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-15 05:45 - 2015-09-25 15:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-15 05:45 - 2015-09-25 15:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-15 05:45 - 2015-09-25 15:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-15 05:45 - 2015-09-25 15:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-15 05:45 - 2015-09-25 15:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-15 05:45 - 2015-09-25 15:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-15 05:45 - 2015-09-25 15:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-15 05:45 - 2015-09-25 15:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-15 05:45 - 2015-09-25 15:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-15 05:45 - 2015-09-25 15:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 04:39 - 2015-11-01 18:57 - 00000000 ____D C:\Users\Marty\Downloads\NZ

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-06 23:33 - 2015-06-28 03:24 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-06 23:30 - 2015-07-11 00:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-06 23:29 - 2015-07-02 22:30 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-06 23:22 - 2015-07-11 01:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 20:36 - 2015-09-12 05:23 - 02030468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-06 20:36 - 2015-07-11 05:02 - 00840160 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-06 20:36 - 2015-07-11 05:02 - 00191452 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-06 20:32 - 2015-06-28 03:24 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-06 20:28 - 2015-06-28 03:30 - 00000000 _____ C:\WINDOWS\SysWOW64\sinstall.log
2015-11-06 20:27 - 2015-07-11 01:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 20:27 - 2015-07-10 22:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-06 20:12 - 2015-09-12 05:16 - 00018816 _____ C:\WINDOWS\PFRO.log
2015-11-06 19:42 - 2015-09-12 05:25 - 00000000 ____D C:\Users\Marty
2015-11-06 19:34 - 2015-09-15 07:42 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-06 19:01 - 2015-06-28 03:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-06 10:53 - 2015-07-11 00:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-06 09:18 - 2015-08-09 07:14 - 00000000 ____D C:\Program Files\WinRAR
2015-11-05 23:11 - 2015-09-15 07:39 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{160ABBCC-9281-4169-8CC2-013B860B9CFB}
2015-11-05 18:41 - 2015-07-11 01:20 - 00024867 _____ C:\WINDOWS\setupact.log
2015-11-03 16:05 - 2015-09-03 06:34 - 00000000 ____D C:\Users\Marty\Downloads\Dokumenty
2015-11-03 14:54 - 2015-08-23 03:15 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMarty.job
2015-11-03 14:43 - 2015-07-01 21:32 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-11-01 19:17 - 2015-07-11 00:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 18:26 - 2015-07-11 00:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-01 08:07 - 2015-09-12 06:00 - 00002397 _____ C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-01 08:07 - 2015-09-12 06:00 - 00000000 ___RD C:\Users\Marty\OneDrive
2015-10-30 20:33 - 2015-07-16 08:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-30 20:32 - 2015-07-16 08:23 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 20:25 - 2015-07-10 23:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-27 23:49 - 2015-08-03 06:39 - 00000000 ____D C:\Users\Marty\Downloads\filmy
2015-10-24 08:47 - 2015-07-26 04:51 - 00000000 ____D C:\Users\Marty\Downloads\Prodej
2015-10-22 21:54 - 2015-07-11 01:20 - 04828232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-22 07:00 - 2010-04-22 07:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-22 07:00 - 2010-04-22 07:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-10-22 07:00 - 2010-04-22 07:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-22 07:00 - 2010-04-22 07:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-22 06:58 - 2015-07-11 05:05 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-22 06:57 - 2015-07-11 00:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-21 09:24 - 2015-06-28 04:13 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-21 09:19 - 2015-06-28 04:13 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-16 16:10 - 2015-07-11 00:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 16:10 - 2015-07-11 00:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 05:57 - 2015-06-28 03:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 05:51 - 2015-06-28 03:45 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 04:37 - 2015-06-28 04:16 - 00000000 ____D C:\Users\Marty\Downloads\Programy

