Prosím o kontrolu logu z ComboFixu. Poslední týden mně začal zamrzat Firefox, tak jsem místo něj začal používat Operu, bohužel chyba se přenesla i tam. Počítač velmi pomalu nabíhá a některé procesy, zejména webové prohlížeče a Skype zabírají spoustu místa. Zkontroloval jsem počítač i registry SpyHunterem a ještě AntiSpywarem, ale nepřestalo to blbnout. Díky za případnou pomoc. Honza
---------------------------------------------------------------------------------------------------
ComboFix 16-03-14.01 - Honza 16.03.2016 14:11:59.2.2 - x86
Spuštěný z: c:\install\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\SETF9AA.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-16 do 2016-03-16 )))))))))))))))))))))))))))))))
.
.
2016-03-16 11:44 . 2016-03-16 11:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-03-16 11:44 . 2016-03-16 11:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-15 21:03 . 2016-03-15 23:26 -------- d-----w- C:\2n9d3EdtLeUnQsc4
2016-03-12 15:15 . 2009-03-09 12:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2016-03-12 15:11 . 2016-03-12 15:11 -------- d-----w- c:\program files\Microsoft Mathematics Add-in
2016-03-12 14:59 . 2016-03-12 14:59 -------- d-----w- c:\users\Honza\AppData\Roaming\GrindEQ
2016-03-12 14:58 . 2016-03-12 14:58 -------- d-----w- c:\program files\GrindEQ
2016-03-12 11:42 . 2016-03-12 11:42 -------- d-----w- c:\program files\BCL Technologies
2016-03-11 21:37 . 2016-03-11 21:37 -------- d-----w- c:\users\Honza\AppData\Roaming\l2rshell
2016-03-11 18:29 . 2016-03-11 18:29 -------- d-----w- c:\program files\latex2rtf
2016-03-11 17:45 . 2016-03-13 10:31 -------- d-----w- c:\users\Honza\AppData\Roaming\Design Science
2016-03-11 17:44 . 2016-03-13 10:29 -------- d-----w- c:\program files\MathType
2016-03-02 16:24 . 2016-03-02 16:25 -------- d-----w- C:\futsal
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-22 09:56 . 2016-01-22 09:56 193456 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2016-01-13 10:04 . 2016-01-13 10:04 223152 ----a-w- c:\windows\system32\drivers\avgidshx.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:33 1720976 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:33 1720976 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:33 1720976 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"ManicTime"="c:\program files\ManicTime\ManicTime.exe" [2014-02-03 250120]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-07-24 21645408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-15 8120864]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2012-10-17 296096]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-09-12 959176]
"AVG_UI"="c:\program files\AVG\AVG2015\avuirunnerx.exe" [2016-02-13 25512]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Vesmír na dlani.lnk - c:\program files\Noční obloha\vesmir.exe [2003-11-29 57344]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-4-2 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-04-03 315008]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\program files\Enigma Software Group\SpyHunter\SH4Service.exe [2016-03-15 784256]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-10-15 16432]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [2014-10-15 19984]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-09-14 110296]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 XICTAMDM;CELOT-W USB MODEM Driver;c:\windows\system32\DRIVERS\XICTAMDM.sys [2010-07-17 168024]
R3 XICTANmea;CELOT-W NMEA Device Driver(WDM);c:\windows\system32\DRIVERS\XICTANmea.sys [2010-07-17 168024]
R3 XICTAVSP;CELOT-W DM Interface Driver(WDM);c:\windows\system32\DRIVERS\XICTAVSP.sys [2010-07-17 168024]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2016-01-13 223152]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2015-05-07 290272]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2015-12-16 252336]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2015-11-25 31664]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2015-12-16 234416]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2015-08-04 230832]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2010-03-31 10752]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2016-03-15 142648]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [2016-02-04 3646888]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [2016-02-04 335656]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-05-04 503080]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 122880]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-11 02:48 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-20 21:04]
.
2016-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-20 21:04]
.
2013-01-24 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-24 21:16]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.astro.cz
mStart Page = www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
TCP: DhcpNameServer = 159.93.130.8 159.93.17.7
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\6j7pjp0r.default-1410360088631\
FF - prefs.js: browser.startup.homepage - hxxp://www.astro.cz/
FF - prefs.js: network.proxy.http - proxy.jinr.ru
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-03-16 14:49:40
ComboFix-quarantined-files.txt 2016-03-16 11:49
ComboFix2.txt 2015-10-07 23:12
.
- - End Of File - - B289A5FDAF2E775894E3AC0EA8636AE7
2E5DEBB2116B3417023E0D6562D7ED07
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
combo fix - kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: combo fix - kontrola logu
Zdravím!
Proč spuštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si nabořit systém, nebo některou aplikaci? Chcete-li, abychom vám pomohli, dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 a CF propříště spouštějte jen na pokyn rádce.
Proč spuštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si nabořit systém, nebo některou aplikaci? Chcete-li, abychom vám pomohli, dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 a CF propříště spouštějte jen na pokyn rádce.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: combo fix - kontrola logu
Díky za radu! Zde je Vámi doporučený log FRST a v příloze zasílám Addition.txt. Jak jsem říkal, mám problémy se zpomalováním počítače, zejména web browserů. Po přeinstalaci a vyčištění Firefoxu se to trochu zlepšilo, pořád mně je ale chvílemi líto, že se to nedá spravit ránou kladivem:-) Taky mám už delší dobu problémy s wifinou, i když už jsem se pomalu smířil s tím, že se musím spokojit s kabelem. Třeba se s tím ale něco dělat dá.
===================================================================================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Honza (administrator) on HONZA-PC (20-03-2016 13:48:50)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Microsoft Windows 7 Home Premium (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Finkit d.o.o.) C:\Program Files\ManicTime\ManicTime.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Tošovský Jan) C:\Program Files\Noční obloha\vesmir.exe
() C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Ghisler Software GmbH) C:\Program Files\TotalCommander\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3795880 2016-02-04] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [ManicTime] => C:\Program Files\ManicTime\ManicTime.exe [250120 2014-02-03] (Finkit d.o.o.)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-04-02]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Vesmír na dlani.lnk [2012-03-21]
ShortcutTarget: Vesmír na dlani.lnk -> C:\Program Files\Noční obloha\vesmir.exe (Tošovský Jan)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-3046079806-2612904832-3248945475-1000] => proxy.jinr.ru:3128
AutoConfigURL: [S-1-5-21-3046079806-2612904832-3248945475-1000] => proxy.jinr.ru:3128
Winsock: Catalog5 01 C:\windows\system32\mswsock.dll [232448 2009-07-14] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 212.1.224.6 212.1.244.6
Tcpip\..\Interfaces\{660E5A26-7688-4D5C-BC25-FF0CC8581085}: [DhcpNameServer] 212.1.224.6 212.1.244.6
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.astro.cz
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7SMSN
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> DefaultScope {CD7D9CF9-4CC2-48C3-ACAD-0EBFD11BB0F4} URL = hxxp://searchou.com/?q={searchTerms}&id=5e1230af0000000000005cac4c9e73d2&affilt=5&r=177
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=NY&apn_dtid=YYYYYYYYCZ&apn_uid=7FA553E3-337D-4ABC-8AF1-8F4A1BB36A01&apn_sauid=7316195E-FC03-4251-A4DA-05509F25BEA1
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {1FE29DC9-9B46-45C1-9737-2759318011B5} URL = hxxp://www.mysearchresults.com/search?&c=3507& ... earchTerms}
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... cs___CZ417
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {BB243B5D-3E34-4D68-9A64-5B8FCB30ACA2} URL = hxxp://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=ru
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {CD7D9CF9-4CC2-48C3-ACAD-0EBFD11BB0F4} URL = hxxp://searchou.com/?q={searchTerms}&id=5e1230af0000000000005cac4c9e73d2&affilt=5&r=177
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2014-02-18] (RealPlayer)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30] ()
Toolbar: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30] ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\sxvdapp2.default
FF Homepage: astro.cz
FF NetworkProxy: "http", "proxy.jinr.ru"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll [2012-07-02] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=0.9.0 -> C:\Program Files\DivX\DivX Browser Plug-In\npdivx32.dll [2005-12-28] (DivX,Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\npDeployJava1.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-02-18] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll [2011-10-06] (Wolfram Research, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3046079806-2612904832-3248945475-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [not signed]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-02-18] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-04-13] [not signed]
FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Media Finder plugin) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk [2012-02-12]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-04-13]
CHR Extension: (AVG Safe Search) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2012-06-19]
CHR Extension: (No Name) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje [2012-02-12]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-13]
CHR HKLM\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-02-18]
CHR HKLM\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
Opera:
=======
OPR StartupUrls: "hxxp://www.google.com/"
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2016-03-16] (SUPERAntiSpyware.com)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3646888 2016-02-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [335656 2016-02-04] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-04-02] (Macrovision Europe Ltd.) [File not signed]
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [784256 2016-03-15] (Enigma Software Group USA, LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASPI; C:\windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [252336 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [223152 2016-01-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [234416 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [193456 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [230832 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 elxstor; C:\windows\system32\DRIVERS\elxstor.sys [453712 2009-07-14] (Emulex) [File not signed]
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [16432 2014-10-15] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\windows\System32\DRIVERS\EsgScanner.sys [19984 2014-10-15] ()
R3 igfx; C:\windows\System32\DRIVERS\igdkmd32.sys [9024512 2010-08-25] (Intel Corporation) [File not signed]
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18176 2011-08-17] (Nokia) [File not signed]
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2011-08-17] (Nokia) [File not signed]
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-14] (Windows (R) 2003 DDK 3790 provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [443448 2011-04-21] () [File not signed]
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2011-08-17] (Nokia) [File not signed]
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2011-08-17] (Nokia) [File not signed]
S3 XICTAMDM; C:\windows\System32\DRIVERS\XICTAMDM.sys [168024 2010-07-17] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 XICTANmea; C:\windows\System32\DRIVERS\XICTANmea.sys [168024 2010-07-17] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 XICTAVSP; C:\windows\System32\DRIVERS\XICTAVSP.sys [168024 2010-07-17] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U3 altwgjf8; C:\windows\system32\Drivers\altwgjf8.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Honza\AppData\Local\Temp\catchme.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 13:48 - 2016-03-20 14:05 - 00021082 _____ C:\Users\Honza\Desktop\FRST.txt