==================== Files in the root of some directories =======

2015-04-15 05:28 - 2015-04-15 05:28 - 0001171 _____ () C:\Users\Marty\AppData\Roaming\R9citbZmsAD
2015-04-21 03:05 - 2015-04-21 03:05 - 1246720 _____ () C:\Users\Marty\AppData\Roaming\R9citbZmsAD.exe
2010-07-09 21:08 - 2010-07-09 21:08 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-04-22 08:06 - 2010-04-22 08:07 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-07-09 21:08 - 2010-07-09 21:08 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2015-11-06 19:36 - 2015-11-06 19:36 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2010-04-22 08:02 - 2010-04-22 08:03 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-09 21:07 - 2010-07-09 21:07 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-07-09 21:08 - 2010-07-09 21:08 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-04-22 08:02 - 2010-04-22 08:02 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-04-22 08:03 - 2010-04-22 08:06 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-07-09 21:08 - 2010-07-09 21:09 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\Marty\AppData\Local\Temp\8729.exe
C:\Users\Marty\AppData\Local\Temp\avg89F9.exe
C:\Users\Marty\AppData\Local\Temp\bitool.dll
C:\Users\Marty\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Marty\AppData\Local\Temp\Toyota Emina Owners Manua__10924_i1732822328_il783142.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-01 16:01

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Marty (2015-11-06 23:37:33)
Running from C:\Users\Marty\Desktop
Windows 10 Home (X64) (2015-09-11 16:55:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2400494405-3608859707-3491806550-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2400494405-3608859707-3491806550-503 - Limited - Disabled)
Guest (S-1-5-21-2400494405-3608859707-3491806550-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2400494405-3608859707-3491806550-1002 - Limited - Enabled)
Marty (S-1-5-21-2400494405-3608859707-3491806550-1001 - Administrator - Enabled) => C:\Users\Marty

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
Bus Driver (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2527 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.3810 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{E2831862-F131-4327-B9CC-FA30F587EB6C}) (Version: 1.2.3988.3281 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{223E2363-6643-49CB-A062-59A9858EE8EE}) (Version: 3.5.17.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}) (Version: 4.3.1.2 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0211 (HKLM-x32\...\{F37935A0-AFC8-47F9-8B7D-D09E88FCA0B8}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{3587A2A6-C206-46CE-B050-D9024F22BCC8}) (Version: 4.0.4.2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2515 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3715 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3715 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2514 - CyberLink Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6066 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2512 - CyberLink Corp.) Hidden
Search App by Ask (HKLM-x32\...\{4646332D-5350-006A-76A7-A758B70C2300}) (Version: 12.35.0.2332 - APN, LLC) <==== ATTENTION
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\7E38E30BB92ED94B21CF062A7386554CBA991FEB) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoner Photo Studio 14 (HKLM\...\ZonerPhotoStudio14_CZ_is1) (Version: 14.0.1.1 - ZONER software)
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marty\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Restore Points =========================

21-10-2015 08:55:31 Windows Update
30-10-2015 20:24:11 Windows Update
06-11-2015 20:09:30 zavir