2016-03-20 13:42 - 2016-03-20 13:48 - 00000000 ____D C:\FRST
2016-03-20 13:39 - 2016-03-20 13:41 - 00112640 _____ (forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
2016-03-20 13:38 - 2016-03-20 13:38 - 01725440 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2016-03-20 06:45 - 2016-03-20 13:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-20 03:43 - 2016-03-20 13:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-20 03:43 - 2016-03-20 03:47 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Mozilla
2016-03-20 03:43 - 2016-03-20 03:43 - 00001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-20 03:43 - 2016-03-20 03:43 - 00001128 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-19 14:33 - 2016-03-19 14:33 - 00000000 ____D C:\windows\pss
2016-03-18 22:40 - 2016-03-19 12:51 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Solvusoft
2016-03-18 22:40 - 2015-11-25 13:01 - 00019576 _____ (solvusoft) C:\windows\system32\roboot.exe
2016-03-17 20:09 - 2016-03-17 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6
2016-03-16 15:27 - 2016-03-16 15:27 - 00051281 _____ C:\combo_CregCdat.txt
2016-03-16 14:49 - 2016-03-16 14:49 - 00011645 _____ C:\ComboFix.txt
2016-03-16 00:40 - 2016-03-16 00:41 - 00120746 _____ C:\native log.txt
2016-03-12 18:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2016-03-12 18:11 - 2016-03-12 18:11 - 00000000 ____D C:\Program Files\Microsoft Mathematics Add-in
2016-03-12 17:59 - 2016-03-12 17:59 - 00000000 ____D C:\Users\Honza\AppData\Roaming\GrindEQ
2016-03-12 17:58 - 2016-03-12 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrindEQ Math Utilities
2016-03-12 17:58 - 2016-03-12 17:58 - 00000000 ____D C:\Program Files\GrindEQ
2016-03-12 14:42 - 2016-03-12 14:42 - 00001232 _____ C:\Users\Public\Desktop\BCL easyConverter Desktop 3 (Word Version).lnk
2016-03-12 14:42 - 2016-03-12 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCL easyConverter Desktop 3
2016-03-12 14:42 - 2016-03-12 14:42 - 00000000 ____D C:\Program Files\BCL Technologies
2016-03-12 00:37 - 2016-03-12 00:37 - 00000000 ____D C:\Users\Honza\AppData\Roaming\l2rshell
2016-03-11 21:29 - 2016-03-11 21:29 - 00001084 _____ C:\Users\Public\Desktop\LaTeX2RTF.lnk
2016-03-11 21:29 - 2016-03-11 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LaTeX2RTF
2016-03-11 21:29 - 2016-03-11 21:29 - 00000000 ____D C:\Program Files\latex2rtf
2016-03-11 20:45 - 2016-03-13 13:31 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Design Science
2016-03-11 20:44 - 2016-03-17 20:08 - 00000000 ____D C:\Program Files\MathType
2016-03-02 19:24 - 2016-03-02 19:25 - 00000000 ____D C:\futsal
2016-02-19 18:46 - 2016-02-19 18:46 - 00000047 _____ C:\Users\Honza\Desktop\netbook.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 13:49 - 2011-01-20 23:22 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-20 13:16 - 2011-06-30 13:42 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Skype
2016-03-20 12:47 - 2011-01-20 23:22 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-20 12:29 - 2009-07-14 07:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-20 12:29 - 2009-07-14 07:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-20 12:15 - 2009-07-14 07:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-20 10:05 - 2011-02-01 17:55 - 00000000 ____D C:\install
2016-03-20 08:19 - 2011-07-09 20:26 - 00000000 ____D C:\ProgramData\MFAData
2016-03-19 13:52 - 2011-04-21 13:29 - 00000000 ____D C:\Dubna
2016-03-19 13:49 - 2010-12-12 01:54 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2016-03-18 21:49 - 2011-02-04 13:55 - 00000000 ____D C:\skolni_veci
2016-03-18 13:48 - 2009-07-14 07:33 - 00529096 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-17 20:15 - 2010-12-12 02:09 - 00140096 _____ C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-16 15:28 - 2015-07-24 08:59 - 00000000 ____D C:\ProgramData\AVG2015
2016-03-16 14:49 - 2015-10-08 00:53 - 00000000 ____D C:\Qoobox
2016-03-16 14:45 - 2009-07-14 05:04 - 00000215 _____ C:\windows\system.ini
2016-03-16 14:04 - 2009-07-14 07:53 - 00032560 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-03-16 10:01 - 2011-03-13 03:55 - 00000000 ____D C:\Program Files\uTorrentBar
2016-03-16 02:49 - 2013-08-14 14:21 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-16 00:40 - 2010-12-12 01:54 - 00000000 ____D C:\Users\Honza
2016-03-15 17:37 - 2014-10-15 11:25 - 00001280 _____ C:\Users\Honza\Desktop\SpyHunter.lnk
2016-03-12 00:57 - 2011-02-05 17:07 - 00011539 _____ C:\Users\Honza\gsview32.ini
2016-03-11 10:38 - 2015-12-04 20:08 - 00000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2016-03-11 05:55 - 2011-03-22 21:27 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-11 05:55 - 2011-03-22 21:27 - 00002165 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-08 17:31 - 2011-08-20 17:55 - 00000000 ____D C:\knihy
2016-03-08 15:28 - 2013-09-28 20:04 - 00000000 _____ C:\Users\Honza\AppData\Roaming\FileOut.cns
2016-03-08 15:28 - 2013-09-28 20:04 - 00000000 _____ C:\Users\Honza\AppData\Roaming\FileIn.cns
2016-03-07 23:00 - 2010-06-15 02:29 - 00631292 _____ C:\windows\system32\perfh005.dat
2016-03-07 23:00 - 2010-06-15 02:29 - 00121914 _____ C:\windows\system32\perfc005.dat
2016-03-07 23:00 - 2009-07-26 23:06 - 01470062 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-07 23:00 - 2009-07-14 05:37 - 00000000 ____D C:\windows\inf
2016-03-05 08:16 - 2011-02-06 23:38 - 00000600 _____ C:\Users\Honza\AppData\Local\PUTTY.RND
2016-03-05 00:14 - 2011-02-03 18:42 - 00000600 _____ C:\Users\Honza\AppData\Roaming\winscp.rnd
2016-03-04 16:31 - 2015-05-18 11:23 - 00000000 ____D C:\kosmické_snímky
2016-02-28 14:29 - 2011-07-31 22:11 - 00000000 ____D C:\fotky
==================== Files in the root of some directories =======
2012-04-19 23:48 - 2012-04-19 23:48 - 436255164 _____ () C:\Users\Honza\AppData\Roaming\.ptbt0
2013-09-28 20:04 - 2016-03-08 15:28 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\FileIn.cns
2013-09-28 20:04 - 2016-03-08 15:28 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\FileOut.cns
2014-03-04 19:29 - 2014-03-04 19:29 - 0000036 _____ () C:\Users\Honza\AppData\Roaming\mbam.context.scan
2012-05-17 13:30 - 2012-05-17 13:30 - 0033134 _____ () C:\Users\Honza\AppData\Roaming\UserTile.png
2011-02-03 18:42 - 2016-03-05 00:14 - 0000600 _____ () C:\Users\Honza\AppData\Roaming\winscp.rnd
2011-04-07 19:05 - 2011-04-07 19:05 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\wklnhst.dat
2011-08-01 03:27 - 2012-10-11 17:06 - 0012288 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-14 01:16 - 2013-03-14 01:16 - 0026900 _____ () C:\Users\Honza\AppData\Local\dt.dat
2011-02-06 23:38 - 2016-03-05 08:16 - 0000600 _____ () C:\Users\Honza\AppData\Local\PUTTY.RND
2015-09-09 00:15 - 2015-09-09 00:15 - 0000218 _____ () C:\Users\Honza\AppData\Local\recently-used.xbel
2013-11-07 12:55 - 2016-02-11 18:06 - 0007609 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg
2011-10-13 15:35 - 2011-10-13 15:35 - 0000000 _____ () C:\Users\Honza\AppData\Local\{33D29384-466F-4DA1-9A01-1CA4C2B3CD1E}
2011-12-22 16:15 - 2011-12-22 16:17 - 0000000 _____ () C:\Users\Honza\AppData\Local\{9E29560D-418B-4EB5-8FB6-60A090AC9C76}
2011-11-06 22:25 - 2011-11-06 22:25 - 0000000 _____ () C:\Users\Honza\AppData\Local\{9E92D11B-EBBA-4DCA-A6B0-5DCE0A0083CE}
2010-12-12 01:56 - 2010-01-16 09:18 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2014-04-28 17:34 - 2014-04-28 17:34 - 0000169 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2011-03-28 20:18 - 2011-03-28 20:18 - 0005115 _____ () C:\ProgramData\mtbjfghn.xbe
2010-06-14 10:00 - 2010-06-14 10:00 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-14 09:57 - 2010-06-14 09:58 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-06-14 09:54 - 2010-06-14 09:55 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-14 09:58 - 2010-06-14 09:59 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-06-14 09:54 - 2010-06-14 09:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-06-14 09:55 - 2010-06-14 09:57 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
ZeroAccess:
C:\Users\Honza\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install
Files to move or delete:
====================
C:\Users\Honza\Honza.dat
C:\Users\Honza\Honza1.dat
Some files in TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\lowproc.exe
C:\Users\Honza\AppData\Local\Temp\stubhelper.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Honza\Desktop" je 43 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\windows\system32\hkcmd.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\windows\system32\igfxtray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut
"C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\windows\system32\igfxpers.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8
"C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu
"C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut
"C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut
"C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut
"C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
===================================================================================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Honza (administrator) on HONZA-PC (20-03-2016 13:48:50)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Microsoft Windows 7 Home Premium (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Finkit d.o.o.) C:\Program Files\ManicTime\ManicTime.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Tošovský Jan) C:\Program Files\Noční obloha\vesmir.exe
() C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Ghisler Software GmbH) C:\Program Files\TotalCommander\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3795880 2016-02-04] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [ManicTime] => C:\Program Files\ManicTime\ManicTime.exe [250120 2014-02-03] (Finkit d.o.o.)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-04-02]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Vesmír na dlani.lnk [2012-03-21]
ShortcutTarget: Vesmír na dlani.lnk -> C:\Program Files\Noční obloha\vesmir.exe (Tošovský Jan)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-3046079806-2612904832-3248945475-1000] => proxy.jinr.ru:3128
AutoConfigURL: [S-1-5-21-3046079806-2612904832-3248945475-1000] => proxy.jinr.ru:3128
Winsock: Catalog5 01 C:\windows\system32\mswsock.dll [232448 2009-07-14] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 212.1.224.6 212.1.244.6
Tcpip\..\Interfaces\{660E5A26-7688-4D5C-BC25-FF0CC8581085}: [DhcpNameServer] 212.1.224.6 212.1.244.6
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.astro.cz
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7SMSN
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> DefaultScope {CD7D9CF9-4CC2-48C3-ACAD-0EBFD11BB0F4} URL = hxxp://searchou.com/?q={searchTerms}&id=5e1230af0000000000005cac4c9e73d2&affilt=5&r=177
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=NY&apn_dtid=YYYYYYYYCZ&apn_uid=7FA553E3-337D-4ABC-8AF1-8F4A1BB36A01&apn_sauid=7316195E-FC03-4251-A4DA-05509F25BEA1
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {1FE29DC9-9B46-45C1-9737-2759318011B5} URL = hxxp://www.mysearchresults.com/search?&c=3507& ... earchTerms}
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... cs___CZ417
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {BB243B5D-3E34-4D68-9A64-5B8FCB30ACA2} URL = hxxp://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=ru
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {CD7D9CF9-4CC2-48C3-ACAD-0EBFD11BB0F4} URL = hxxp://searchou.com/?q={searchTerms}&id=5e1230af0000000000005cac4c9e73d2&affilt=5&r=177
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2014-02-18] (RealPlayer)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30] ()
Toolbar: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30] ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\sxvdapp2.default
FF Homepage: astro.cz
FF NetworkProxy: "http", "proxy.jinr.ru"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll [2012-07-02] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=0.9.0 -> C:\Program Files\DivX\DivX Browser Plug-In\npdivx32.dll [2005-12-28] (DivX,Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\npDeployJava1.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-02-18] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll [2011-10-06] (Wolfram Research, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3046079806-2612904832-3248945475-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [not signed]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-02-18] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-04-13] [not signed]
FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Media Finder plugin) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk [2012-02-12]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-04-13]
CHR Extension: (AVG Safe Search) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2012-06-19]
CHR Extension: (No Name) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje [2012-02-12]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-13]