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 15:34 - 2009-06-11 10:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BFBDA6-D286-45A5-B120-D0C01C86AF73} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {02FC0676-2E13-4504-B426-52FBA28EAF1F} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: {0A9C59B3-4214-466E-A6B8-B21F36478D24} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {0DCB2188-EBED-464E-8DB5-AF8F008EF12A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0EF4FEBB-33E1-4B97-A807-B0E4BC026682} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {108161A3-FFB3-4236-BDA0-B6CE9007020F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {18F15E2C-66BD-4299-A9F3-FCE13D77C335} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-10-27] (Microsoft)
Task: {1B76F319-18F0-4DEA-8010-4B080BC7EA6F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {1DA917BA-AEE0-4B49-B61E-0257E1DDE160} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {1E674A1E-01B1-4498-A079-3A88C4CAF645} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-11] (Hewlett-Packard)
Task: {1F35AE1D-5996-4B3E-9885-E77C9F3E4A8F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {217AE2C5-51CF-431B-9738-2C42FC116326} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {248D2654-0D95-4A9F-A28A-4E9E6AD6ED84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {37BEEDB9-9257-43CD-87E1-BF8342371560} - System32\Tasks\Rush Form => Rundll32.exe "C:\Users\Marty\AppData\Local\Rush Form\xBin\RushForm.dll",#3 <==== ATTENTION
Task: {3879F12C-54AA-4F66-84CA-9111C80B9A05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3C43DE1B-2706-4FEA-A162-2A6AA0BEE773} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {43AB671C-6C01-4FBE-A6F2-0B6E81A62A4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4AADFB92-5C7F-44D9-B63F-F833366CFA86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4B11E67B-A247-460D-B75E-29A226E1778E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4CE71AF8-026F-4660-8B5C-85D12942F744} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4D29B63B-F59F-4378-836F-52B6D9E1F97A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {53B39A4D-CCE5-49E8-88EA-7D0E3339260D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {65E6DC81-86FD-46AB-99AE-49817B89B52A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {696CB952-0521-4BD3-B538-74482529CE5F} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: {7646B04F-8B4A-4B17-B2DB-F34A8AAD2948} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-11] (Hewlett-Packard)
Task: {7A4705C9-6571-41D9-A356-E8A8A931C5B4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {7B0D5ADC-24E4-4C83-A73C-BDB607240EA4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7FD61285-E14B-4D11-B397-0EB1AF65C65D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {80F6D14D-A5B7-4518-98A9-08519B2C8506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8213DEF7-BB36-4F86-8826-A06FAAF6F045} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {82E64C96-AD35-4989-9DE0-8BF1B9881BA5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {961BE89C-C356-41F6-8723-AF3E40D3EF0A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A2CFCE9B-670A-4A2A-8343-BF380A8B3540} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {A89E2172-53AA-4F73-80A7-239E92FDA83C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {AE0F3027-B80E-42DE-9B61-65A15B39ED3E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B0F27CA2-8305-4DD5-B8D8-7F816E755140} - System32\Tasks\AdobeAAMUpdater-1.0-Marty-PC-Marty => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {BE6514E0-BA0F-4821-AC83-C52812024515} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C2847093-08C0-456E-AFEF-7A9F7A4C7553} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CD408371-C465-4292-802F-4851E7147F58} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {CEDA7D15-9906-4313-8D28-7E364EB885FE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D7D00AF6-E118-45B0-9C57-52E8E67481A7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D7D68672-ABAE-477C-8989-24E9A24391EC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18] (Adobe Systems Incorporated)
Task: {DAC516A6-0219-41E1-9250-73F4F9837BA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-10-27] (Microsoft)
Task: {DB7CB752-E4EA-452F-B03B-62738F43A0D2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {E53747F2-22B2-42B6-982F-E4884E08CF6E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {E58EA7C3-74EB-4B6A-B3FE-2C0994E4A844} - System32\Tasks\R9citbZmsAD => C:\Users\Marty\AppData\Roaming\R9citbZmsAD.exe [2015-04-21] () <==== ATTENTION
Task: {F819DBF7-4AFF-4B43-9584-28A243893F7D} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {F97508B3-2DBD-4337-87C2-08145DE76CEE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {FF89C9B1-BC4C-413E-9E9F-E2BB7E80D08E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMarty.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\R9citbZmsAD.job => C:\Users\Marty\AppData\Roaming\R9citbZmsAD.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-09-12 06:08 - 2015-09-12 06:08 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-12 06:08 - 2015-09-12 06:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-03-21 05:12 - 2015-03-21 05:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-24 03:47 - 2015-09-24 03:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-19 02:04 - 2010-01-19 02:04 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2010-01-28 01:01 - 2010-01-28 01:01 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2015-10-02 02:20 - 2015-09-17 19:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-02 02:20 - 2015-09-17 19:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-02 02:20 - 2015-09-17 18:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 23:59 - 2015-07-10 23:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-02 02:20 - 2015-09-17 18:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-02 02:19 - 2015-09-17 18:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-02 02:20 - 2015-09-17 18:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-02 02:20 - 2015-09-17 18:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-11 00:00 - 2015-07-11 05:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2012-11-27 10:54 - 2012-11-27 10:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-01-28 01:01 - 2010-01-28 01:01 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-01-28 01:01 - 2010-01-28 01:01 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2015-10-27 20:00 - 2015-10-27 20:00 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-27 20:00 - 2015-10-27 20:00 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-10-27 20:00 - 2015-10-27 20:00 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-10-23 20:20 - 2015-10-23 20:20 - 03498496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
2010-02-22 22:19 - 2010-02-22 22:19 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-02-22 22:19 - 2010-02-22 22:19 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-02-22 22:19 - 2010-02-22 22:19 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2400494405-3608859707-3491806550-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marty\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 203.97.78.43 - 203.97.78.44
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{BA1E20D0-4684-4563-ABBE-AC71E54A8EDB}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Block) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [TCP Query User{FDCCD7C5-03D6-458A-9DB9-63DF00B46DF9}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Block) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [{6E6E8F12-BC48-4F42-9B79-D8235BA93259}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{F66BAF2E-0652-43E1-97F1-486A95436427}] => (Allow) svchost.exe
FirewallRules: [{7602E999-45FF-43CC-B9A6-40E1633E0A2F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{76DC0604-A20E-47D2-BF6C-952E63D0E004}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{2EED17CA-8DAA-4B45-BE6B-5E51E4AC4CE7}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe
FirewallRules: [{E5162728-F904-4A95-BB13-6C4C74422C17}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe
FirewallRules: [{227FD0C3-80A6-4492-B93D-BD73A3D74B21}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{C08F620B-0B67-4078-823C-75A4228CA055}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{83CAC846-5ABC-465A-8983-48952837C86D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BED92A4-C5D7-4603-938C-E02A9A267805}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{15B9AE02-CCFB-40C6-B6D6-38F0FC20D72B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EED61B4D-5CFA-41F0-9DFD-C38D71137155}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61E6138D-9B99-4D5B-BB6F-981938337BF3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{873BB045-D815-4FA4-9CFD-CA29F8047BF8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{20AB7847-2D98-490D-9799-274E4D081EBF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA5DBA09-E0CC-4B74-B3EB-02135A6E4991}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/06/2015 08:31:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTY)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/06/2015 08:10:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_5.018.exe, verze: 5.0.1.8, časové razítko: 0x563b2147
Název chybujícího modulu: adwcleaner_5.018.exe, verze: 5.0.1.8, časové razítko: 0x563b2147
Kód výjimky: 0xc0000005
Posun chyby: 0x0001f3de
ID chybujícího procesu: 0x19b0
Čas spuštění chybující aplikace: 0xadwcleaner_5.018.exe0
Cesta k chybující aplikaci: adwcleaner_5.018.exe1
Cesta k chybujícímu modulu: adwcleaner_5.018.exe2
ID zprávy: adwcleaner_5.018.exe3
Úplný název chybujícího balíčku: adwcleaner_5.018.exe4
ID aplikace související s chybujícím balíčkem: adwcleaner_5.018.exe5

Error: (11/06/2015 08:09:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (11/06/2015 07:53:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTY)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/06/2015 07:42:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTY)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/06/2015 07:42:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTY)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/06/2015 12:07:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 530500

Error: (11/06/2015 12:07:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 530500

Error: (11/06/2015 12:07:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/05/2015 11:46:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 581000


System errors:
=============
Error: (11/06/2015 08:31:41 PM) (Source: DCOM) (EventID: 10010) (User: MARTY)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (11/06/2015 08:31:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/06/2015 08:27:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Adaptér naslouchání Net.Tcp závisí na službě Služba sdílení portů Net.Tcp, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (11/06/2015 08:27:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (11/06/2015 08:27:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (11/06/2015 08:27:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (11/06/2015 08:27:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/06/2015 08:27:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management & Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/06/2015 08:27:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba hpqwmiex byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/06/2015 08:27:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Wireless Assistant Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2015-11-06 23:26:15.961
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:26:15.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:24:19.749
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:24:19.733
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:24:19.694
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:24:19.678
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:24:19.508
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:24:19.485
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:24:19.424
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:24:19.402
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 44%
Total physical RAM: 3893.86 MB
Available physical RAM: 2146.95 MB
Total Virtual: 7861.86 MB
Available Virtual: 6033.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:284.14 GB) (Free:224.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.66 GB) (Free:1.95 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 563E892D)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=284.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End of Addition.txt ============================

Re: Prosim o kontrolu logu !!!!

Napsal: 06 lis 2015 17:55
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosim o kontrolu logu !!!!