CHR HKLM\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-02-18]
CHR HKLM\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
Opera:
=======
OPR StartupUrls: "hxxp://www.google.com/"
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2016-03-16] (SUPERAntiSpyware.com)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3646888 2016-02-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [335656 2016-02-04] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-04-02] (Macrovision Europe Ltd.) [File not signed]
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [784256 2016-03-15] (Enigma Software Group USA, LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASPI; C:\windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [252336 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [223152 2016-01-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [234416 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [193456 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [230832 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 elxstor; C:\windows\system32\DRIVERS\elxstor.sys [453712 2009-07-14] (Emulex) [File not signed]
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [16432 2014-10-15] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\windows\System32\DRIVERS\EsgScanner.sys [19984 2014-10-15] ()
R3 igfx; C:\windows\System32\DRIVERS\igdkmd32.sys [9024512 2010-08-25] (Intel Corporation) [File not signed]
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18176 2011-08-17] (Nokia) [File not signed]
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2011-08-17] (Nokia) [File not signed]
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-14] (Windows (R) 2003 DDK 3790 provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [443448 2011-04-21] () [File not signed]
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2011-08-17] (Nokia) [File not signed]
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2011-08-17] (Nokia) [File not signed]
S3 XICTAMDM; C:\windows\System32\DRIVERS\XICTAMDM.sys [168024 2010-07-17] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 XICTANmea; C:\windows\System32\DRIVERS\XICTANmea.sys [168024 2010-07-17] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 XICTAVSP; C:\windows\System32\DRIVERS\XICTAVSP.sys [168024 2010-07-17] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U3 altwgjf8; C:\windows\system32\Drivers\altwgjf8.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Honza\AppData\Local\Temp\catchme.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 13:48 - 2016-03-20 14:05 - 00021082 _____ C:\Users\Honza\Desktop\FRST.txt
2016-03-20 13:42 - 2016-03-20 13:48 - 00000000 ____D C:\FRST
2016-03-20 13:39 - 2016-03-20 13:41 - 00112640 _____ (forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
2016-03-20 13:38 - 2016-03-20 13:38 - 01725440 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2016-03-20 06:45 - 2016-03-20 13:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-20 03:43 - 2016-03-20 13:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-20 03:43 - 2016-03-20 03:47 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Mozilla
2016-03-20 03:43 - 2016-03-20 03:43 - 00001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-20 03:43 - 2016-03-20 03:43 - 00001128 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-19 14:33 - 2016-03-19 14:33 - 00000000 ____D C:\windows\pss
2016-03-18 22:40 - 2016-03-19 12:51 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Solvusoft
2016-03-18 22:40 - 2015-11-25 13:01 - 00019576 _____ (solvusoft) C:\windows\system32\roboot.exe
2016-03-17 20:09 - 2016-03-17 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6
2016-03-16 15:27 - 2016-03-16 15:27 - 00051281 _____ C:\combo_CregCdat.txt
2016-03-16 14:49 - 2016-03-16 14:49 - 00011645 _____ C:\ComboFix.txt
2016-03-16 00:40 - 2016-03-16 00:41 - 00120746 _____ C:\native log.txt
2016-03-12 18:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2016-03-12 18:11 - 2016-03-12 18:11 - 00000000 ____D C:\Program Files\Microsoft Mathematics Add-in
2016-03-12 17:59 - 2016-03-12 17:59 - 00000000 ____D C:\Users\Honza\AppData\Roaming\GrindEQ
2016-03-12 17:58 - 2016-03-12 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrindEQ Math Utilities
2016-03-12 17:58 - 2016-03-12 17:58 - 00000000 ____D C:\Program Files\GrindEQ
2016-03-12 14:42 - 2016-03-12 14:42 - 00001232 _____ C:\Users\Public\Desktop\BCL easyConverter Desktop 3 (Word Version).lnk
2016-03-12 14:42 - 2016-03-12 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCL easyConverter Desktop 3
2016-03-12 14:42 - 2016-03-12 14:42 - 00000000 ____D C:\Program Files\BCL Technologies
2016-03-12 00:37 - 2016-03-12 00:37 - 00000000 ____D C:\Users\Honza\AppData\Roaming\l2rshell
2016-03-11 21:29 - 2016-03-11 21:29 - 00001084 _____ C:\Users\Public\Desktop\LaTeX2RTF.lnk
2016-03-11 21:29 - 2016-03-11 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LaTeX2RTF
2016-03-11 21:29 - 2016-03-11 21:29 - 00000000 ____D C:\Program Files\latex2rtf
2016-03-11 20:45 - 2016-03-13 13:31 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Design Science
2016-03-11 20:44 - 2016-03-17 20:08 - 00000000 ____D C:\Program Files\MathType
2016-03-02 19:24 - 2016-03-02 19:25 - 00000000 ____D C:\futsal
2016-02-19 18:46 - 2016-02-19 18:46 - 00000047 _____ C:\Users\Honza\Desktop\netbook.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 13:49 - 2011-01-20 23:22 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-20 13:16 - 2011-06-30 13:42 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Skype
2016-03-20 12:47 - 2011-01-20 23:22 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-20 12:29 - 2009-07-14 07:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-20 12:29 - 2009-07-14 07:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-20 12:15 - 2009-07-14 07:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-20 10:05 - 2011-02-01 17:55 - 00000000 ____D C:\install
2016-03-20 08:19 - 2011-07-09 20:26 - 00000000 ____D C:\ProgramData\MFAData
2016-03-19 13:52 - 2011-04-21 13:29 - 00000000 ____D C:\Dubna
2016-03-19 13:49 - 2010-12-12 01:54 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2016-03-18 21:49 - 2011-02-04 13:55 - 00000000 ____D C:\skolni_veci
2016-03-18 13:48 - 2009-07-14 07:33 - 00529096 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-17 20:15 - 2010-12-12 02:09 - 00140096 _____ C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-16 15:28 - 2015-07-24 08:59 - 00000000 ____D C:\ProgramData\AVG2015
2016-03-16 14:49 - 2015-10-08 00:53 - 00000000 ____D C:\Qoobox
2016-03-16 14:45 - 2009-07-14 05:04 - 00000215 _____ C:\windows\system.ini
2016-03-16 14:04 - 2009-07-14 07:53 - 00032560 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-03-16 10:01 - 2011-03-13 03:55 - 00000000 ____D C:\Program Files\uTorrentBar
2016-03-16 02:49 - 2013-08-14 14:21 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-16 00:40 - 2010-12-12 01:54 - 00000000 ____D C:\Users\Honza
2016-03-15 17:37 - 2014-10-15 11:25 - 00001280 _____ C:\Users\Honza\Desktop\SpyHunter.lnk
2016-03-12 00:57 - 2011-02-05 17:07 - 00011539 _____ C:\Users\Honza\gsview32.ini
2016-03-11 10:38 - 2015-12-04 20:08 - 00000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2016-03-11 05:55 - 2011-03-22 21:27 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-11 05:55 - 2011-03-22 21:27 - 00002165 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-08 17:31 - 2011-08-20 17:55 - 00000000 ____D C:\knihy
2016-03-08 15:28 - 2013-09-28 20:04 - 00000000 _____ C:\Users\Honza\AppData\Roaming\FileOut.cns
2016-03-08 15:28 - 2013-09-28 20:04 - 00000000 _____ C:\Users\Honza\AppData\Roaming\FileIn.cns
2016-03-07 23:00 - 2010-06-15 02:29 - 00631292 _____ C:\windows\system32\perfh005.dat
2016-03-07 23:00 - 2010-06-15 02:29 - 00121914 _____ C:\windows\system32\perfc005.dat
2016-03-07 23:00 - 2009-07-26 23:06 - 01470062 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-07 23:00 - 2009-07-14 05:37 - 00000000 ____D C:\windows\inf
2016-03-05 08:16 - 2011-02-06 23:38 - 00000600 _____ C:\Users\Honza\AppData\Local\PUTTY.RND
2016-03-05 00:14 - 2011-02-03 18:42 - 00000600 _____ C:\Users\Honza\AppData\Roaming\winscp.rnd
2016-03-04 16:31 - 2015-05-18 11:23 - 00000000 ____D C:\kosmické_snímky
2016-02-28 14:29 - 2011-07-31 22:11 - 00000000 ____D C:\fotky
==================== Files in the root of some directories =======
2012-04-19 23:48 - 2012-04-19 23:48 - 436255164 _____ () C:\Users\Honza\AppData\Roaming\.ptbt0
2013-09-28 20:04 - 2016-03-08 15:28 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\FileIn.cns
2013-09-28 20:04 - 2016-03-08 15:28 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\FileOut.cns
2014-03-04 19:29 - 2014-03-04 19:29 - 0000036 _____ () C:\Users\Honza\AppData\Roaming\mbam.context.scan
2012-05-17 13:30 - 2012-05-17 13:30 - 0033134 _____ () C:\Users\Honza\AppData\Roaming\UserTile.png
2011-02-03 18:42 - 2016-03-05 00:14 - 0000600 _____ () C:\Users\Honza\AppData\Roaming\winscp.rnd
2011-04-07 19:05 - 2011-04-07 19:05 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\wklnhst.dat
2011-08-01 03:27 - 2012-10-11 17:06 - 0012288 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-14 01:16 - 2013-03-14 01:16 - 0026900 _____ () C:\Users\Honza\AppData\Local\dt.dat
2011-02-06 23:38 - 2016-03-05 08:16 - 0000600 _____ () C:\Users\Honza\AppData\Local\PUTTY.RND
2015-09-09 00:15 - 2015-09-09 00:15 - 0000218 _____ () C:\Users\Honza\AppData\Local\recently-used.xbel
2013-11-07 12:55 - 2016-02-11 18:06 - 0007609 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg
2011-10-13 15:35 - 2011-10-13 15:35 - 0000000 _____ () C:\Users\Honza\AppData\Local\{33D29384-466F-4DA1-9A01-1CA4C2B3CD1E}
2011-12-22 16:15 - 2011-12-22 16:17 - 0000000 _____ () C:\Users\Honza\AppData\Local\{9E29560D-418B-4EB5-8FB6-60A090AC9C76}
2011-11-06 22:25 - 2011-11-06 22:25 - 0000000 _____ () C:\Users\Honza\AppData\Local\{9E92D11B-EBBA-4DCA-A6B0-5DCE0A0083CE}
2010-12-12 01:56 - 2010-01-16 09:18 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2014-04-28 17:34 - 2014-04-28 17:34 - 0000169 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2011-03-28 20:18 - 2011-03-28 20:18 - 0005115 _____ () C:\ProgramData\mtbjfghn.xbe
2010-06-14 10:00 - 2010-06-14 10:00 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-14 09:57 - 2010-06-14 09:58 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-06-14 09:54 - 2010-06-14 09:55 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-14 09:58 - 2010-06-14 09:59 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-06-14 09:54 - 2010-06-14 09:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-06-14 09:55 - 2010-06-14 09:57 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
ZeroAccess:
C:\Users\Honza\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install
Files to move or delete:
====================
C:\Users\Honza\Honza.dat
C:\Users\Honza\Honza1.dat
Some files in TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\lowproc.exe
C:\Users\Honza\AppData\Local\Temp\stubhelper.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Honza\Desktop" je 43 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\windows\system32\hkcmd.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\windows\system32\igfxtray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut
"C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\windows\system32\igfxpers.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8
"C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu
"C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut
"C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut
"C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut
"C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (16.46 KiB) Staženo 43 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: combo fix - kontrola logu
Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: combo fix - kontrola logu
Pod textem vkládám log, jak moc to urychlilo počítač, to ještě zjistím. Problémy s wi-fi ale přetrvávají - správce zařízení sice tvrdí, že ovladače jsou v pořádku a správně fungují (také jsem je přeinstalovával), ale v záložce
Ovladaci panely -> Sit a internet -> Centrum sitovych pripojeni a sdileni -> Zmenit nastaveni adapteru
(Control panel -> Network and internet -> Network and sharing center -> Change adapter settings)
není detekovaná žádná síť, a v záložce Spravovat bezdratove site (Manage wireless network) jsou bezdrátová zařízení označena jako nepřipojená. Když v této záložce spustím diagnostiku, načte to aspoň seznam sítí v ikonce vpravo dole, ale nejde se k nim připojit, v záložce Change adapter settings zůstanou sítě nedetekované. Diagnostika dále tvrdí, že Automatická konfigurace sítě (W)LAN je vypnutá a mám ji zapnout, když ji ale vyhledám pomocí
Start >> Všechny programy >> Příslušenství >> Spustit >> services.msc+Enter,
v seznamu služeb je uvedená jako zapnutá. Jejím restartem se nic nezlepší. Už fakt nevím co s tím, je možné, že je v síťové kartě nějaká chyba? Je to vlastně trochu jiné téma, než s tím logem, omlouvám se, že s tím obtěžuju v rámci jiného tématu. Ještě jednou díky.