Napsal: 06 lis 2015 21:22
od Marty1
# AdwCleaner v5.018 - Logfile created 07/11/2015 at 09:16:34
# Updated 05/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Marty - MARTY
# Running from : C:\Users\Marty\Desktop\adwcleaner_5.018.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9563BC59-9556-4805-8CD4-886781779D8D}
[!] Key Not Deleted : HKU\S-1-5-21-2400494405-3608859707-3491806550-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9563BC59-9556-4805-8CD4-886781779D8D}

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [936 bytes] ##########

Re: Prosim o kontrolu logu !!!!

Napsal: 06 lis 2015 21:49
od Rudy
Dejte nový log FRST.

Re: Prosim o kontrolu logu !!!!

Napsal: 06 lis 2015 22:46
od Marty1
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Marty (administrator) on MARTY (07-11-2015 10:43:37)
Running from C:\Users\Marty\Desktop
Loaded Profiles: Marty (Available Profiles: Marty)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Audio\OSD\RTVOSD64.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15081.0_x64__8wekyb3d8bbwe\Video.UI.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-14] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-19] (Hewlett-Packard Company)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-28] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-24] (Apple Inc.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-01-25] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-24] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2400494405-3608859707-3491806550-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-02-22] (Hewlett-Packard Company)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-04-22] (EasyBits Software Corp.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 203.97.78.43 203.97.78.44
Tcpip\..\Interfaces\{374b2eaa-15f5-49cf-9585-031109e33748}: [DhcpNameServer] 203.97.78.43 203.97.78.44

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1446 ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1446 ... earchTerms}
SearchScopes: HKLM-x32 -> {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> DefaultScope {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\2gbkyg0m.default-1446713449589
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-22] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!8DAC6E5E09D5BD5FE68C4BF2E7E9FBE08DAC.js [2015-11-06]

Opera:
=======
OPR Extension: (CinemaP-1.9cV05.11) - C:\Users\Marty\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-03] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-29] (Broadcom Corporation.)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-19] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-12] (Microsoft Corporation)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-06-28] (PS Media s.r.o.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-12] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-12] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-29] (Broadcom Corporation.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-12] (Microsoft Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-07 10:43 - 2015-11-07 10:44 - 00015077 _____ C:\Users\Marty\Desktop\FRST.txt
2015-11-07 10:42 - 2015-11-07 10:42 - 00016148 _____ C:\WINDOWS\system32\MARTY_Marty_HistoryPrediction.bin
2015-11-06 23:30 - 2015-11-07 10:43 - 00000000 ____D C:\FRST
2015-11-06 23:29 - 2015-11-06 23:30 - 02198528 _____ (Farbar) C:\Users\Marty\Desktop\FRST64.exe
2015-11-06 20:06 - 2015-11-07 09:16 - 00000000 ____D C:\AdwCleaner
2015-11-06 20:05 - 2015-11-07 09:15 - 01713664 _____ C:\Users\Marty\Desktop\adwcleaner_5.018.exe
2015-11-06 19:36 - 2015-11-06 19:37 - 00000000 ____D C:\ProgramData\iWMiniProi
2015-11-06 19:36 - 2015-11-06 19:36 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-06 19:33 - 2015-11-06 19:33 - 00003150 _____ C:\WINDOWS\System32\Tasks\Rush Form
2015-11-06 19:33 - 2015-11-06 19:33 - 00000000 ____D C:\Users\Marty\AppData\Local\Rush Form
2015-11-05 21:30 - 2015-11-07 09:59 - 00001006 _____ C:\WINDOWS\Tasks\R9citbZmsAD.job
2015-11-05 21:30 - 2015-11-05 21:30 - 00004136 _____ C:\WINDOWS\System32\Tasks\R9citbZmsAD
2015-11-05 21:29 - 2015-11-06 19:55 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-05 21:28 - 2015-11-05 21:28 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Opera Software
2015-11-05 21:28 - 2015-11-05 21:28 - 00000000 ____D C:\Users\Marty\AppData\Local\Opera Software
2015-11-05 21:28 - 2009-06-11 10:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-05 21:27 - 2015-11-05 21:30 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-05 18:31 - 2015-11-05 21:22 - 00000000 ____D C:\Users\Marty\Desktop\NZ-doklady
2015-11-04 10:24 - 2015-11-06 19:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-30 18:53 - 2015-10-28 12:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 18:53 - 2015-10-28 12:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 18:53 - 2015-10-22 01:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 18:53 - 2015-10-22 01:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 18:53 - 2015-10-22 01:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 18:53 - 2015-10-22 01:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 18:53 - 2015-10-22 01:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 18:53 - 2015-10-22 01:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 18:53 - 2015-10-22 00:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 18:53 - 2015-10-22 00:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 18:53 - 2015-10-22 00:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 18:53 - 2015-10-22 00:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 18:53 - 2015-10-22 00:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 18:53 - 2015-10-22 00:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 18:53 - 2015-10-22 00:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 18:53 - 2015-10-22 00:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 18:53 - 2015-10-22 00:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 18:53 - 2015-10-22 00:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 18:53 - 2015-10-22 00:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 18:53 - 2015-10-22 00:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 18:53 - 2015-10-22 00:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 18:53 - 2015-10-22 00:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 18:53 - 2015-10-22 00:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 18:53 - 2015-10-21 18:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 18:53 - 2015-10-21 18:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 18:53 - 2015-10-21 18:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 18:53 - 2015-10-21 18:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 18:53 - 2015-10-21 18:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 18:53 - 2015-10-21 18:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 18:53 - 2015-10-21 18:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 18:53 - 2015-10-21 18:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 18:53 - 2015-10-21 17:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 18:53 - 2015-10-21 17:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 18:53 - 2015-10-21 17:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 18:52 - 2015-11-07 08:50 - 00000000 ____D C:\Users\Marty\Desktop\Foto NZ
2015-10-27 02:13 - 2015-10-27 02:44 - 00000000 ____D C:\Users\Marty\Downloads\Muzika
2015-10-24 08:42 - 2015-10-24 08:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-10-21 09:25 - 2015-10-21 09:25 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-21 09:25 - 2015-10-21 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-21 09:24 - 2015-10-21 09:25 - 00000000 ____D C:\Program Files\iTunes
2015-10-21 09:24 - 2015-10-21 09:24 - 00000000 ____D C:\Program Files\iPod
2015-10-21 09:24 - 2015-10-21 09:24 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-21 09:20 - 2015-10-21 09:20 - 00000000 ____D C:\Program Files\Bonjour
2015-10-21 09:20 - 2015-10-21 09:20 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-21 09:19 - 2015-10-21 09:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-10-21 09:19 - 2015-10-21 09:19 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-15 05:46 - 2015-10-06 16:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-15 05:46 - 2015-10-01 17:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-15 05:46 - 2015-09-25 16:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-15 05:46 - 2015-09-25 16:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-15 05:46 - 2015-09-25 16:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-15 05:46 - 2015-09-25 15:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-15 05:45 - 2015-10-10 20:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-15 05:45 - 2015-10-06 15:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-15 05:45 - 2015-10-01 17:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-15 05:45 - 2015-10-01 17:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-15 05:45 - 2015-10-01 17:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-15 05:45 - 2015-10-01 17:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-15 05:45 - 2015-10-01 16:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-15 05:45 - 2015-09-25 17:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-15 05:45 - 2015-09-25 17:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-15 05:45 - 2015-09-25 16:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-15 05:45 - 2015-09-25 16:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-15 05:45 - 2015-09-25 16:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-15 05:45 - 2015-09-25 16:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-15 05:45 - 2015-09-25 16:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-15 05:45 - 2015-09-25 16:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-15 05:45 - 2015-09-25 16:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-15 05:45 - 2015-09-25 16:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-15 05:45 - 2015-09-25 16:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-15 05:45 - 2015-09-25 16:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-15 05:45 - 2015-09-25 16:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-15 05:45 - 2015-09-25 16:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-15 05:45 - 2015-09-25 16:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-15 05:45 - 2015-09-25 16:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-15 05:45 - 2015-09-25 16:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-15 05:45 - 2015-09-25 16:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-15 05:45 - 2015-09-25 16:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-15 05:45 - 2015-09-25 16:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-15 05:45 - 2015-09-25 15:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-15 05:45 - 2015-09-25 15:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-15 05:45 - 2015-09-25 15:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-15 05:45 - 2015-09-25 15:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-15 05:45 - 2015-09-25 15:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-15 05:45 - 2015-09-25 15:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-15 05:45 - 2015-09-25 15:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-15 05:45 - 2015-09-25 15:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-15 05:45 - 2015-09-25 15:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-15 05:45 - 2015-09-25 15:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-15 05:45 - 2015-09-25 15:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-15 05:45 - 2015-09-25 15:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-15 05:45 - 2015-09-25 15:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-15 05:45 - 2015-09-25 15:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-15 05:45 - 2015-09-25 15:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-15 05:45 - 2015-09-25 15:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 04:39 - 2015-11-01 18:57 - 00000000 ____D C:\Users\Marty\Downloads\NZ