============================================================================
# AdwCleaner v5.103 - Logfile created 21/03/2016 at 01:24:16
# Updated 20/03/2016 by Xplode
# Database : 2016-03-20.7 [Server]
# Operating system : Windows 7 Home Premium (x86)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner_5.103.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
[-] Folder Deleted : C:\ProgramData\Partner
[-] Folder Deleted : C:\Users\Honza\AppData\Local\Amigo
[-] Folder Deleted : C:\Users\Honza\AppData\Local\MailRu
[-] Folder Deleted : C:\Users\Honza\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk
[-] Folder Deleted : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
[-] Folder Deleted : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
[-] Folder Deleted : C:\Users\Honza\AppData\LocalLow\AVG Security Toolbar
[-] Folder Deleted : C:\Users\Honza\AppData\LocalLow\ConduitEngine
[-] Folder Deleted : C:\Users\Honza\AppData\Roaming\Solvusoft
[-] Folder Deleted : C:\Users\Honza\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Honza\Documents\video download converter
***** [ Files ] *****
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Вконтакте.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Одноклассники.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Вконтакте.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Одноклассники.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Вконтакте.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Одноклассники.lnk
[-] File Deleted : C:\windows\system32\roboot.exe
[-] File Deleted : C:\windows\system32\drivers\sp_rsdrv2.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Amigo.KJOE5CON4YSEURCOUTJD6SBO2M
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
[-] Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
[-] Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\AVG Web TuneUp
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\conduitEngine
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\PRODUCTSETUP
[-] Key Deleted : HKU\.DEFAULT\Software\Mail.Ru
[-] Key Deleted : HKU\.DEFAULT\Software\Amigo
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\SweetIM
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7E724557-F46E-4206-85E1-6DF6367514CD}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{AB1C0148-0EFE-46CD-A0AE-C7BE7D121610}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1FE29DC9-9B46-45C1-9737-2759318011B5}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB243B5D-3E34-4D68-9A64-5B8FCB30ACA2}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CD7D9CF9-4CC2-48C3-ACAD-0EBFD11BB0F4}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\searchnu.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [7935 bytes] - [21/03/2016 01:24:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [9228 bytes] - [21/03/2016 01:22:07]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8081 bytes] ##########
Ovladaci panely -> Sit a internet -> Centrum sitovych pripojeni a sdileni -> Zmenit nastaveni adapteru
(Control panel -> Network and internet -> Network and sharing center -> Change adapter settings)
není detekovaná žádná síť, a v záložce Spravovat bezdratove site (Manage wireless network) jsou bezdrátová zařízení označena jako nepřipojená. Když v této záložce spustím diagnostiku, načte to aspoň seznam sítí v ikonce vpravo dole, ale nejde se k nim připojit, v záložce Change adapter settings zůstanou sítě nedetekované. Diagnostika dále tvrdí, že Automatická konfigurace sítě (W)LAN je vypnutá a mám ji zapnout, když ji ale vyhledám pomocí
Start >> Všechny programy >> Příslušenství >> Spustit >> services.msc+Enter,
v seznamu služeb je uvedená jako zapnutá. Jejím restartem se nic nezlepší. Už fakt nevím co s tím, je možné, že je v síťové kartě nějaká chyba? Je to vlastně trochu jiné téma, než s tím logem, omlouvám se, že s tím obtěžuju v rámci jiného tématu. Ještě jednou díky.
============================================================================
# AdwCleaner v5.103 - Logfile created 21/03/2016 at 01:24:16
# Updated 20/03/2016 by Xplode
# Database : 2016-03-20.7 [Server]
# Operating system : Windows 7 Home Premium (x86)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner_5.103.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
[-] Folder Deleted : C:\ProgramData\Partner
[-] Folder Deleted : C:\Users\Honza\AppData\Local\Amigo
[-] Folder Deleted : C:\Users\Honza\AppData\Local\MailRu
[-] Folder Deleted : C:\Users\Honza\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk
[-] Folder Deleted : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
[-] Folder Deleted : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
[-] Folder Deleted : C:\Users\Honza\AppData\LocalLow\AVG Security Toolbar
[-] Folder Deleted : C:\Users\Honza\AppData\LocalLow\ConduitEngine
[-] Folder Deleted : C:\Users\Honza\AppData\Roaming\Solvusoft
[-] Folder Deleted : C:\Users\Honza\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Honza\Documents\video download converter
***** [ Files ] *****
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Вконтакте.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Одноклассники.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Вконтакте.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Одноклассники.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Вконтакте.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Одноклассники.lnk
[-] File Deleted : C:\windows\system32\roboot.exe
[-] File Deleted : C:\windows\system32\drivers\sp_rsdrv2.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Amigo.KJOE5CON4YSEURCOUTJD6SBO2M
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
[-] Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
[-] Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\AVG Web TuneUp
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\conduitEngine
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\PRODUCTSETUP
[-] Key Deleted : HKU\.DEFAULT\Software\Mail.Ru
[-] Key Deleted : HKU\.DEFAULT\Software\Amigo
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\SweetIM
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7E724557-F46E-4206-85E1-6DF6367514CD}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{AB1C0148-0EFE-46CD-A0AE-C7BE7D121610}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1FE29DC9-9B46-45C1-9737-2759318011B5}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB243B5D-3E34-4D68-9A64-5B8FCB30ACA2}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CD7D9CF9-4CC2-48C3-ACAD-0EBFD11BB0F4}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\searchnu.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [7935 bytes] - [21/03/2016 01:24:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [9228 bytes] - [21/03/2016 01:22:07]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8081 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: combo fix - kontrola logu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: combo fix - kontrola logu
Předkládám výsledek. Mimochodem, před ukončením mně to vyhodilo tuto hlášku:
taskkill.exe - Systémová chyba
Program nelze spustit, protože v počítači chybí dbghelp.dll. Pokuste se tento problém vyřešit přeinstalací programu.
Takže si mám ten soubor asi odněkud stáhnout, že?
===========================================================================================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Honza (administrator) on HONZA-PC (21-03-2016 21:12:11)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Microsoft Windows 7 Home Premium (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Finkit d.o.o.) C:\Program Files\ManicTime\ManicTime.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Tošovský Jan) C:\Program Files\Noční obloha\vesmir.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe
(Ghisler Software GmbH) C:\Program Files\TotalCommander\TOTALCMD.EXE
(forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3795880 2016-02-04] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [ManicTime] => C:\Program Files\ManicTime\ManicTime.exe [250120 2014-02-03] (Finkit d.o.o.)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-04-02]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Vesmír na dlani.lnk [2012-03-21]
ShortcutTarget: Vesmír na dlani.lnk -> C:\Program Files\Noční obloha\vesmir.exe (Tošovský Jan)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-3046079806-2612904832-3248945475-1000] => proxy.jinr.ru:3128
AutoConfigURL: [S-1-5-21-3046079806-2612904832-3248945475-1000] => proxy.jinr.ru:3128
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Winsock: Catalog5 01 C:\windows\system32\mswsock.dll [232448 2009-07-14] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 159.93.130.8 159.93.17.7
Tcpip\..\Interfaces\{660E5A26-7688-4D5C-BC25-FF0CC8581085}: [DhcpNameServer] 159.93.130.8 159.93.17.7
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.astro.cz
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7SMSN
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... cs___CZ417
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2014-02-18] (RealPlayer)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\sxvdapp2.default
FF Homepage: astro.cz
FF NetworkProxy: "http", "proxy.jinr.ru"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll [2012-07-02] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=0.9.0 -> C:\Program Files\DivX\DivX Browser Plug-In\npdivx32.dll [2005-12-28] (DivX,Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\npDeployJava1.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-02-18] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll [2011-10-06] (Wolfram Research, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3046079806-2612904832-3248945475-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Extension: Gismeteo - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\sxvdapp2.default\extensions\extensions@gismeteo.com.xpi [2016-03-21]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [not signed]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-02-18] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-04-13] [not signed]
FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-04-13]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-13]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-02-18]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
Opera:
=======
OPR StartupUrls: "hxxp://www.google.com/"
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2016-03-16] (SUPERAntiSpyware.com)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3646888 2016-02-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [335656 2016-02-04] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-04-02] (Macrovision Europe Ltd.) [File not signed]
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [784256 2016-03-15] (Enigma Software Group USA, LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASPI; C:\windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [252336 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [223152 2016-01-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [234416 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [193456 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [230832 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 elxstor; C:\windows\system32\DRIVERS\elxstor.sys [453712 2009-07-14] (Emulex) [File not signed]
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [16432 2014-10-15] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\windows\System32\DRIVERS\EsgScanner.sys [19984 2014-10-15] ()
R3 igfx; C:\windows\System32\DRIVERS\igdkmd32.sys [9024512 2010-08-25] (Intel Corporation) [File not signed]
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18176 2011-08-17] (Nokia) [File not signed]
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2011-08-17] (Nokia) [File not signed]
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-14] (Windows (R) 2003 DDK 3790 provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [443448 2011-04-21] () [File not signed]
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2011-08-17] (Nokia) [File not signed]
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2011-08-17] (Nokia) [File not signed]
S3 XICTAMDM; C:\windows\System32\DRIVERS\XICTAMDM.sys [168024 2010-07-17] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 XICTANmea; C:\windows\System32\DRIVERS\XICTANmea.sys [168024 2010-07-17] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 XICTAVSP; C:\windows\System32\DRIVERS\XICTAVSP.sys [168024 2010-07-17] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U3 ahb5cfw4; C:\windows\system32\Drivers\ahb5cfw4.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Honza\AppData\Local\Temp\catchme.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-21 21:12 - 2016-03-21 21:13 - 00019251 _____ C:\Users\Honza\Desktop\FRST.txt
2016-03-21 21:11 - 2016-03-21 21:12 - 00000000 ____D C:\FRST
2016-03-21 01:45 - 2016-03-21 02:24 - 00000000 ____D C:\CISTENI_A_OPRAVY_DISKU
2016-03-21 00:58 - 2016-03-20 13:41 - 00112640 _____ (forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
2016-03-21 00:57 - 2016-03-20 13:38 - 01725440 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2016-03-20 20:39 - 2016-03-20 21:08 - 00000375 _____ C:\windows\system32\Drivers\etc\hosts.ics
2016-03-20 19:24 - 2016-03-20 23:58 - 00000000 ____D C:\Users\Honza\AppData\Local\ElevatedDiagnostics
2016-03-20 06:45 - 2016-03-20 23:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-20 03:43 - 2016-03-20 13:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-20 03:43 - 2016-03-20 03:47 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Mozilla
2016-03-20 03:43 - 2016-03-20 03:43 - 00001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-20 03:43 - 2016-03-20 03:43 - 00001128 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-19 14:33 - 2016-03-19 14:33 - 00000000 ____D C:\windows\pss
2016-03-17 20:09 - 2016-03-17 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6
2016-03-16 15:27 - 2016-03-16 15:27 - 00051281 _____ C:\combo_CregCdat.txt
2016-03-16 14:49 - 2016-03-16 14:49 - 00011645 _____ C:\ComboFix.txt
2016-03-16 00:40 - 2016-03-16 00:41 - 00120746 _____ C:\native log.txt
2016-03-12 18:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2016-03-12 18:11 - 2016-03-12 18:11 - 00000000 ____D C:\Program Files\Microsoft Mathematics Add-in
2016-03-12 17:59 - 2016-03-12 17:59 - 00000000 ____D C:\Users\Honza\AppData\Roaming\GrindEQ
2016-03-12 17:58 - 2016-03-12 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrindEQ Math Utilities
2016-03-12 17:58 - 2016-03-12 17:58 - 00000000 ____D C:\Program Files\GrindEQ
2016-03-12 14:42 - 2016-03-12 14:42 - 00001232 _____ C:\Users\Public\Desktop\BCL easyConverter Desktop 3 (Word Version).lnk
2016-03-12 14:42 - 2016-03-12 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCL easyConverter Desktop 3
2016-03-12 14:42 - 2016-03-12 14:42 - 00000000 ____D C:\Program Files\BCL Technologies
2016-03-12 00:37 - 2016-03-12 00:37 - 00000000 ____D C:\Users\Honza\AppData\Roaming\l2rshell
2016-03-11 21:29 - 2016-03-11 21:29 - 00001084 _____ C:\Users\Public\Desktop\LaTeX2RTF.lnk
2016-03-11 21:29 - 2016-03-11 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LaTeX2RTF
2016-03-11 21:29 - 2016-03-11 21:29 - 00000000 ____D C:\Program Files\latex2rtf
2016-03-11 20:45 - 2016-03-13 13:31 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Design Science
2016-03-11 20:44 - 2016-03-17 20:08 - 00000000 ____D C:\Program Files\MathType
2016-03-02 19:24 - 2016-03-02 19:25 - 00000000 ____D C:\futsal
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-21 21:01 - 2011-06-30 13:42 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Skype
2016-03-21 20:47 - 2011-01-20 23:22 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-21 20:23 - 2009-07-14 07:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-21 20:23 - 2009-07-14 07:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-21 20:16 - 2011-01-20 23:22 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-21 20:14 - 2009-07-14 07:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-21 19:12 - 2010-06-15 02:29 - 00631292 _____ C:\windows\system32\perfh005.dat
2016-03-21 19:12 - 2010-06-15 02:29 - 00121914 _____ C:\windows\system32\perfc005.dat
2016-03-21 19:12 - 2009-07-26 23:06 - 01470062 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-21 19:12 - 2009-07-14 05:37 - 00000000 ____D C:\windows\inf
2016-03-21 16:49 - 2011-07-09 20:26 - 00000000 ____D C:\ProgramData\MFAData
2016-03-21 01:37 - 2009-07-14 05:37 - 00000000 ____D C:\windows\system32\NDF
2016-03-21 00:51 - 2010-06-14 09:51 - 00000000 ____D C:\Program Files\Atheros Client Installation Program
2016-03-21 00:49 - 2010-06-14 09:50 - 02824704 _____ (Askey Computer Corporation.) C:\windows\system32\AInst3141.exe
2016-03-21 00:49 - 2010-06-14 09:50 - 00001202 _____ C:\windows\system32\WLL3141.cfgx
2016-03-20 23:56 - 2011-11-13 19:57 - 00588514 _____ C:\windows\ntbtlog.txt
2016-03-20 14:15 - 2011-10-10 14:53 - 00000000 ____D C:\jídlo
2016-03-20 10:05 - 2011-02-01 17:55 - 00000000 ____D C:\install
2016-03-19 13:52 - 2011-04-21 13:29 - 00000000 ____D C:\Dubna
2016-03-19 13:49 - 2010-12-12 01:54 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2016-03-18 21:49 - 2011-02-04 13:55 - 00000000 ____D C:\skolni_veci
2016-03-18 13:48 - 2009-07-14 07:33 - 00529096 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-17 20:15 - 2010-12-12 02:09 - 00140096 _____ C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-16 15:28 - 2015-07-24 08:59 - 00000000 ____D C:\ProgramData\AVG2015
2016-03-16 14:49 - 2015-10-08 00:53 - 00000000 ____D C:\Qoobox
2016-03-16 14:45 - 2009-07-14 05:04 - 00000215 _____ C:\windows\system.ini
2016-03-16 14:04 - 2009-07-14 07:53 - 00032560 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-03-16 10:01 - 2011-03-13 03:55 - 00000000 ____D C:\Program Files\uTorrentBar
2016-03-16 02:49 - 2013-08-14 14:21 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-16 00:40 - 2010-12-12 01:54 - 00000000 ____D C:\Users\Honza
2016-03-15 17:37 - 2014-10-15 11:25 - 00001280 _____ C:\Users\Honza\Desktop\SpyHunter.lnk
2016-03-12 00:57 - 2011-02-05 17:07 - 00011539 _____ C:\Users\Honza\gsview32.ini
2016-03-11 10:38 - 2015-12-04 20:08 - 00000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2016-03-11 05:55 - 2011-03-22 21:27 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-11 05:55 - 2011-03-22 21:27 - 00002165 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-08 17:31 - 2011-08-20 17:55 - 00000000 ____D C:\knihy
2016-03-08 15:28 - 2013-09-28 20:04 - 00000000 _____ C:\Users\Honza\AppData\Roaming\FileOut.cns
2016-03-08 15:28 - 2013-09-28 20:04 - 00000000 _____ C:\Users\Honza\AppData\Roaming\FileIn.cns
2016-03-05 08:16 - 2011-02-06 23:38 - 00000600 _____ C:\Users\Honza\AppData\Local\PUTTY.RND
2016-03-05 00:14 - 2011-02-03 18:42 - 00000600 _____ C:\Users\Honza\AppData\Roaming\winscp.rnd
2016-03-04 16:31 - 2015-05-18 11:23 - 00000000 ____D C:\kosmické_snímky
2016-02-28 14:29 - 2011-07-31 22:11 - 00000000 ____D C:\fotky
==================== Files in the root of some directories =======
2012-04-19 23:48 - 2012-04-19 23:48 - 436255164 _____ () C:\Users\Honza\AppData\Roaming\.ptbt0
2013-09-28 20:04 - 2016-03-08 15:28 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\FileIn.cns
2013-09-28 20:04 - 2016-03-08 15:28 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\FileOut.cns
2014-03-04 19:29 - 2014-03-04 19:29 - 0000036 _____ () C:\Users\Honza\AppData\Roaming\mbam.context.scan
2012-05-17 13:30 - 2012-05-17 13:30 - 0033134 _____ () C:\Users\Honza\AppData\Roaming\UserTile.png
2011-02-03 18:42 - 2016-03-05 00:14 - 0000600 _____ () C:\Users\Honza\AppData\Roaming\winscp.rnd
2011-04-07 19:05 - 2011-04-07 19:05 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\wklnhst.dat
2011-08-01 03:27 - 2012-10-11 17:06 - 0012288 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-14 01:16 - 2013-03-14 01:16 - 0026900 _____ () C:\Users\Honza\AppData\Local\dt.dat
2011-02-06 23:38 - 2016-03-05 08:16 - 0000600 _____ () C:\Users\Honza\AppData\Local\PUTTY.RND
2015-09-09 00:15 - 2015-09-09 00:15 - 0000218 _____ () C:\Users\Honza\AppData\Local\recently-used.xbel
2013-11-07 12:55 - 2016-02-11 18:06 - 0007609 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg
2011-10-13 15:35 - 2011-10-13 15:35 - 0000000 _____ () C:\Users\Honza\AppData\Local\{33D29384-466F-4DA1-9A01-1CA4C2B3CD1E}
2011-12-22 16:15 - 2011-12-22 16:17 - 0000000 _____ () C:\Users\Honza\AppData\Local\{9E29560D-418B-4EB5-8FB6-60A090AC9C76}
2011-11-06 22:25 - 2011-11-06 22:25 - 0000000 _____ () C:\Users\Honza\AppData\Local\{9E92D11B-EBBA-4DCA-A6B0-5DCE0A0083CE}
2010-12-12 01:56 - 2010-01-16 09:18 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2014-04-28 17:34 - 2014-04-28 17:34 - 0000169 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2011-03-28 20:18 - 2011-03-28 20:18 - 0005115 _____ () C:\ProgramData\mtbjfghn.xbe
2010-06-14 10:00 - 2010-06-14 10:00 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-14 09:57 - 2010-06-14 09:58 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-06-14 09:54 - 2010-06-14 09:55 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-14 09:58 - 2010-06-14 09:59 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-06-14 09:54 - 2010-06-14 09:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-06-14 09:55 - 2010-06-14 09:57 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
ZeroAccess:
C:\Users\Honza\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install
Files to move or delete:
====================
C:\Users\Honza\Honza.dat
C:\Users\Honza\Honza1.dat
Some files in TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\lowproc.exe
C:\Users\Honza\AppData\Local\Temp\sqlite3.dll
C:\Users\Honza\AppData\Local\Temp\stubhelper.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-20 02:25
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:138.99 GB) (Free:3.87 GB) NTFS
Drive d: () (Fixed) (Total:139 GB) (Free:11.1 GB) NTFS
Available physical RAM: 715.94 MB
Total physical RAM: 2008.61 MB
Percentage of memory in use: 64%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298.1 GB) (Disk ID: 16635EA7)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=139 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=139 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:07F6D9E4 [122]
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [132]
AlternateDataStreams: C:\ProgramData\Temp:268F887D [150]
AlternateDataStreams: C:\ProgramData\Temp:4BB26BE9 [250]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [250]
AlternateDataStreams: C:\ProgramData\Temp:6FB93194 [266]
AlternateDataStreams: C:\ProgramData\Temp:8530A643 [130]
AlternateDataStreams: C:\ProgramData\Temp:9E22BBE8 [124]
AlternateDataStreams: C:\ProgramData\Temp:BFBB0142 [118]
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 [270]
AlternateDataStreams: C:\ProgramData\Temp:E7BA7168 [117]
==================== Security Center ==================
AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Honza\Desktop" je 43 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\windows\system32\hkcmd.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\windows\system32\igfxtray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut
"C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\windows\system32\igfxpers.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8
"C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu
"C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut
"C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut
"C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut
"C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
taskkill.exe - Systémová chyba
Program nelze spustit, protože v počítači chybí dbghelp.dll. Pokuste se tento problém vyřešit přeinstalací programu.
Takže si mám ten soubor asi odněkud stáhnout, že?
===========================================================================================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Honza (administrator) on HONZA-PC (21-03-2016 21:12:11)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Microsoft Windows 7 Home Premium (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Finkit d.o.o.) C:\Program Files\ManicTime\ManicTime.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Tošovský Jan) C:\Program Files\Noční obloha\vesmir.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe
(Ghisler Software GmbH) C:\Program Files\TotalCommander\TOTALCMD.EXE
(forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3795880 2016-02-04] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [ManicTime] => C:\Program Files\ManicTime\ManicTime.exe [250120 2014-02-03] (Finkit d.o.o.)
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-04-02]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Vesmír na dlani.lnk [2012-03-21]
ShortcutTarget: Vesmír na dlani.lnk -> C:\Program Files\Noční obloha\vesmir.exe (Tošovský Jan)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-3046079806-2612904832-3248945475-1000] => proxy.jinr.ru:3128
AutoConfigURL: [S-1-5-21-3046079806-2612904832-3248945475-1000] => proxy.jinr.ru:3128
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Winsock: Catalog5 01 C:\windows\system32\mswsock.dll [232448 2009-07-14] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 159.93.130.8 159.93.17.7
Tcpip\..\Interfaces\{660E5A26-7688-4D5C-BC25-FF0CC8581085}: [DhcpNameServer] 159.93.130.8 159.93.17.7
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.astro.cz
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7SMSN
SearchScopes: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... cs___CZ417
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2014-02-18] (RealPlayer)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\sxvdapp2.default
FF Homepage: astro.cz
FF NetworkProxy: "http", "proxy.jinr.ru"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll [2012-07-02] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=0.9.0 -> C:\Program Files\DivX\DivX Browser Plug-In\npdivx32.dll [2005-12-28] (DivX,Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\npDeployJava1.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2014-02-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-02-18] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll [2011-10-06] (Wolfram Research, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3046079806-2612904832-3248945475-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Extension: Gismeteo - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\sxvdapp2.default\extensions\extensions@gismeteo.com.xpi [2016-03-21]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [not signed]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-02-18] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-04-13] [not signed]
FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-04-13]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-13]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-02-18]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
Opera:
=======
OPR StartupUrls: "hxxp://www.google.com/"
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2016-03-16] (SUPERAntiSpyware.com)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3646888 2016-02-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [335656 2016-02-04] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-04-02] (Macrovision Europe Ltd.) [File not signed]
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [784256 2016-03-15] (Enigma Software Group USA, LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASPI; C:\windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [252336 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [223152 2016-01-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [234416 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [193456 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [230832 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 elxstor; C:\windows\system32\DRIVERS\elxstor.sys [453712 2009-07-14] (Emulex) [File not signed]
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [16432 2014-10-15] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\windows\System32\DRIVERS\EsgScanner.sys [19984 2014-10-15] ()
R3 igfx; C:\windows\System32\DRIVERS\igdkmd32.sys [9024512 2010-08-25] (Intel Corporation) [File not signed]
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18176 2011-08-17] (Nokia) [File not signed]
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2011-08-17] (Nokia) [File not signed]
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-14] (Windows (R) 2003 DDK 3790 provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [443448 2011-04-21] () [File not signed]
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2011-08-17] (Nokia) [File not signed]
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2011-08-17] (Nokia) [File not signed]
S3 XICTAMDM; C:\windows\System32\DRIVERS\XICTAMDM.sys [168024 2010-07-17] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 XICTANmea; C:\windows\System32\DRIVERS\XICTANmea.sys [168024 2010-07-17] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 XICTAVSP; C:\windows\System32\DRIVERS\XICTAVSP.sys [168024 2010-07-17] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U3 ahb5cfw4; C:\windows\system32\Drivers\ahb5cfw4.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Honza\AppData\Local\Temp\catchme.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-21 21:12 - 2016-03-21 21:13 - 00019251 _____ C:\Users\Honza\Desktop\FRST.txt
2016-03-21 21:11 - 2016-03-21 21:12 - 00000000 ____D C:\FRST
2016-03-21 01:45 - 2016-03-21 02:24 - 00000000 ____D C:\CISTENI_A_OPRAVY_DISKU
2016-03-21 00:58 - 2016-03-20 13:41 - 00112640 _____ (forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
2016-03-21 00:57 - 2016-03-20 13:38 - 01725440 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2016-03-20 20:39 - 2016-03-20 21:08 - 00000375 _____ C:\windows\system32\Drivers\etc\hosts.ics
2016-03-20 19:24 - 2016-03-20 23:58 - 00000000 ____D C:\Users\Honza\AppData\Local\ElevatedDiagnostics
2016-03-20 06:45 - 2016-03-20 23:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-20 03:43 - 2016-03-20 13:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-20 03:43 - 2016-03-20 03:47 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Mozilla
2016-03-20 03:43 - 2016-03-20 03:43 - 00001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-20 03:43 - 2016-03-20 03:43 - 00001128 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-19 14:33 - 2016-03-19 14:33 - 00000000 ____D C:\windows\pss
2016-03-17 20:09 - 2016-03-17 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6
2016-03-16 15:27 - 2016-03-16 15:27 - 00051281 _____ C:\combo_CregCdat.txt
2016-03-16 14:49 - 2016-03-16 14:49 - 00011645 _____ C:\ComboFix.txt
2016-03-16 00:40 - 2016-03-16 00:41 - 00120746 _____ C:\native log.txt
2016-03-12 18:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2016-03-12 18:11 - 2016-03-12 18:11 - 00000000 ____D C:\Program Files\Microsoft Mathematics Add-in
2016-03-12 17:59 - 2016-03-12 17:59 - 00000000 ____D C:\Users\Honza\AppData\Roaming\GrindEQ
2016-03-12 17:58 - 2016-03-12 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrindEQ Math Utilities
2016-03-12 17:58 - 2016-03-12 17:58 - 00000000 ____D C:\Program Files\GrindEQ
2016-03-12 14:42 - 2016-03-12 14:42 - 00001232 _____ C:\Users\Public\Desktop\BCL easyConverter Desktop 3 (Word Version).lnk
2016-03-12 14:42 - 2016-03-12 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCL easyConverter Desktop 3
2016-03-12 14:42 - 2016-03-12 14:42 - 00000000 ____D C:\Program Files\BCL Technologies
2016-03-12 00:37 - 2016-03-12 00:37 - 00000000 ____D C:\Users\Honza\AppData\Roaming\l2rshell
2016-03-11 21:29 - 2016-03-11 21:29 - 00001084 _____ C:\Users\Public\Desktop\LaTeX2RTF.lnk
2016-03-11 21:29 - 2016-03-11 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LaTeX2RTF
2016-03-11 21:29 - 2016-03-11 21:29 - 00000000 ____D C:\Program Files\latex2rtf
2016-03-11 20:45 - 2016-03-13 13:31 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Design Science
2016-03-11 20:44 - 2016-03-17 20:08 - 00000000 ____D C:\Program Files\MathType
2016-03-02 19:24 - 2016-03-02 19:25 - 00000000 ____D C:\futsal
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-21 21:01 - 2011-06-30 13:42 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Skype
2016-03-21 20:47 - 2011-01-20 23:22 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-21 20:23 - 2009-07-14 07:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-21 20:23 - 2009-07-14 07:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-21 20:16 - 2011-01-20 23:22 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-21 20:14 - 2009-07-14 07:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-21 19:12 - 2010-06-15 02:29 - 00631292 _____ C:\windows\system32\perfh005.dat
2016-03-21 19:12 - 2010-06-15 02:29 - 00121914 _____ C:\windows\system32\perfc005.dat
2016-03-21 19:12 - 2009-07-26 23:06 - 01470062 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-21 19:12 - 2009-07-14 05:37 - 00000000 ____D C:\windows\inf
2016-03-21 16:49 - 2011-07-09 20:26 - 00000000 ____D C:\ProgramData\MFAData
2016-03-21 01:37 - 2009-07-14 05:37 - 00000000 ____D C:\windows\system32\NDF
2016-03-21 00:51 - 2010-06-14 09:51 - 00000000 ____D C:\Program Files\Atheros Client Installation Program
2016-03-21 00:49 - 2010-06-14 09:50 - 02824704 _____ (Askey Computer Corporation.) C:\windows\system32\AInst3141.exe
2016-03-21 00:49 - 2010-06-14 09:50 - 00001202 _____ C:\windows\system32\WLL3141.cfgx
2016-03-20 23:56 - 2011-11-13 19:57 - 00588514 _____ C:\windows\ntbtlog.txt
2016-03-20 14:15 - 2011-10-10 14:53 - 00000000 ____D C:\jídlo
2016-03-20 10:05 - 2011-02-01 17:55 - 00000000 ____D C:\install
2016-03-19 13:52 - 2011-04-21 13:29 - 00000000 ____D C:\Dubna
2016-03-19 13:49 - 2010-12-12 01:54 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2016-03-18 21:49 - 2011-02-04 13:55 - 00000000 ____D C:\skolni_veci
2016-03-18 13:48 - 2009-07-14 07:33 - 00529096 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-17 20:15 - 2010-12-12 02:09 - 00140096 _____ C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-16 15:28 - 2015-07-24 08:59 - 00000000 ____D C:\ProgramData\AVG2015
2016-03-16 14:49 - 2015-10-08 00:53 - 00000000 ____D C:\Qoobox
2016-03-16 14:45 - 2009-07-14 05:04 - 00000215 _____ C:\windows\system.ini
2016-03-16 14:04 - 2009-07-14 07:53 - 00032560 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-03-16 10:01 - 2011-03-13 03:55 - 00000000 ____D C:\Program Files\uTorrentBar
2016-03-16 02:49 - 2013-08-14 14:21 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-16 00:40 - 2010-12-12 01:54 - 00000000 ____D C:\Users\Honza
2016-03-15 17:37 - 2014-10-15 11:25 - 00001280 _____ C:\Users\Honza\Desktop\SpyHunter.lnk
2016-03-12 00:57 - 2011-02-05 17:07 - 00011539 _____ C:\Users\Honza\gsview32.ini
2016-03-11 10:38 - 2015-12-04 20:08 - 00000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2016-03-11 05:55 - 2011-03-22 21:27 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-11 05:55 - 2011-03-22 21:27 - 00002165 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-08 17:31 - 2011-08-20 17:55 - 00000000 ____D C:\knihy
2016-03-08 15:28 - 2013-09-28 20:04 - 00000000 _____ C:\Users\Honza\AppData\Roaming\FileOut.cns
2016-03-08 15:28 - 2013-09-28 20:04 - 00000000 _____ C:\Users\Honza\AppData\Roaming\FileIn.cns
2016-03-05 08:16 - 2011-02-06 23:38 - 00000600 _____ C:\Users\Honza\AppData\Local\PUTTY.RND
2016-03-05 00:14 - 2011-02-03 18:42 - 00000600 _____ C:\Users\Honza\AppData\Roaming\winscp.rnd
2016-03-04 16:31 - 2015-05-18 11:23 - 00000000 ____D C:\kosmické_snímky
2016-02-28 14:29 - 2011-07-31 22:11 - 00000000 ____D C:\fotky
==================== Files in the root of some directories =======
2012-04-19 23:48 - 2012-04-19 23:48 - 436255164 _____ () C:\Users\Honza\AppData\Roaming\.ptbt0
2013-09-28 20:04 - 2016-03-08 15:28 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\FileIn.cns
2013-09-28 20:04 - 2016-03-08 15:28 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\FileOut.cns
2014-03-04 19:29 - 2014-03-04 19:29 - 0000036 _____ () C:\Users\Honza\AppData\Roaming\mbam.context.scan
2012-05-17 13:30 - 2012-05-17 13:30 - 0033134 _____ () C:\Users\Honza\AppData\Roaming\UserTile.png
2011-02-03 18:42 - 2016-03-05 00:14 - 0000600 _____ () C:\Users\Honza\AppData\Roaming\winscp.rnd
2011-04-07 19:05 - 2011-04-07 19:05 - 0000000 _____ () C:\Users\Honza\AppData\Roaming\wklnhst.dat
2011-08-01 03:27 - 2012-10-11 17:06 - 0012288 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-14 01:16 - 2013-03-14 01:16 - 0026900 _____ () C:\Users\Honza\AppData\Local\dt.dat
2011-02-06 23:38 - 2016-03-05 08:16 - 0000600 _____ () C:\Users\Honza\AppData\Local\PUTTY.RND
2015-09-09 00:15 - 2015-09-09 00:15 - 0000218 _____ () C:\Users\Honza\AppData\Local\recently-used.xbel
2013-11-07 12:55 - 2016-02-11 18:06 - 0007609 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg
2011-10-13 15:35 - 2011-10-13 15:35 - 0000000 _____ () C:\Users\Honza\AppData\Local\{33D29384-466F-4DA1-9A01-1CA4C2B3CD1E}
2011-12-22 16:15 - 2011-12-22 16:17 - 0000000 _____ () C:\Users\Honza\AppData\Local\{9E29560D-418B-4EB5-8FB6-60A090AC9C76}
2011-11-06 22:25 - 2011-11-06 22:25 - 0000000 _____ () C:\Users\Honza\AppData\Local\{9E92D11B-EBBA-4DCA-A6B0-5DCE0A0083CE}
2010-12-12 01:56 - 2010-01-16 09:18 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2014-04-28 17:34 - 2014-04-28 17:34 - 0000169 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2011-03-28 20:18 - 2011-03-28 20:18 - 0005115 _____ () C:\ProgramData\mtbjfghn.xbe
2010-06-14 10:00 - 2010-06-14 10:00 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-14 09:57 - 2010-06-14 09:58 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-06-14 09:54 - 2010-06-14 09:55 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-14 09:58 - 2010-06-14 09:59 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-06-14 09:54 - 2010-06-14 09:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-06-14 09:55 - 2010-06-14 09:57 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
ZeroAccess:
C:\Users\Honza\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install
Files to move or delete:
====================
C:\Users\Honza\Honza.dat
C:\Users\Honza\Honza1.dat
Some files in TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\lowproc.exe
C:\Users\Honza\AppData\Local\Temp\sqlite3.dll
C:\Users\Honza\AppData\Local\Temp\stubhelper.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-20 02:25
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:138.99 GB) (Free:3.87 GB) NTFS
Drive d: () (Fixed) (Total:139 GB) (Free:11.1 GB) NTFS
Available physical RAM: 715.94 MB
Total physical RAM: 2008.61 MB
Percentage of memory in use: 64%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298.1 GB) (Disk ID: 16635EA7)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=139 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=139 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:07F6D9E4 [122]
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [132]
AlternateDataStreams: C:\ProgramData\Temp:268F887D [150]
AlternateDataStreams: C:\ProgramData\Temp:4BB26BE9 [250]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [250]
AlternateDataStreams: C:\ProgramData\Temp:6FB93194 [266]
AlternateDataStreams: C:\ProgramData\Temp:8530A643 [130]
AlternateDataStreams: C:\ProgramData\Temp:9E22BBE8 [124]
AlternateDataStreams: C:\ProgramData\Temp:BFBB0142 [118]
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 [270]
AlternateDataStreams: C:\ProgramData\Temp:E7BA7168 [117]
==================== Security Center ==================
AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Honza\Desktop" je 43 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\windows\system32\hkcmd.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\windows\system32\igfxtray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut
"C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\windows\system32\igfxpers.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8
"C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu
"C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut
"C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut
"C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut
"C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (16.09 KiB) Staženo 41 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: combo fix - kontrola logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
U3 ahb5cfw4; C:\windows\system32\Drivers\ahb5cfw4.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Honza\Honza.dat
C:\Users\Honza\Honza1.dat
C:\Users\Honza\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:07F6D9E4 [122]
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [132]
AlternateDataStreams: C:\ProgramData\Temp:268F887D [150]
AlternateDataStreams: C:\ProgramData\Temp:4BB26BE9 [250]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [250]
AlternateDataStreams: C:\ProgramData\Temp:6FB93194 [266]
AlternateDataStreams: C:\ProgramData\Temp:8530A643 [130]
AlternateDataStreams: C:\ProgramData\Temp:9E22BBE8 [124]
AlternateDataStreams: C:\ProgramData\Temp:BFBB0142 [118]
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 [270]
AlternateDataStreams: C:\ProgramData\Temp:E7BA7168 [117]
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{056440FD-8568-48E7-A632-72157243B55B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1EEB5B5A-06FB-4732-96B3-975C0194EB39}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4516CEE1-97DA-4030-A444-2D8E296B96B6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4BEC2015-BFA1-42FA-9C0C-59431BBE880E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{5858A72C-C2B4-4DD7-B2BF-B76DB1BD9F6C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6746C347-576B-4F73-9012-CDFEEA251BC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6756A641-DE71-11D0-831B-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6F237DF9-9DDB-47AD-B218-400D54C286AD}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76BE8257-C4C0-4D37-90C0-A23372254D27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{896664F7-12E1-490F-8782-C0835AFD98FC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A3C3D402-E56C-4033-95F7-4885E80B0111}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B2952B16-0E07-4E5A-B993-58C52CB94CAE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B77B1CBF-E827-44A9-A33A-6CCFEEAA142A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D34A6CA6-62C2-4C34-8A7C-14709C1AD938}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DB6EFB73-5153-43B7-8078-C6FFC4C0238C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F60163CE-2B8D-458D-AB2C-40F215767514}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F61FFEC1-754F-11D0-80CA-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F8C2AB3B-17BC-41DA-9758-339D7DBF2D88}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Classes\exefile: <===== ATTENTION
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: combo fix - kontrola logu
Tak tady je výsledek:
====================================================================================
Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by Honza (2016-03-22 13:43:09) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
U3 ahb5cfw4; C:\windows\system32\Drivers\ahb5cfw4.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Honza\Honza.dat
C:\Users\Honza\Honza1.dat
C:\Users\Honza\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:07F6D9E4 [122]
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [132]
AlternateDataStreams: C:\ProgramData\Temp:268F887D [150]
AlternateDataStreams: C:\ProgramData\Temp:4BB26BE9 [250]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [250]
AlternateDataStreams: C:\ProgramData\Temp:6FB93194 [266]
AlternateDataStreams: C:\ProgramData\Temp:8530A643 [130]
AlternateDataStreams: C:\ProgramData\Temp:9E22BBE8 [124]
AlternateDataStreams: C:\ProgramData\Temp:BFBB0142 [118]
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 [270]
AlternateDataStreams: C:\ProgramData\Temp:E7BA7168 [117]
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{056440FD-8568-48E7-A632-72157243B55B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1EEB5B5A-06FB-4732-96B3-975C0194EB39}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4516CEE1-97DA-4030-A444-2D8E296B96B6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4BEC2015-BFA1-42FA-9C0C-59431BBE880E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{5858A72C-C2B4-4DD7-B2BF-B76DB1BD9F6C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6746C347-576B-4F73-9012-CDFEEA251BC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6756A641-DE71-11D0-831B-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6F237DF9-9DDB-47AD-B218-400D54C286AD}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76BE8257-C4C0-4D37-90C0-A23372254D27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{896664F7-12E1-490F-8782-C0835AFD98FC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A3C3D402-E56C-4033-95F7-4885E80B0111}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B2952B16-0E07-4E5A-B993-58C52CB94CAE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B77B1CBF-E827-44A9-A33A-6CCFEEAA142A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D34A6CA6-62C2-4C34-8A7C-14709C1AD938}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DB6EFB73-5153-43B7-8078-C6FFC4C0238C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F60163CE-2B8D-458D-AB2C-40F215767514}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F61FFEC1-754F-11D0-80CA-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F8C2AB3B-17BC-41DA-9758-339D7DBF2D88}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Classes\exefile: <===== ATTENTION
End
*****************
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => value removed successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => key removed successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => key not found.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully.
ahb5cfw4 => service not found.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Honza\Honza.dat => moved successfully
C:\Users\Honza\Honza1.dat => moved successfully
"C:\Users\Honza\AppData\Local\Temp" folder move:
Could not move "C:\Users\Honza\AppData\Local\Temp" => Scheduled to move on reboot.
C:\ProgramData\Temp => ":07F6D9E4" ADS removed successfully..
C:\ProgramData\Temp => ":2430E4FC" ADS removed successfully..
C:\ProgramData\Temp => ":268F887D" ADS removed successfully..
C:\ProgramData\Temp => ":4BB26BE9" ADS removed successfully..
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully..
C:\ProgramData\Temp => ":6FB93194" ADS removed successfully..
C:\ProgramData\Temp => ":8530A643" ADS removed successfully..
C:\ProgramData\Temp => ":9E22BBE8" ADS removed successfully..
C:\ProgramData\Temp => ":BFBB0142" ADS removed successfully..
C:\ProgramData\Temp => ":E36F5B57" ADS removed successfully..
C:\ProgramData\Temp => ":E7BA7168" ADS removed successfully..
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{056440FD-8568-48E7-A632-72157243B55B}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1EEB5B5A-06FB-4732-96B3-975C0194EB39}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4516CEE1-97DA-4030-A444-2D8E296B96B6}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4BEC2015-BFA1-42FA-9C0C-59431BBE880E}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{5858A72C-C2B4-4DD7-B2BF-B76DB1BD9F6C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6746C347-576B-4F73-9012-CDFEEA251BC4}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6756A641-DE71-11D0-831B-00AA005B4383}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6F237DF9-9DDB-47AD-B218-400D54C286AD}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76BE8257-C4C0-4D37-90C0-A23372254D27}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{896664F7-12E1-490F-8782-C0835AFD98FC}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A3C3D402-E56C-4033-95F7-4885E80B0111}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B2952B16-0E07-4E5A-B993-58C52CB94CAE}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B77B1CBF-E827-44A9-A33A-6CCFEEAA142A}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D34A6CA6-62C2-4C34-8A7C-14709C1AD938}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DB6EFB73-5153-43B7-8078-C6FFC4C0238C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F60163CE-2B8D-458D-AB2C-40F215767514}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F61FFEC1-754F-11D0-80CA-00AA005B4383}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F8C2AB3B-17BC-41DA-9758-339D7DBF2D88}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Classes\exefile" => key removed successfully.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-22 13:45:41)
C:\Users\Honza\AppData\Local\Temp => moved successfully
==== End of Fixlog 13:45:41 ====
====================================================================================
Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by Honza (2016-03-22 13:43:09) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
U3 ahb5cfw4; C:\windows\system32\Drivers\ahb5cfw4.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Honza\Honza.dat
C:\Users\Honza\Honza1.dat
C:\Users\Honza\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:07F6D9E4 [122]
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [132]
AlternateDataStreams: C:\ProgramData\Temp:268F887D [150]
AlternateDataStreams: C:\ProgramData\Temp:4BB26BE9 [250]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [250]
AlternateDataStreams: C:\ProgramData\Temp:6FB93194 [266]
AlternateDataStreams: C:\ProgramData\Temp:8530A643 [130]
AlternateDataStreams: C:\ProgramData\Temp:9E22BBE8 [124]
AlternateDataStreams: C:\ProgramData\Temp:BFBB0142 [118]
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 [270]
AlternateDataStreams: C:\ProgramData\Temp:E7BA7168 [117]
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{056440FD-8568-48E7-A632-72157243B55B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1EEB5B5A-06FB-4732-96B3-975C0194EB39}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4516CEE1-97DA-4030-A444-2D8E296B96B6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4BEC2015-BFA1-42FA-9C0C-59431BBE880E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{5858A72C-C2B4-4DD7-B2BF-B76DB1BD9F6C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6746C347-576B-4F73-9012-CDFEEA251BC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6756A641-DE71-11D0-831B-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6F237DF9-9DDB-47AD-B218-400D54C286AD}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76BE8257-C4C0-4D37-90C0-A23372254D27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{896664F7-12E1-490F-8782-C0835AFD98FC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A3C3D402-E56C-4033-95F7-4885E80B0111}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B2952B16-0E07-4E5A-B993-58C52CB94CAE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B77B1CBF-E827-44A9-A33A-6CCFEEAA142A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D34A6CA6-62C2-4C34-8A7C-14709C1AD938}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DB6EFB73-5153-43B7-8078-C6FFC4C0238C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F60163CE-2B8D-458D-AB2C-40F215767514}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F61FFEC1-754F-11D0-80CA-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F8C2AB3B-17BC-41DA-9758-339D7DBF2D88}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Classes\exefile: <===== ATTENTION
End
*****************
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => value removed successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => key removed successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => key not found.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully.
ahb5cfw4 => service not found.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Honza\Honza.dat => moved successfully
C:\Users\Honza\Honza1.dat => moved successfully
"C:\Users\Honza\AppData\Local\Temp" folder move:
Could not move "C:\Users\Honza\AppData\Local\Temp" => Scheduled to move on reboot.
C:\ProgramData\Temp => ":07F6D9E4" ADS removed successfully..
C:\ProgramData\Temp => ":2430E4FC" ADS removed successfully..
C:\ProgramData\Temp => ":268F887D" ADS removed successfully..
C:\ProgramData\Temp => ":4BB26BE9" ADS removed successfully..
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully..
C:\ProgramData\Temp => ":6FB93194" ADS removed successfully..
C:\ProgramData\Temp => ":8530A643" ADS removed successfully..
C:\ProgramData\Temp => ":9E22BBE8" ADS removed successfully..
C:\ProgramData\Temp => ":BFBB0142" ADS removed successfully..
C:\ProgramData\Temp => ":E36F5B57" ADS removed successfully..
C:\ProgramData\Temp => ":E7BA7168" ADS removed successfully..
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{056440FD-8568-48E7-A632-72157243B55B}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1EEB5B5A-06FB-4732-96B3-975C0194EB39}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4516CEE1-97DA-4030-A444-2D8E296B96B6}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4BEC2015-BFA1-42FA-9C0C-59431BBE880E}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{5858A72C-C2B4-4DD7-B2BF-B76DB1BD9F6C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6746C347-576B-4F73-9012-CDFEEA251BC4}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6756A641-DE71-11D0-831B-00AA005B4383}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{6F237DF9-9DDB-47AD-B218-400D54C286AD}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{76BE8257-C4C0-4D37-90C0-A23372254D27}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{896664F7-12E1-490F-8782-C0835AFD98FC}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A3C3D402-E56C-4033-95F7-4885E80B0111}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B2952B16-0E07-4E5A-B993-58C52CB94CAE}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B77B1CBF-E827-44A9-A33A-6CCFEEAA142A}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D34A6CA6-62C2-4C34-8A7C-14709C1AD938}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DB6EFB73-5153-43B7-8078-C6FFC4C0238C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F60163CE-2B8D-458D-AB2C-40F215767514}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F61FFEC1-754F-11D0-80CA-00AA005B4383}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{F8C2AB3B-17BC-41DA-9758-339D7DBF2D88}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}" => key removed successfully.
"HKU\S-1-5-21-3046079806-2612904832-3248945475-1000\Software\Classes\exefile" => key removed successfully.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-22 13:45:41)
C:\Users\Honza\AppData\Local\Temp => moved successfully
==== End of Fixlog 13:45:41 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: combo fix - kontrola logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: combo fix - kontrola logu
Firefox už zase funguje celkem normálně. Celkově se ale počítač pořád občas zpomaluje, a to hlavně při startu, nebo když ho třeba nechám půl hodiny běžet a pak se chci vrátit k přerušené práci. Problém s wi-fi přetrvává. Také občas blikne monitor - to se údajně stává, když mám stažené nekompatibilní ovladače. I tento problém jsem měl před použitím FRST a nenastala v něm žádná změna.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: combo fix - kontrola logu
Jaký má wifi problém?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: combo fix - kontrola logu
Už jsem o něm tady psal - správce zařízení tvrdí, že ovladače jsou v pořádku a správně fungují (také jsem je přeinstalovával), ale v záložce
Ovladaci panely -> Sit a internet -> Centrum sitovych pripojeni a sdileni -> Zmenit nastaveni adapteru
(Control panel -> Network and internet -> Network and sharing center -> Change adapter settings)
není detekovaná žádná síť, a v záložce Spravovat bezdratove site (Manage wireless network) jsou bezdrátová zařízení označena jako nepřipojená. Když v této záložce spustím diagnostiku, načte to aspoň seznam bezdrátových sítí v ikonce vpravo dole vedle datumu (který se předtím bez zapojeného síťového kabelu nenačte a ikonka je červeně přeškrtnutá), ale nejde se k nim připojit, v záložce Change adapter settings zůstanou sítě nedetekované. Diagnostika dále tvrdí, že Automatická konfigurace sítě (W)LAN je vypnutá a mám ji zapnout, když ji ale vyhledám pomocí
Start >> Všechny programy >> Příslušenství >> Spustit >> services.msc+Enter,
v seznamu služeb je uvedená jako zapnutá. Jejím restartem se nic nezlepší. Už fakt nevím co s tím, asi to bude chyba v hardwaru, co? Je to vlastně trochu jiné téma, než s tím logem, omlouvám se, že s tím obtěžuju v rámci tohoho tématu. Ještě jednou díky.
Ovladaci panely -> Sit a internet -> Centrum sitovych pripojeni a sdileni -> Zmenit nastaveni adapteru
(Control panel -> Network and internet -> Network and sharing center -> Change adapter settings)
není detekovaná žádná síť, a v záložce Spravovat bezdratove site (Manage wireless network) jsou bezdrátová zařízení označena jako nepřipojená. Když v této záložce spustím diagnostiku, načte to aspoň seznam bezdrátových sítí v ikonce vpravo dole vedle datumu (který se předtím bez zapojeného síťového kabelu nenačte a ikonka je červeně přeškrtnutá), ale nejde se k nim připojit, v záložce Change adapter settings zůstanou sítě nedetekované. Diagnostika dále tvrdí, že Automatická konfigurace sítě (W)LAN je vypnutá a mám ji zapnout, když ji ale vyhledám pomocí
Start >> Všechny programy >> Příslušenství >> Spustit >> services.msc+Enter,
v seznamu služeb je uvedená jako zapnutá. Jejím restartem se nic nezlepší. Už fakt nevím co s tím, asi to bude chyba v hardwaru, co? Je to vlastně trochu jiné téma, než s tím logem, omlouvám se, že s tím obtěžuju v rámci tohoho tématu. Ještě jednou díky.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: combo fix - kontrola logu
Zkuste odebrat (odinstalovat) wifi adaptér. Pak restartujte a při novém startu by se měl znovu načíst. Pak vyzkoušejte funkci.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: combo fix - kontrola logu
Bohužel, nepomohlo to 
Zkoušel jsem použít i rok starý backup registrů - bez výsledku. Je to typ Atheros AR9285. Na netu jsem koukal, že někteří lidé mají podobný problém, tak zkusím využít jejich rad.
Zkoušel jsem použít i rok starý backup registrů - bez výsledku. Je to typ Atheros AR9285. Na netu jsem koukal, že někteří lidé mají podobný problém, tak zkusím využít jejich rad.
Přispějete na provoz fóra?