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-07 10:42 - 2015-07-11 01:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-07 10:33 - 2015-06-28 03:24 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-07 10:29 - 2015-07-02 22:30 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-07 10:18 - 2015-07-11 00:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-07 09:27 - 2015-09-15 07:39 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{160ABBCC-9281-4169-8CC2-013B860B9CFB}
2015-11-07 09:22 - 2015-09-12 05:23 - 02030468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-07 09:22 - 2015-07-11 05:02 - 00840160 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-07 09:22 - 2015-07-11 05:02 - 00191452 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-07 09:18 - 2015-06-28 03:24 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 09:17 - 2015-07-11 01:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-07 09:17 - 2015-07-10 22:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-07 09:17 - 2015-06-28 03:30 - 00000000 _____ C:\WINDOWS\SysWOW64\sinstall.log
2015-11-07 08:51 - 2015-07-11 00:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-07 08:50 - 2015-09-03 06:34 - 00000000 ____D C:\Users\Marty\Downloads\Dokumenty
2015-11-06 20:12 - 2015-09-12 05:16 - 00018816 _____ C:\WINDOWS\PFRO.log
2015-11-06 19:42 - 2015-09-12 05:25 - 00000000 ____D C:\Users\Marty
2015-11-06 19:34 - 2015-09-15 07:42 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-06 19:01 - 2015-06-28 03:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-06 09:18 - 2015-08-09 07:14 - 00000000 ____D C:\Program Files\WinRAR
2015-11-05 18:41 - 2015-07-11 01:20 - 00024867 _____ C:\WINDOWS\setupact.log
2015-11-03 14:54 - 2015-08-23 03:15 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMarty.job
2015-11-03 14:43 - 2015-07-01 21:32 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-11-01 19:17 - 2015-07-11 00:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 18:26 - 2015-07-11 00:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-01 08:07 - 2015-09-12 06:00 - 00002397 _____ C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-01 08:07 - 2015-09-12 06:00 - 00000000 ___RD C:\Users\Marty\OneDrive
2015-10-30 20:33 - 2015-07-16 08:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-30 20:32 - 2015-07-16 08:23 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 20:25 - 2015-07-10 23:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-27 23:49 - 2015-08-03 06:39 - 00000000 ____D C:\Users\Marty\Downloads\filmy
2015-10-24 08:47 - 2015-07-26 04:51 - 00000000 ____D C:\Users\Marty\Downloads\Prodej
2015-10-22 21:54 - 2015-07-11 01:20 - 04828232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-22 07:00 - 2010-04-22 07:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-22 07:00 - 2010-04-22 07:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-10-22 07:00 - 2010-04-22 07:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-22 07:00 - 2010-04-22 07:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-22 06:58 - 2015-07-11 05:05 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-22 06:57 - 2015-07-11 00:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-21 09:24 - 2015-06-28 04:13 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-21 09:19 - 2015-06-28 04:13 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-16 16:10 - 2015-07-11 00:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 16:10 - 2015-07-11 00:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 05:57 - 2015-06-28 03:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 05:51 - 2015-06-28 03:45 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 04:37 - 2015-06-28 04:16 - 00000000 ____D C:\Users\Marty\Downloads\Programy

==================== Files in the root of some directories =======

2015-04-15 05:28 - 2015-04-15 05:28 - 0001171 _____ () C:\Users\Marty\AppData\Roaming\R9citbZmsAD
2015-04-21 03:05 - 2015-04-21 03:05 - 1246720 _____ () C:\Users\Marty\AppData\Roaming\R9citbZmsAD.exe
2010-07-09 21:08 - 2010-07-09 21:08 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-04-22 08:06 - 2010-04-22 08:07 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-07-09 21:08 - 2010-07-09 21:08 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2015-11-06 19:36 - 2015-11-06 19:36 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2010-04-22 08:02 - 2010-04-22 08:03 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-09 21:07 - 2010-07-09 21:07 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-07-09 21:08 - 2010-07-09 21:08 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-04-22 08:02 - 2010-04-22 08:02 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-04-22 08:03 - 2010-04-22 08:06 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-07-09 21:08 - 2010-07-09 21:09 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\Marty\AppData\Local\Temp\8729.exe
C:\Users\Marty\AppData\Local\Temp\avg89F9.exe
C:\Users\Marty\AppData\Local\Temp\bitool.dll
C:\Users\Marty\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Marty\AppData\Local\Temp\sqlite3.dll
C:\Users\Marty\AppData\Local\Temp\Toyota Emina Owners Manua__10924_i1732822328_il783142.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-01 16:01

==================== End of FRST.txt ============================

Re: Prosim o kontrolu logu !!!!

Napsal: 06 lis 2015 22:56
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds& ... jzla8jx&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds& ... jzla8jx&q={searchTerms}
SearchScopes: HKLM-x32 -> {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> DefaultScope {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
OPR Extension: (CinemaP-1.9cV05.11) - C:\Users\Marty\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-05]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\Tasks\R9citbZmsAD.job
C:\WINDOWS\System32\Tasks\R9citbZmsAD
C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Marty\AppData\Roaming\R9citbZmsAD
C:\Users\Marty\AppData\Roaming\R9citbZmsAD.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Marty\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosim o kontrolu logu !!!!

Napsal: 07 lis 2015 03:37
od Marty1
Fix result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Marty (2015-11-07 15:33:51) Run:1
Running from C:\Users\Marty\Desktop
Loaded Profiles: Marty (Available Profiles: Marty)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds& ... jzla8jx&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds& ... jzla8jx&q={searchTerms}
SearchScopes: HKLM-x32 -> {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> DefaultScope {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> {F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2400494405-3608859707-3491806550-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
OPR Extension: (CinemaP-1.9cV05.11) - C:\Users\Marty\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-05]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\Tasks\R9citbZmsAD.job
C:\WINDOWS\System32\Tasks\R9citbZmsAD
C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Marty\AppData\Roaming\R9citbZmsAD
C:\Users\Marty\AppData\Roaming\R9citbZmsAD.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Marty\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0}" => key removed successfully
HKCR\Wow6432Node\CLSID\{F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} => key not found.
HKU\S-1-5-21-2400494405-3608859707-3491806550-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2400494405-3608859707-3491806550-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0}" => key removed successfully
HKCR\CLSID\{F7C02FD9-6D47-4FF2-8AB1-4DE814BC43E0} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKU\S-1-5-21-2400494405-3608859707-3491806550-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
C:\Users\Marty\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi => moved successfully
idsvc => service removed successfully
wpcsvc => service removed successfully
C:\WINDOWS\Tasks\R9citbZmsAD.job => moved successfully
C:\WINDOWS\System32\Tasks\R9citbZmsAD => moved successfully
C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Marty\AppData\Roaming\R9citbZmsAD => moved successfully
C:\Users\Marty\AppData\Roaming\R9citbZmsAD.exe => moved successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully

"C:\Users\Marty\AppData\Local\Temp" folder move:

Could not move "C:\Users\Marty\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-07 15:36:16)

C:\Users\Marty\AppData\Local\Temp => moved successfully

==== End of Fixlog 15:36:17 ====

Re: Prosim o kontrolu logu !!!!

Napsal: 07 lis 2015 11:19
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosim o kontrolu logu !!!!

Napsal: 07 lis 2015 11:41
od Marty1
Super děkuju moc, snad už to bude dobré.... Zatím se me uz nic neobjevuje ani žadna okna už nevyskakují. Ještě jednou díky. :)

Re: Prosim o kontrolu logu !!!!

Napsal: 07 lis 2015 12:58
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz