VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=149723

Stránka 1 z 2

Prosím o kontrolu logu

Napsal: 15 srp 2016 15:55
od Freedy
Zdravím, potřeboval bych pomoct, nějakou havěť jsem si stáhnul do počítače a chová se to tak, že při každém prvním otevření jakého-li prohlížeče jsem přesměrován na nějaké stránky , místo na domovskou, přikládám log, děkuji.Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-08-2016
Ran by Karlos (administrator) on KARLOS-PC (15-08-2016 16:41:32)
Running from C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\IE\B4X92HWV
Loaded Profiles: Karlos (Available Profiles: Karlos & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Autodata Limited) C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(Kenonic Controls Ltd.) C:\Windows\System32\Crypserv.exe
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
() C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5299984 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3280728 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [ESET NOD32 Antivirus Key 2015 ] => wscript.exe //B "C:\Users\Karlos\AppData\Local\Temp\ESET NOD32 Antivirus Key 2015 .vbs" <===== ATTENTION
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [icq.desktop] => C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe [31181448 2016-06-26] ()
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} => C:\Program Files\Grevuied\Wsetlarient\Fezughruiy.dll [2016-08-11] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{54d6e673-9ea9-4dce-ad70-2a74493c8453}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-05-16] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2016-04-01] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2016-02-06] (Autodata Limited) [File not signed]
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1639832 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4097280 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [906512 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [632632 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [52224 2000-06-29] (Kenonic Controls Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082200 2015-11-30] (Disc Soft Ltd)
R2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2016-05-16] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19584 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [67336 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [259328 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [201472 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [246536 2016-07-20] (AVG Technologies CZ, s.r.o.)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [29496 2016-07-23] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [225592 2016-07-23] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-01-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-01-06] (Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [24608 2000-02-03] () [File not signed]
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
S3 DUMeterDrv; \??\C:\Program Files\DU Meter\DUMETR32.SYS [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-15 16:41 - 2016-08-15 16:41 - 00000000 ____D C:\FRST
2016-08-14 16:38 - 2016-08-14 16:02 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw192C.tmp
2016-08-14 16:38 - 2016-08-14 16:02 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw181B.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00734840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw183B.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00434144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw191B.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00118664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw199A.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw18FA.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw186B.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw190A.tmp
2016-08-14 16:38 - 2016-08-14 16:01 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw18E9.tmp
2016-08-14 16:13 - 2016-08-14 16:13 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Šablony
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Poslední
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-14 16:13 - 2016-01-09 16:51 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-08-14 16:04 - 2016-08-14 16:04 - 00000000 ____D C:\Users\Karlos\AppData\Local\CEF
2016-08-14 16:02 - 2016-08-14 16:02 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\AVAST Software
2016-08-14 16:01 - 2016-08-14 16:01 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-08-14 16:01 - 2016-08-14 16:01 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-14 16:00 - 2016-08-14 16:39 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-14 16:00 - 2016-08-14 16:02 - 00000000 ____D C:\Program Files\AVAST Software
2016-08-14 15:34 - 2016-08-14 15:37 - 00000000 ____D C:\AdwCleaner
2016-08-14 07:47 - 2016-08-14 07:47 - 00000000 ____D C:\$SysReset
2016-08-13 21:18 - 2016-08-14 15:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-13 18:23 - 2016-08-13 18:23 - 00000000 ____D C:\ProgramData\GridinSoft
2016-08-13 16:33 - 2016-08-13 16:33 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\AVG
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\TuneUp Software
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-13 16:30 - 2016-08-13 16:30 - 00000000 ___HD C:\$AVG
2016-08-13 16:29 - 2016-08-15 16:35 - 00000000 ____D C:\ProgramData\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000913 _____ C:\Users\Public\Desktop\AVG.lnk
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\Users\Karlos\AppData\Local\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-11 16:45 - 2016-08-11 16:53 - 00000000 ____D C:\Program Files\Seznam.cz
2016-08-11 16:44 - 2016-08-11 16:54 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Seznam.cz
2016-08-11 16:37 - 2016-08-13 07:34 - 00000000 ____D C:\Program Files\Grevuied
2016-08-11 16:37 - 2016-08-11 16:37 - 00000000 ____D C:\Users\Karlos\AppData\Local\Vcdomgherrepy
2016-08-11 16:32 - 2016-08-11 16:37 - 47011315 _____ C:\Users\Karlos\Desktop\Rambo-3-(CZ).avi.05skt3c.partial
2016-08-10 16:49 - 2016-08-03 08:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 16:49 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 16:49 - 2016-08-03 07:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 16:49 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 16:49 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 16:49 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 16:49 - 2016-08-03 07:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 16:49 - 2016-08-03 07:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 16:49 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 16:49 - 2016-08-03 07:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 16:49 - 2016-08-03 07:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 16:49 - 2016-08-03 07:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 16:49 - 2016-08-03 07:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 16:49 - 2016-08-03 07:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 16:49 - 2016-08-03 06:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 16:49 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 16:49 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 16:49 - 2016-08-03 06:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 16:49 - 2016-08-03 06:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 16:49 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 16:49 - 2016-08-03 06:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 16:49 - 2016-08-03 06:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 16:49 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 16:49 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 16:49 - 2016-08-03 06:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 16:49 - 2016-08-03 06:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 16:49 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 16:49 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 16:49 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 16:49 - 2016-08-03 06:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 16:49 - 2016-08-03 06:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 16:49 - 2016-08-03 06:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 16:49 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 16:49 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-08 15:47 - 2016-08-08 16:28 - 742450786 _____ C:\Users\Karlos\Desktop\Rambo-2.avi
2016-08-05 18:13 - 2016-08-05 18:13 - 00016128 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\gtkdrv.sys
2016-08-02 17:13 - 2016-08-02 17:18 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\MOBILedit
2016-08-02 17:13 - 2016-08-02 17:13 - 00000000 ____D C:\Users\Karlos\Documents\MOBILedit! Enterprise
2016-08-02 17:09 - 2016-08-02 17:09 - 00000000 ____D C:\Program Files\Compiled Driver Disk (Android)
2016-08-02 17:09 - 2014-09-29 14:03 - 00015616 _____ (Motorola) C:\WINDOWS\system32\mot_ci.dll
2016-08-02 17:08 - 2016-08-02 17:08 - 00000000 ____D C:\Program Files\Phone Drivers Downloader
2016-08-02 17:07 - 2016-08-02 17:07 - 00001135 _____ C:\Users\Public\Desktop\MOBILedit! Enterprise.lnk
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit! Enterprise
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\COMPELSON Labs
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Users\Public\Documents\MobilEdit! Enterprise
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\MOBILedit! Enterprise
2016-08-02 17:06 - 2016-06-06 20:39 - 00028818 _____ C:\Users\Public\Documents\Wipe Exclude.txt
2016-08-02 17:05 - 2016-08-02 17:06 - 00000000 ____D C:\Users\Karlos\Desktop\Nová složka (11)
2016-08-02 17:05 - 2016-08-02 15:26 - 105343492 ____N C:\Users\Karlos\Desktop\MOBILedit!-Enterprise-8.6.0.20253-CZ-(x32x64).rar
2016-07-24 16:17 - 2016-07-24 16:17 - 27712476 _____ C:\Users\Karlos\Desktop\WhatsApp Messenger_v2.16.188_apkpure.com.apk
2016-07-24 07:46 - 2013-07-07 22:41 - 01086533 _____ C:\Users\Karlos\Desktop\DroidCam.3.6.2.exe
2016-07-24 07:45 - 2016-07-24 07:45 - 01069964 _____ C:\Users\Karlos\Desktop\DroidCam-3-6-2.zip
2016-07-23 18:25 - 2016-07-24 07:51 - 00000022 _____ C:\ProgramData\droidcam-settings
2016-07-23 18:25 - 2016-07-23 18:25 - 00000000 ____D C:\Users\Karlos\.android
2016-07-23 18:24 - 2016-07-23 18:24 - 00708871 _____ C:\Users\Karlos\Desktop\DroidCam_Client_6.0.zip
2016-07-23 18:24 - 2016-07-23 18:24 - 00225592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\droidcamvideo.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00029496 _____ (Dev47Apps) C:\WINDOWS\system32\Drivers\droidcam.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00001049 _____ C:\Users\Karlos\Desktop\DroidCamApp.lnk
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Program Files\DroidCam
2016-07-22 17:20 - 2016-07-22 17:20 - 00000000 __SHD C:\found.003
2016-07-20 08:46 - 2016-07-20 08:46 - 00246536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys
2016-07-19 18:15 - 2016-07-19 18:15 - 28588344 _____ (Mobo, Inc.) C:\Users\Karlos\Desktop\MoboMarketPC(official).exe
2016-07-19 17:57 - 2016-07-19 17:58 - 17961047 _____ C:\Users\Karlos\Desktop\TeamViewer-(1).apk
2016-07-19 12:28 - 2016-07-19 12:28 - 00201472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2016-07-16 18:28 - 2016-07-16 18:29 - 02693342 _____ C:\Users\Karlos\Desktop\605rt_126-263.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-14 20:44 - 2016-05-16 16:40 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-14 15:38 - 2016-01-09 16:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-14 15:37 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-14 15:17 - 2016-05-16 16:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-13 18:27 - 2016-05-16 16:37 - 00001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-13 18:27 - 2016-01-09 17:29 - 00001532 _____ C:\Users\Karlos\Desktop\iexplore – zástupce.lnk
2016-08-13 16:34 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-13 16:33 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\Avg
2016-08-13 16:31 - 2015-10-30 07:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-13 16:31 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\ProgramData\Avg
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\Program Files\AVG
2016-08-13 16:29 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\AvgSetupLog
2016-08-13 15:55 - 2009-07-14 04:37 - 00000000 ____D C:\Users\Default.migrated
2016-08-12 21:49 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-12 17:26 - 2016-01-01 17:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 17:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-12 17:26 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 17:23 - 2016-01-01 17:24 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-11 16:40 - 2016-01-09 16:46 - 01993368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-11 16:40 - 2015-10-30 17:08 - 00828410 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-11 16:40 - 2015-10-30 17:08 - 00184778 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-11 16:37 - 2016-05-16 16:37 - 00001300 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-03 08:21 - 2012-07-26 10:18 - 00400304 __RSH C:\bootmgr
2016-08-02 21:11 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-07-28 21:33 - 2016-01-09 16:47 - 00000000 ____D C:\Users\Karlos
2016-07-27 21:25 - 2016-01-01 17:26 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-24 16:21 - 2016-01-09 17:05 - 00002390 _____ C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-24 16:21 - 2016-01-09 17:05 - 00000000 ___RD C:\Users\Karlos\OneDrive
2016-07-24 16:16 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-23 16:15 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-21 20:54 - 2016-01-09 16:41 - 00286048 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2016-06-12 16:14 - 2016-06-12 16:24 - 0000136 _____ () C:\Users\Karlos\AppData\Local\trueburner.ini
2016-07-23 18:25 - 2016-07-24 07:51 - 0000022 _____ () C:\ProgramData\droidcam-settings
2016-02-07 16:12 - 2016-02-07 16:12 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Karlos\AppData\Local\Temp\bitool.dll
C:\Users\Karlos\AppData\Local\Temp\Firefox Setup 45.0.exe
C:\Users\Karlos\AppData\Local\Temp\KB2zugUWzX.exe
C:\Users\Karlos\AppData\Local\Temp\libeay32.dll
C:\Users\Karlos\AppData\Local\Temp\msvcr120.dll
C:\Users\Karlos\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Karlos\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Karlos\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Karlos\AppData\Local\Temp\sfareca00001.dll
C:\Users\Karlos\AppData\Local\Temp\sqlite3.dll
C:\Users\Karlos\AppData\Local\Temp\ssins.exe
C:\Users\Karlos\AppData\Local\Temp\temp~.DLL
C:\Users\Karlos\AppData\Local\Temp\temp~.EXE
C:\Users\Karlos\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-07 16:16

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-08-2016
Ran by Karlos (15-08-2016 16:42:20)
Running from C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\IE\B4X92HWV
Microsoft Windows 10 Pro Version 1511 (X86) (2016-01-09 15:00:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-507802796-3567890678-1958908832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-507802796-3567890678-1958908832-503 - Limited - Disabled)
Guest (S-1-5-21-507802796-3567890678-1958908832-501 - Limited - Disabled)
Karlos (S-1-5-21-507802796-3567890678-1958908832-1000 - Administrator - Enabled) => C:\Users\Karlos

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1Click DVD Copy 5.9.5.1 (HKLM\...\1Click DVD Copy 5_is1) (Version: - LG Software Innovations)
Adobe Flash Player 21 NPAPI (HKLM\...\{A7DC9721-4986-4179-BB89-A3E99545584C}) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
APM TEC (HKLM\...\APM TEC) (Version: - )
AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies)
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4647 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compiled Driver Disk (Android) 1.0 (HKLM\...\{759A91E8-0024-45F3-A8F3-CDC5E13B4425}_is1) (Version: 1.0.9.7 - COMPELSON Labs)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
ICQ (verze 10.0.12094) (HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\icq.desktop) (Version: 10.0.12094 - ICQ)
Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
Kontrola české gramatiky pro sadu Microsoft Office 2003 (HKLM\...\{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830 (HKLM\...\{F68B404C-0E04-337F-A132-796508EE337A}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830 (HKLM\...\{50AF8559-F490-381F-A6E7-06A07DE227DC}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20827 (HKLM\...\{97D5031E-CCC0-3AA1-ADE7-6E5E7C032DD5}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20827 (HKLM\...\{3C21516E-0FDA-3794-B714-B6612BA58BDF}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
MOBILedit! Enterprise ver. 8.6.0.20253 (HKLM\...\{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1) (Version: 8.6.0.20253 - COMPELSON Labs)
MOBILedit! Support Libraries (HKLM\...\{9DF587A2-054C-46A2-9B1A-4A230F389E4B}) (Version: 12.0.0 - COMPELSON Labs)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NirSoft WebBrowserPassView (HKLM\...\NirSoft WebBrowserPassView) (Version: - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation)
Ovládací panel NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
Phone Drivers Downloader 1.1 (HKLM\...\{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1) (Version: 1.1.0.0 - COMPELSON Labs)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Redneck Rampage (DOSBox emulation 0.74) (HKLM\...\Redneck Rampage (DOSBox emulation 0.74)) (Version: - )
SEDREAP (HKLM\...\SEDREAP) (Version: - )
Sentinel Protection Installer 7.6.4 (HKLM\...\{7444785E-886F-4989-A69E-6394E36F3982}) (Version: 7.6.4 - SafeNet, Inc.)
Seznam Instalátor (HKLM\...\ssinstall) (Version: - Seznam.cz)
Sniper Elite: Nazi Zombie Army 2 (HKLM\...\Sniper Elite: Nazi Zombie Army 2_is1) (Version: 1.0 - Rebellion)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
True Burner 4.0 (HKLM\...\True Burner_is1) (Version: - Glorylogic)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {069699DE-7EEF-46C1-9AF9-99954B4D03B2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec [Argument = /RestartRecording]
Task: {07AF37D7-0126-4E09-8F06-0F59C37E9D14} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {104432EF-DE32-44C9-AF3C-775D4A0CC52F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {17A130F7-417A-42AE-9727-3E699D436C49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-12] (Microsoft Corporation)
Task: {19698FB3-4D0D-4081-A5BE-ED461EC3EF12} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {30F46781-E4BA-4C19-BC4E-52EEBE4C918C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5B00390F-290C-4174-890E-20B95F1F7A2D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5E3B2ECC-EA6F-4C81-B222-9B9615036FA8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {664B7F0B-FE77-456C-A5AB-073AA3F78340} - System32\Tasks\{0E4D7645-5EAC-4EF9-AD7C-C455A6F45F62} => pcalua.exe -a G:\setup.exe -d G:\
Task: {66AC3831-C3EB-4C54-A6C3-6772AACCF1FD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6C879690-8006-4E79-8EBB-ED538568118F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {720D8264-2CA9-4F83-9CA4-BBC1936C71E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {753D62B2-EFFF-4E82-85C8-8F9CA6FC7C0B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {762BFCC0-2C89-4356-AEFB-58C1C175DDF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {864DC5EE-F4B1-41D1-99ED-985DC15B79B4} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {86E9959D-5332-45AF-84F6-A91DB86BD2FC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A3449EDD-4753-49A5-9154-531068A23026} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23] (Adobe Systems Incorporated)
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AF03CC9C-9689-4C41-92BD-760168A26B4A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C2CC6A77-82D8-43B5-AE8E-56C44024FE83} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C798951F-918D-4D7A-9032-3488ABBB7874} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2F333F7-4F5A-49C4-8644-93B324063C22} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate [Argument = -crl -hms -pscn 15]
Task: {D42CF679-5305-4DA3-8E9D-9E2040287420} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D4EA3BA7-CE3D-44B9-B348-F0BAA3102761} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0EBF89E-E0A1-43A8-B8E6-283EF24CEFFC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-16] (Adobe Systems Incorporated)
Task: {E346BDC0-0AE4-4640-A78A-D8273A3A44CC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F693F6CF-BFC9-4BD2-BFFC-AF27456364C2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate [Argument = $(Arg0)]
Task: {FFC02038-0E74-4686-AF19-1E83B63662CC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Karlos\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
Shortcut: C:\Users\Karlos\Desktop\Redneck Rampage.lnk -> C:\Old\Play.bat ()
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Peugeot Planet Diag.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD (Console Mode).lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Stop PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\ppd_restart.lnk -> C:\app\ppdiag\Utils\ppd_restart.bat (No File)
Shortcut: C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com/

ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore – zástupce.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-24 16:21 - 2016-07-24 16:21 - 00679624 _____ () C:\Users\Karlos\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-01-09 16:32 - 2016-01-09 16:32 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 17:06 - 2016-07-01 05:31 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 17:07 - 2016-07-01 05:13 - 05340160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 17:06 - 2016-07-01 05:08 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 17:07 - 2016-07-01 05:08 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 17:07 - 2016-07-01 05:11 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-13 16:29 - 2016-08-13 16:28 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2016-06-26 15:53 - 2016-06-26 15:53 - 31181448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
2016-06-26 15:53 - 2016-06-26 15:53 - 03917448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\corelib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "DLLSuite2016"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "Sidebar"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "DU Meter"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{FB038FC8-9693-4B83-BE10-942C76F43ACE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7340EC25-7E11-457A-A456-EA31A3091255}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{91D1AE8A-561D-4042-A8FE-5E493B5C7561}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C9B745BD-5BC7-4C6F-BE3D-C135F470D7DD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0A77F6C5-A37B-43D4-853B-633E4FE2A80A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B9B356B0-E912-451A-A203-C01B613EEA61}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B907EA70-B64D-436E-AC4F-52C8E7C3D901}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FF92B4FC-B338-4EBF-B212-2750165C3517}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D197AC91-D654-4C6B-AA61-2FA083E09803}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DB7725F6-53D9-458A-A49F-C29AE17B2C8E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6A11E5B9-67F3-463A-933D-E7F9C448B751}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{093E93A2-07F9-43E1-95B4-5CBD4B02A8CA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{012FD51A-7FF2-4FB5-878D-36962D78140F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EC14E70B-E648-43A4-BB48-ECC8C930945D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AE2B2EAE-42F0-4896-8D44-4512D92D281C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4FA199CF-127D-40BA-BE11-0A99B9610D39}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C90F283B-DE3E-4A31-8EC9-0D827E18B7CE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{D6644056-8D41-4BC3-B21C-5BB3F308A2A1}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [UDP Query User{1E6F1AC1-FD1A-4C38-A3CA-0A236DB31ADB}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{D944CFE1-6F10-466F-B19B-068FF371C0A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1F4D2162-FB23-4929-8C02-8A8FBFCAA2E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4FF12F52-1B0F-48E4-AD9A-919B025BCF8B}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{71051B3D-DFA6-499E-85F0-5D7375A4B067}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{8D212543-8155-4DF0-B315-B10CAE33D824}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{7A8B4247-32AA-4BCB-8420-3ECDCD45E40D}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{6C57DE51-9E73-44D6-862C-5D22EB7B27D6}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{076CB8CB-9974-435B-B91A-04800865A0C4}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{25F23480-A1C3-4B07-995C-01EA19A80638}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{34BCA292-EACF-4205-8440-033952F8CDBA}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{C9441531-1ABA-4C63-9B14-3B205BADA8B3}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{19A0D442-9CA0-40F1-B46E-F78185B5BF6A}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{8AF8F0CF-462D-47A1-B387-4004D138B2EF}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{6F961BF1-7529-4FEB-AAD1-2E7E722A79D8}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{18D6E699-7FB5-4D5B-84AC-B992616EE82E}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{FB733D04-524E-401E-BE7D-36CE6E0E8B88}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe

==================== Restore Points =========================

02-08-2016 17:07:02 Nainstalováno: MOBILedit! Support Libraries
12-08-2016 17:19:58 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/14/2016 07:38:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x631e56b6
ID chybujícího procesu: 0x7bc
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5

Error: (08/14/2016 04:04:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Karlos-PC)
Description: Aplikaci Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/14/2016 04:03:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/14/2016 04:02:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1 se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 06:29:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 06:25:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 03:57:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 03:46:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 07:38:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_MapsBroker, verze: 10.0.10586.0, časové razítko: 0x5632d73f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x8400000f
Posun chyby: 0x00000000
ID chybujícího procesu: 0xd58
Čas spuštění chybující aplikace: 0xsvchost.exe_MapsBroker0
Cesta k chybující aplikaci: svchost.exe_MapsBroker1
Cesta k chybujícímu modulu: svchost.exe_MapsBroker2
ID zprávy: svchost.exe_MapsBroker3
Úplný název chybujícího balíčku: svchost.exe_MapsBroker4
ID aplikace související s chybujícím balíčkem: svchost.exe_MapsBroker5

Error: (08/12/2016 09:14:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: Fezughruiy.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x57ac32e7
Kód výjimky: 0xc0000005
Posun chyby: 0x000056b6
ID chybujícího procesu: 0x17c0
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5


System errors:
=============
Error: (08/15/2016 04:30:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Wsetlarient Community neuspěla při spuštění v důsledku následující chyby:
%%3 = Systém nemůže nalézt uvedenou cestu.

Error: (08/14/2016 09:42:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_22104 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/14/2016 07:38:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wsetlarient Community byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/14/2016 04:04:33 PM) (Source: DCOM) (EventID: 10010) (User: Karlos-PC)
Description: MicrosoftEdge.AppXg58n4jqcxjfvb6epaz8mmvfjtq8mhj65.mca

Error: (08/14/2016 03:38:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
%%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (08/14/2016 03:37:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_223a5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/14/2016 03:37:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056 = Instance této služby je již spuštěna.

Error: (08/14/2016 03:36:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/14/2016 03:36:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér naslouchání Net.Msmq byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (08/14/2016 03:36:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Reimage Real Time Protector byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2016-08-13 07:35:45.164
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-11 16:51:38.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:38.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:38.776
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:38.746
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:08.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:08.605
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:08.571
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:08.556
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:06.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 55%
Total physical RAM: 3327.18 MB
Available physical RAM: 1474.32 MB
Total Virtual: 6655.18 MB
Available Virtual: 5013.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.65 GB) (Free:23.09 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (Sniper Elite: Nazi Zombie Army 2) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF
Drive g: (ACTIAO2014) (CDROM) (Total:0.78 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 38023802)
Partition 1: (Active) - (Size=297.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Re: Prosím o kontrolu logu

Napsal: 15 srp 2016 17:18
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o kontrolu logu

Napsal: 16 srp 2016 16:30
od Freedy
Tak jsem stáhnul ten program a pročistil jím počítač, našlo to 11 věcí a smazalo , zkusil jsem to ještě jednou a už nic, ale stále přetrvává to přesměrování, posílám další log, díky.



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-08-2016 01
Ran by Karlos (16-08-2016 17:21:31)
Running from C:\Users\Karlos\Desktop
Microsoft Windows 10 Pro Version 1511 (X86) (2016-01-09 15:00:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-507802796-3567890678-1958908832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-507802796-3567890678-1958908832-503 - Limited - Disabled)
Guest (S-1-5-21-507802796-3567890678-1958908832-501 - Limited - Disabled)
Karlos (S-1-5-21-507802796-3567890678-1958908832-1000 - Administrator - Enabled) => C:\Users\Karlos

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1Click DVD Copy 5.9.5.1 (HKLM\...\1Click DVD Copy 5_is1) (Version: - LG Software Innovations)
Adobe Flash Player 21 NPAPI (HKLM\...\{A7DC9721-4986-4179-BB89-A3E99545584C}) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
APM TEC (HKLM\...\APM TEC) (Version: - )
AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies)
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4647 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compiled Driver Disk (Android) 1.0 (HKLM\...\{759A91E8-0024-45F3-A8F3-CDC5E13B4425}_is1) (Version: 1.0.9.7 - COMPELSON Labs)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
ICQ (verze 10.0.12094) (HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\icq.desktop) (Version: 10.0.12094 - ICQ)
Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
Kontrola české gramatiky pro sadu Microsoft Office 2003 (HKLM\...\{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830 (HKLM\...\{F68B404C-0E04-337F-A132-796508EE337A}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830 (HKLM\...\{50AF8559-F490-381F-A6E7-06A07DE227DC}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20827 (HKLM\...\{97D5031E-CCC0-3AA1-ADE7-6E5E7C032DD5}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20827 (HKLM\...\{3C21516E-0FDA-3794-B714-B6612BA58BDF}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
MOBILedit! Enterprise ver. 8.6.0.20253 (HKLM\...\{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1) (Version: 8.6.0.20253 - COMPELSON Labs)
MOBILedit! Support Libraries (HKLM\...\{9DF587A2-054C-46A2-9B1A-4A230F389E4B}) (Version: 12.0.0 - COMPELSON Labs)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NirSoft WebBrowserPassView (HKLM\...\NirSoft WebBrowserPassView) (Version: - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation)
Ovládací panel NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
Phone Drivers Downloader 1.1 (HKLM\...\{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1) (Version: 1.1.0.0 - COMPELSON Labs)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Redneck Rampage (DOSBox emulation 0.74) (HKLM\...\Redneck Rampage (DOSBox emulation 0.74)) (Version: - )
SEDREAP (HKLM\...\SEDREAP) (Version: - )
Sentinel Protection Installer 7.6.4 (HKLM\...\{7444785E-886F-4989-A69E-6394E36F3982}) (Version: 7.6.4 - SafeNet, Inc.)
Seznam Instalátor (HKLM\...\ssinstall) (Version: - Seznam.cz)
Sniper Elite: Nazi Zombie Army 2 (HKLM\...\Sniper Elite: Nazi Zombie Army 2_is1) (Version: 1.0 - Rebellion)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
True Burner 4.0 (HKLM\...\True Burner_is1) (Version: - Glorylogic)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {069699DE-7EEF-46C1-9AF9-99954B4D03B2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {07AF37D7-0126-4E09-8F06-0F59C37E9D14} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {104432EF-DE32-44C9-AF3C-775D4A0CC52F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {17A130F7-417A-42AE-9727-3E699D436C49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-12] (Microsoft Corporation)
Task: {19698FB3-4D0D-4081-A5BE-ED461EC3EF12} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {30F46781-E4BA-4C19-BC4E-52EEBE4C918C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5B00390F-290C-4174-890E-20B95F1F7A2D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5E3B2ECC-EA6F-4C81-B222-9B9615036FA8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {664B7F0B-FE77-456C-A5AB-073AA3F78340} - System32\Tasks\{0E4D7645-5EAC-4EF9-AD7C-C455A6F45F62} => pcalua.exe -a G:\setup.exe -d G:\
Task: {66AC3831-C3EB-4C54-A6C3-6772AACCF1FD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6C879690-8006-4E79-8EBB-ED538568118F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {720D8264-2CA9-4F83-9CA4-BBC1936C71E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {753D62B2-EFFF-4E82-85C8-8F9CA6FC7C0B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {762BFCC0-2C89-4356-AEFB-58C1C175DDF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {864DC5EE-F4B1-41D1-99ED-985DC15B79B4} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {86E9959D-5332-45AF-84F6-A91DB86BD2FC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A3449EDD-4753-49A5-9154-531068A23026} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23] (Adobe Systems Incorporated)
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AF03CC9C-9689-4C41-92BD-760168A26B4A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C2CC6A77-82D8-43B5-AE8E-56C44024FE83} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C798951F-918D-4D7A-9032-3488ABBB7874} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2F333F7-4F5A-49C4-8644-93B324063C22} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D42CF679-5305-4DA3-8E9D-9E2040287420} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D4EA3BA7-CE3D-44B9-B348-F0BAA3102761} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0EBF89E-E0A1-43A8-B8E6-283EF24CEFFC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-16] (Adobe Systems Incorporated)
Task: {E346BDC0-0AE4-4640-A78A-D8273A3A44CC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F693F6CF-BFC9-4BD2-BFFC-AF27456364C2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {FFC02038-0E74-4686-AF19-1E83B63662CC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Karlos\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
Shortcut: C:\Users\Karlos\Desktop\Redneck Rampage.lnk -> C:\Old\Play.bat ()
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Peugeot Planet Diag.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD (Console Mode).lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Stop PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\ppd_restart.lnk -> C:\app\ppdiag\Utils\ppd_restart.bat (No File)
Shortcut: C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com/

ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore – zástupce.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 17:07 - 2016-07-01 06:38 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-24 16:21 - 2016-07-24 16:21 - 00679624 _____ () C:\Users\Karlos\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-01-09 16:32 - 2016-01-09 16:32 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 17:06 - 2016-07-01 05:31 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 17:07 - 2016-07-01 05:13 - 05340160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 17:06 - 2016-07-01 05:08 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 17:07 - 2016-07-01 05:08 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 17:07 - 2016-07-01 05:11 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-13 16:29 - 2016-08-13 16:28 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2016-06-26 15:53 - 2016-06-26 15:53 - 31181448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
2016-06-26 15:53 - 2016-06-26 15:53 - 03917448 _____ () C:\Users\Karlos\AppData\Roaming\ICQ\bin\corelib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "DLLSuite2016"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "Sidebar"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\StartupApproved\Run: => "DU Meter"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{FB038FC8-9693-4B83-BE10-942C76F43ACE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7340EC25-7E11-457A-A456-EA31A3091255}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{91D1AE8A-561D-4042-A8FE-5E493B5C7561}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C9B745BD-5BC7-4C6F-BE3D-C135F470D7DD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0A77F6C5-A37B-43D4-853B-633E4FE2A80A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B9B356B0-E912-451A-A203-C01B613EEA61}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B907EA70-B64D-436E-AC4F-52C8E7C3D901}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FF92B4FC-B338-4EBF-B212-2750165C3517}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D197AC91-D654-4C6B-AA61-2FA083E09803}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DB7725F6-53D9-458A-A49F-C29AE17B2C8E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6A11E5B9-67F3-463A-933D-E7F9C448B751}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{093E93A2-07F9-43E1-95B4-5CBD4B02A8CA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{012FD51A-7FF2-4FB5-878D-36962D78140F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EC14E70B-E648-43A4-BB48-ECC8C930945D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AE2B2EAE-42F0-4896-8D44-4512D92D281C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4FA199CF-127D-40BA-BE11-0A99B9610D39}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C90F283B-DE3E-4A31-8EC9-0D827E18B7CE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{D6644056-8D41-4BC3-B21C-5BB3F308A2A1}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [UDP Query User{1E6F1AC1-FD1A-4C38-A3CA-0A236DB31ADB}C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{D944CFE1-6F10-466F-B19B-068FF371C0A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1F4D2162-FB23-4929-8C02-8A8FBFCAA2E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4FF12F52-1B0F-48E4-AD9A-919B025BCF8B}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{71051B3D-DFA6-499E-85F0-5D7375A4B067}] => (Allow) C:\Program Files\DroidCam\DroidCamApp.exe
FirewallRules: [{8D212543-8155-4DF0-B315-B10CAE33D824}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{7A8B4247-32AA-4BCB-8420-3ECDCD45E40D}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{6C57DE51-9E73-44D6-862C-5D22EB7B27D6}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{076CB8CB-9974-435B-B91A-04800865A0C4}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{25F23480-A1C3-4B07-995C-01EA19A80638}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{34BCA292-EACF-4205-8440-033952F8CDBA}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{C9441531-1ABA-4C63-9B14-3B205BADA8B3}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{19A0D442-9CA0-40F1-B46E-F78185B5BF6A}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{8AF8F0CF-462D-47A1-B387-4004D138B2EF}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{6F961BF1-7529-4FEB-AAD1-2E7E722A79D8}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{18D6E699-7FB5-4D5B-84AC-B992616EE82E}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{FB733D04-524E-401E-BE7D-36CE6E0E8B88}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe

==================== Restore Points =========================

02-08-2016 17:07:02 Nainstalováno: MOBILedit! Support Libraries
12-08-2016 17:19:58 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/15/2016 08:30:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: Fezughruiy.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x57ac32e7
Kód výjimky: 0xc0000005
Posun chyby: 0x000056b6
ID chybujícího procesu: 0x1fc0
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5

Error: (08/14/2016 07:38:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.10586.494, časové razítko: 0x5775e1d8
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x631e56b6
ID chybujícího procesu: 0x7bc
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5

Error: (08/14/2016 04:04:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Karlos-PC)
Description: Aplikaci Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/14/2016 04:03:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/14/2016 04:02:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1 se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 06:29:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 06:25:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 03:57:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 03:46:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/13/2016 07:38:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_MapsBroker, verze: 10.0.10586.0, časové razítko: 0x5632d73f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x8400000f
Posun chyby: 0x00000000
ID chybujícího procesu: 0xd58
Čas spuštění chybující aplikace: 0xsvchost.exe_MapsBroker0
Cesta k chybující aplikaci: svchost.exe_MapsBroker1
Cesta k chybujícímu modulu: svchost.exe_MapsBroker2
ID zprávy: svchost.exe_MapsBroker3
Úplný název chybujícího balíčku: svchost.exe_MapsBroker4
ID aplikace související s chybujícím balíčkem: svchost.exe_MapsBroker5


System errors:
=============
Error: (08/16/2016 05:07:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
%%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (08/16/2016 05:06:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069 = Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (08/16/2016 05:06:39 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50 = Požadavek není podporován.

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/16/2016 05:06:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_265c7db byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/16/2016 05:06:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/16/2016 05:06:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér naslouchání Net.Msmq byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (08/16/2016 05:06:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/16/2016 05:06:09 PM) (Source: WAS) (EventID: 5175) (User: )
Description: Došlo k neočekávanému odpojení adaptéru naslouchání, který obsluhuje protokol net.msmq.

Error: (08/16/2016 05:06:09 PM) (Source: WAS) (EventID: 5175) (User: )
Description: Došlo k neočekávanému odpojení adaptéru naslouchání, který obsluhuje protokol msmq.formatname.

Error: (08/16/2016 05:06:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér naslouchání Net.Pipe byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2016-08-13 07:35:45.164
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-11 16:51:38.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:38.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:38.776
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:38.746
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:08.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:08.605
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:08.571
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:08.556
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-08-11 16:51:06.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 47%
Total physical RAM: 3327.18 MB
Available physical RAM: 1738.19 MB
Total Virtual: 6655.18 MB
Available Virtual: 5128 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.65 GB) (Free:23.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (Sniper Elite: Nazi Zombie Army 2) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF
Drive g: (ACTIAO2014) (CDROM) (Total:0.78 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 38023802)
Partition 1: (Active) - (Size=297.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)




==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-08-2016 01
Ran by Karlos (administrator) on KARLOS-PC (16-08-2016 17:20:46)
Running from C:\Users\Karlos\Desktop
Loaded Profiles: Karlos (Available Profiles: Karlos & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodata Limited) C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(Kenonic Controls Ltd.) C:\Windows\System32\Crypserv.exe
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
() C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Karlos\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcfgex.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5299984 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3280728 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [ESET NOD32 Antivirus Key 2015 ] => wscript.exe //B "C:\Users\Karlos\AppData\Local\Temp\ESET NOD32 Antivirus Key 2015 .vbs" <===== ATTENTION
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\Run: [icq.desktop] => C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe [31181448 2016-06-26] ()
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{54d6e673-9ea9-4dce-ad70-2a74493c8453}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-05-16] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2016-04-01] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2016-02-06] (Autodata Limited) [File not signed]
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1639832 2016-07-28] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4097280 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [906512 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [632632 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [52224 2000-06-29] (Kenonic Controls Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082200 2015-11-30] (Disc Soft Ltd)
R2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2016-05-16] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19584 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [67336 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [259328 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [201472 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [246536 2016-07-20] (AVG Technologies CZ, s.r.o.)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [29496 2016-07-23] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [225592 2016-07-23] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-01-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-01-06] (Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [24608 2000-02-03] () [File not signed]
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
S3 DUMeterDrv; \??\C:\Program Files\DU Meter\DUMETR32.SYS [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-16 17:20 - 2016-08-16 17:21 - 00010893 _____ C:\Users\Karlos\Desktop\FRST.txt
2016-08-16 17:20 - 2016-08-16 17:20 - 00112640 _____ (forum.viry.cz) C:\Users\Karlos\Desktop\FRSTLauncher.exe
2016-08-16 17:20 - 2016-08-16 17:20 - 00029696 _____ C:\Users\Karlos\AppData\Local\MSGBOX.EXE
2016-08-16 17:20 - 2016-08-16 17:20 - 00015327 _____ C:\Users\Karlos\Desktop\LM.bat
2016-08-16 17:17 - 2016-08-16 17:20 - 01744896 _____ (Farbar) C:\Users\Karlos\Desktop\FRST.exe
2016-08-16 17:03 - 2016-08-16 17:03 - 03784256 _____ C:\Users\Karlos\Desktop\adwcleaner_6.000.exe
2016-08-15 16:41 - 2016-08-16 17:20 - 00000000 ____D C:\FRST
2016-08-14 16:13 - 2016-08-14 16:13 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Šablony
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Poslední
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2016-08-14 16:13 - 2016-08-14 16:13 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-14 16:13 - 2016-01-09 16:51 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-08-14 16:04 - 2016-08-14 16:04 - 00000000 ____D C:\Users\Karlos\AppData\Local\CEF
2016-08-14 16:01 - 2016-08-14 16:01 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-08-14 16:00 - 2016-08-16 17:07 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-14 15:34 - 2016-08-16 17:15 - 00000000 ____D C:\AdwCleaner
2016-08-14 07:47 - 2016-08-14 07:47 - 00000000 ____D C:\$SysReset
2016-08-13 21:18 - 2016-08-16 17:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-13 18:23 - 2016-08-13 18:23 - 00000000 ____D C:\ProgramData\GridinSoft
2016-08-13 16:33 - 2016-08-13 16:33 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\AVG
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\TuneUp Software
2016-08-13 16:32 - 2016-08-13 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-13 16:30 - 2016-08-13 16:30 - 00000000 ___HD C:\$AVG
2016-08-13 16:29 - 2016-08-16 17:08 - 00000000 ____D C:\ProgramData\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000913 _____ C:\Users\Public\Desktop\AVG.lnk
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\Users\Karlos\AppData\Local\MFAData
2016-08-13 16:29 - 2016-08-13 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-11 16:45 - 2016-08-11 16:53 - 00000000 ____D C:\Program Files\Seznam.cz
2016-08-11 16:44 - 2016-08-11 16:54 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Seznam.cz
2016-08-11 16:37 - 2016-08-13 07:34 - 00000000 ____D C:\Program Files\Grevuied
2016-08-11 16:37 - 2016-08-11 16:37 - 00000000 ____D C:\Users\Karlos\AppData\Local\Vcdomgherrepy
2016-08-10 16:49 - 2016-08-03 08:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 16:49 - 2016-08-03 08:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 16:49 - 2016-08-03 07:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 16:49 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 16:49 - 2016-08-03 07:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 16:49 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 16:49 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 16:49 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 16:49 - 2016-08-03 07:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 16:49 - 2016-08-03 07:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 16:49 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 16:49 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 16:49 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 16:49 - 2016-08-03 07:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 16:49 - 2016-08-03 07:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 16:49 - 2016-08-03 07:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 16:49 - 2016-08-03 07:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 16:49 - 2016-08-03 07:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 16:49 - 2016-08-03 07:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 16:49 - 2016-08-03 06:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 16:49 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 16:49 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 16:49 - 2016-08-03 06:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 16:49 - 2016-08-03 06:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 16:49 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 16:49 - 2016-08-03 06:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 16:49 - 2016-08-03 06:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 16:49 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 16:49 - 2016-08-03 06:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 16:49 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 16:49 - 2016-08-03 06:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 16:49 - 2016-08-03 06:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 16:49 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 16:49 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 16:49 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 16:49 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 16:49 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 16:49 - 2016-08-03 06:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 16:49 - 2016-08-03 06:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 16:49 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 16:49 - 2016-08-03 06:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 16:49 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 16:49 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 16:49 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 16:49 - 2016-08-03 06:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 16:49 - 2016-08-03 06:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 16:49 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 16:49 - 2016-08-03 06:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 16:49 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 16:49 - 2016-08-03 06:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 16:49 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 16:49 - 2016-08-03 06:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 16:49 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-08 15:47 - 2016-08-08 16:28 - 742450786 _____ C:\Users\Karlos\Desktop\Rambo-2.avi
2016-08-05 18:13 - 2016-08-05 18:13 - 00016128 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\gtkdrv.sys
2016-08-02 17:13 - 2016-08-02 17:18 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\MOBILedit
2016-08-02 17:13 - 2016-08-02 17:13 - 00000000 ____D C:\Users\Karlos\Documents\MOBILedit! Enterprise
2016-08-02 17:09 - 2016-08-02 17:09 - 00000000 ____D C:\Program Files\Compiled Driver Disk (Android)
2016-08-02 17:09 - 2014-09-29 14:03 - 00015616 _____ (Motorola) C:\WINDOWS\system32\mot_ci.dll
2016-08-02 17:08 - 2016-08-02 17:08 - 00000000 ____D C:\Program Files\Phone Drivers Downloader
2016-08-02 17:07 - 2016-08-02 17:07 - 00001135 _____ C:\Users\Public\Desktop\MOBILedit! Enterprise.lnk
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit! Enterprise
2016-08-02 17:07 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\COMPELSON Labs
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Users\Public\Documents\MobilEdit! Enterprise
2016-08-02 17:06 - 2016-08-02 17:07 - 00000000 ____D C:\Program Files\MOBILedit! Enterprise
2016-08-02 17:06 - 2016-06-06 20:39 - 00028818 _____ C:\Users\Public\Documents\Wipe Exclude.txt
2016-08-02 17:05 - 2016-08-02 17:06 - 00000000 ____D C:\Users\Karlos\Desktop\Nová složka (11)
2016-08-02 17:05 - 2016-08-02 15:26 - 105343492 ____N C:\Users\Karlos\Desktop\MOBILedit!-Enterprise-8.6.0.20253-CZ-(x32x64).rar
2016-07-24 16:17 - 2016-07-24 16:17 - 27712476 _____ C:\Users\Karlos\Desktop\WhatsApp Messenger_v2.16.188_apkpure.com.apk
2016-07-24 07:46 - 2013-07-07 22:41 - 01086533 _____ C:\Users\Karlos\Desktop\DroidCam.3.6.2.exe
2016-07-24 07:45 - 2016-07-24 07:45 - 01069964 _____ C:\Users\Karlos\Desktop\DroidCam-3-6-2.zip
2016-07-23 18:25 - 2016-07-24 07:51 - 00000022 _____ C:\ProgramData\droidcam-settings
2016-07-23 18:25 - 2016-07-23 18:25 - 00000000 ____D C:\Users\Karlos\.android
2016-07-23 18:24 - 2016-07-23 18:24 - 00708871 _____ C:\Users\Karlos\Desktop\DroidCam_Client_6.0.zip
2016-07-23 18:24 - 2016-07-23 18:24 - 00225592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\droidcamvideo.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00029496 _____ (Dev47Apps) C:\WINDOWS\system32\Drivers\droidcam.sys
2016-07-23 18:24 - 2016-07-23 18:24 - 00001049 _____ C:\Users\Karlos\Desktop\DroidCamApp.lnk
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2016-07-23 18:24 - 2016-07-23 18:24 - 00000000 ____D C:\Program Files\DroidCam
2016-07-22 17:20 - 2016-07-22 17:20 - 00000000 __SHD C:\found.003
2016-07-20 08:46 - 2016-07-20 08:46 - 00246536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys
2016-07-19 18:15 - 2016-07-19 18:15 - 28588344 _____ (Mobo, Inc.) C:\Users\Karlos\Desktop\MoboMarketPC(official).exe
2016-07-19 17:57 - 2016-07-19 17:58 - 17961047 _____ C:\Users\Karlos\Desktop\TeamViewer-(1).apk
2016-07-19 12:28 - 2016-07-19 12:28 - 00201472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-16 17:07 - 2016-01-09 16:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-16 17:06 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-15 20:44 - 2016-05-16 16:40 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-14 15:17 - 2016-05-16 16:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-13 18:27 - 2016-05-16 16:37 - 00001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-13 18:27 - 2016-01-09 17:29 - 00001532 _____ C:\Users\Karlos\Desktop\iexplore – zástupce.lnk
2016-08-13 16:34 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-13 16:33 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\Avg
2016-08-13 16:31 - 2015-10-30 07:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-13 16:31 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\ProgramData\Avg
2016-08-13 16:30 - 2016-02-21 17:40 - 00000000 ____D C:\Program Files\AVG
2016-08-13 16:29 - 2016-02-21 17:40 - 00000000 ____D C:\Users\Karlos\AppData\Local\AvgSetupLog
2016-08-13 15:55 - 2009-07-14 04:37 - 00000000 ____D C:\Users\Default.migrated
2016-08-12 21:49 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 21:49 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-12 17:26 - 2016-01-01 17:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 17:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-12 17:26 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 17:23 - 2016-01-01 17:24 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-11 16:40 - 2016-01-09 16:46 - 01993368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-11 16:40 - 2015-10-30 17:08 - 00828410 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-11 16:40 - 2015-10-30 17:08 - 00184778 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-11 16:37 - 2016-05-16 16:37 - 00001300 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-03 08:21 - 2012-07-26 10:18 - 00400304 __RSH C:\bootmgr
2016-08-02 21:11 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-07-28 21:33 - 2016-01-09 16:47 - 00000000 ____D C:\Users\Karlos
2016-07-27 21:25 - 2016-01-01 17:26 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-24 16:21 - 2016-01-09 17:05 - 00002390 _____ C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-24 16:21 - 2016-01-09 17:05 - 00000000 ___RD C:\Users\Karlos\OneDrive
2016-07-24 16:16 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-23 16:15 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-21 20:54 - 2016-01-09 16:41 - 00286048 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2016-08-16 17:20 - 2016-08-16 17:20 - 0029696 _____ () C:\Users\Karlos\AppData\Local\MSGBOX.EXE
2016-06-12 16:14 - 2016-06-12 16:24 - 0000136 _____ () C:\Users\Karlos\AppData\Local\trueburner.ini
2016-07-23 18:25 - 2016-07-24 07:51 - 0000022 _____ () C:\ProgramData\droidcam-settings
2016-02-07 16:12 - 2016-02-07 16:12 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Karlos\AppData\Local\Temp\bitool.dll
C:\Users\Karlos\AppData\Local\Temp\Firefox Setup 45.0.exe
C:\Users\Karlos\AppData\Local\Temp\KB2zugUWzX.exe
C:\Users\Karlos\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Karlos\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Karlos\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Karlos\AppData\Local\Temp\sfareca00001.dll
C:\Users\Karlos\AppData\Local\Temp\ssins.exe
C:\Users\Karlos\AppData\Local\Temp\temp~.DLL
C:\Users\Karlos\AppData\Local\Temp\temp~.EXE
C:\Users\Karlos\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-07 16:16

==================== End of FRST.txt ============================

Re: Prosím o kontrolu logu

Napsal: 16 srp 2016 17:48
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Users\Karlos\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu

Napsal: 17 srp 2016 15:55
od Freedy
Vkládám další log dle návodu. díky.

Fix result of Farbar Recovery Scan Tool (x86) Version: 15-08-2016 01
Ran by Karlos (17-08-2016 16:47:47) Run:1
Running from C:\Users\Karlos\Desktop
Loaded Profiles: Karlos (Available Profiles: Karlos & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
Task: {09371643-E48C-4A44-9AF6-09AADBF2CFBD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0F81388C-07A9-4579-9A81-61D7CF449642} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {16BBD878-5193-4F0C-8FAB-25E51B668B61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2E43894B-C7F8-43BF-AD1E-E5C656BDD585} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {347426D2-2764-497C-B701-73E1ED55DFEA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {56B39150-549A-4699-83E8-DFB2C32E296B} - \ReimageUpdater -> No File <==== ATTENTION
Task: {5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {81D950FB-A821-4A16-A6FD-6399510A781B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639} - \Reimage Reminder -> No File <==== ATTENTION
Task: {AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B2D89EFE-5F89-4DCC-8469-E84A84963292} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9736CF9-0BA2-4E70-9F1C-AC049CDA448C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0711ABA-A2C6-4E19-B66A-8A94F613B260} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC530881-C713-4EED-821E-4609ED1FCE6F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1470926211&a=1065788&src=sh&uuid=c441cd7f-a739-4eff-98fc-d1405f37a441"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {0410681f-bc52-11e5-bb28-002421dfe993} - "F:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {62bef837-d1a4-11e5-bb31-002421dfe993} - "H:\setup.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {7223087d-d898-11e5-bb34-002421dfe993} - "D:\autorun.exe"
HKU\S-1-5-21-507802796-3567890678-1958908832-1000\...\MountPoints2: {c47eebad-ccdc-11e5-bb2f-002421dfe993} - "G:\lanceur.bat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Users\Karlos\AppData\Local\Temp
End
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09371643-E48C-4A44-9AF6-09AADBF2CFBD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09371643-E48C-4A44-9AF6-09AADBF2CFBD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F81388C-07A9-4579-9A81-61D7CF449642}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F81388C-07A9-4579-9A81-61D7CF449642}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16BBD878-5193-4F0C-8FAB-25E51B668B61}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16BBD878-5193-4F0C-8FAB-25E51B668B61}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E43894B-C7F8-43BF-AD1E-E5C656BDD585}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E43894B-C7F8-43BF-AD1E-E5C656BDD585}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{347426D2-2764-497C-B701-73E1ED55DFEA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347426D2-2764-497C-B701-73E1ED55DFEA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56B39150-549A-4699-83E8-DFB2C32E296B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56B39150-549A-4699-83E8-DFB2C32E296B}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FA1E5CD-0F8D-49BF-8ADF-20FC5B375422}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81D950FB-A821-4A16-A6FD-6399510A781B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81D950FB-A821-4A16-A6FD-6399510A781B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A83E2D17-3CD9-4DC7-A6DA-D594CEAE7639}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Reimage Reminder => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEA1AAD6-8FA7-4368-AF99-1CF32DE409F3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2D89EFE-5F89-4DCC-8469-E84A84963292}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2D89EFE-5F89-4DCC-8469-E84A84963292}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9736CF9-0BA2-4E70-9F1C-AC049CDA448C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9736CF9-0BA2-4E70-9F1C-AC049CDA448C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0711ABA-A2C6-4E19-B66A-8A94F613B260}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0711ABA-A2C6-4E19-B66A-8A94F613B260}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC530881-C713-4EED-821E-4609ED1FCE6F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC530881-C713-4EED-821E-4609ED1FCE6F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully.
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Shortcut argument removed successfully..
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0410681f-bc52-11e5-bb28-002421dfe993}" => key removed successfully.
HKCR\CLSID\{0410681f-bc52-11e5-bb28-002421dfe993} => key not found.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62bef837-d1a4-11e5-bb31-002421dfe993}" => key removed successfully.
HKCR\CLSID\{62bef837-d1a4-11e5-bb31-002421dfe993} => key not found.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7223087d-d898-11e5-bb34-002421dfe993}" => key removed successfully.
HKCR\CLSID\{7223087d-d898-11e5-bb34-002421dfe993} => key not found.
"HKU\S-1-5-21-507802796-3567890678-1958908832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c47eebad-ccdc-11e5-bb2f-002421dfe993}" => key removed successfully.
HKCR\CLSID\{c47eebad-ccdc-11e5-bb2f-002421dfe993} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
idsvc => service removed successfully.
wpcsvc => service removed successfully.
C:\Users\Karlos\AppData\Local\Temp => moved successfully

==== End of Fixlog 16:47:53 ====

Re: Prosím o kontrolu logu

Napsal: 17 srp 2016 16:43
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosím o kontrolu logu

Napsal: 17 srp 2016 16:52
od Freedy
Bohužel nic se nestalo, pořád mě to přesměrovává dál. Je to peklo :D :(

Re: Prosím o kontrolu logu

Napsal: 17 srp 2016 16:59
od Rudy
Udělejte tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Re: Prosím o kontrolu logu

Napsal: 17 srp 2016 17:42
od Freedy
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Karlos on st 17.08.2016 at 18:17:00,15.
Microsoft Windows 10 Pro 10.0.10586 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Karlos\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.8.2016 18:18:14 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\DivX deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Seznam.cz deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Karlos\AppData\Local\ActiveSync deleted successfully
C:\Users\Karlos\AppData\Local\PDFCreator deleted successfully
C:\Users\Karlos\AppData\Local\PeerDistRepub deleted successfully
C:\Users\Karlos\AppData\Local\Vcdomgherrepy deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Crypkey License deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Karlos\AppData\Roaming\Profiles\Mezakhdash.default\prefs.js:

Added to C:\Users\Karlos\AppData\Roaming\Profiles\Mezakhdash.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default\prefs.js:

Added to C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Program Files\DivX not found
C:\Program Files\Seznam.cz not found
C:\PROGRA~3\DivX deleted
C:\Users\Karlos\.android deleted
C:\Program Files\LG Software Innovations deleted
C:\DOSBox.exe deleted
C:\Uninstal.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\ProgramData\droidcam-settings" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Karlos\AppData\Roaming\Profiles\Mezakhdash.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\ihdkgkb6.default
21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
B1C27279B4C0E7076C952A99193DD94C - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
4E300C1C2D477A98275FF6CA45FA16E3 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
1B743D5B6FD001660FAB17DD7C347A38 - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In
EA8FCF30D2961369435C84CE3B3063F1 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U23
44CD19D98995CB3056F406113B175820 - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.230.5
F627791AB91E01A9829A8D9B6E024D52 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll - Shockwave Flash
4F3F6B17B4A5BDB68B3CB0367A2C214E - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... 02&pc=UE04

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on Users Desktops ======================

C:\Users\Karlos\Desktop\1CLICK DVD COPY 5.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\1ClickDvdCopy.exe
C:\Users\Karlos\Desktop\DroidCamApp.lnk - C:\Program Files\DroidCam\DroidCamApp.exe
C:\Users\Karlos\Desktop\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\Desktop\iexplore – zástupce.lnk -
C:\Users\Karlos\Desktop\Redneck Rampage.lnk - C:\Old\Play.bat
C:\Users\Karlos\Desktop\SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe
C:\Users\Karlos\Desktop\WinRAR – zástupce.lnk -
C:\Users\Karlos\Desktop\záloha SEDRE Peugeot.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Peugeot Planet Diag.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD (Console Mode).lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Start PPD.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Stop PPD.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\PPDBrowser.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\client_OGD\ppdiag\Utils\ppd_restart.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\DCS\config\shortcut\Peugeot Planet System\Peugeot Planet 2000.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\DCS\config\shortcut\Peugeot Planet System\Peugeot Planet Measure.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\DCS\config\shortcut\Peugeot Planet System\Peugeot Planet Office.lnk -
C:\Users\Karlos\Desktop\Nová složka (10)\LEXIA_PP2000\Peugeot Planet\Peugeot Planet\PPS v22.12\PPE\config\shortcut\Peugeot Planet System\Peugeot Planet Office.lnk -
C:\Users\Karlos\Desktop\Nová složka (5)\Autodata 3.40\ADCDA2\Autodata 3.40.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\APM TEC.lnk - C:\Program Files\Workshop\workshop.exe
C:\Users\Public\Desktop\Autodata CDA-3.lnk - C:\autodata\Autodata_CDA3_43\Autorun.exe
C:\Users\Public\Desktop\AVG.lnk - C:\Program Files\AVG\Framework\Common\avguix.exe /zen.open_ui
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLauncher.exe
C:\Users\Public\Desktop\MOBILedit Enterprise.lnk -
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe
C:\Users\Public\Desktop\Redneck Rampage.lnk - C:\Program Files\Redneck Rampage\DOSBox.exe -conf play.conf
C:\Users\Public\Desktop\Sniper Elite Nazi Zombie Army 2.lnk - C:\Program Files\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
C:\Users\Public\Desktop\True Burner.lnk - C:\Program Files\Glorylogic\True Burner\TrueBurner.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Karlos\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\DroidCam Client.lnk - C:\Program Files\DroidCam\DroidCamApp.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\Uninstall.lnk - C:\Program Files\DroidCam\Uninstall.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\Uninstall ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icqsetup.exe -uninstall

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Click DVD Copy 5\1Click DVD Copy on the Web.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\lgsoftwareinnovations.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Click DVD Copy 5\1Click DVD Copy.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\1ClickDvdCopy.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Click DVD Copy 5\Uninstall 1Click DVD Copy.lnk - C:\Program Files\LG Software Innovations\1Click DVD Copy 5\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG Protection.lnk - C:\Program Files\AVG\Av\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen\AVG.lnk - C:\Program Files\AVG\Framework\Common\avguix.exe /zen.open_ui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic\True Burner\Help.lnk - C:\Program Files\Glorylogic\True Burner\TrueBurner.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic\True Burner\True Burner.lnk - C:\Program Files\Glorylogic\True Burner\TrueBurner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic\True Burner\Uninstall True Burner.lnk - C:\Program Files\Glorylogic\True Burner\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit Enterprise.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage\Redneck Rampage - Configuration.lnk - C:\Program Files\Redneck Rampage\Setup.bat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage\Redneck Rampage.lnk - C:\Program Files\Redneck Rampage\DOSBox.exe -conf play.conf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage\Uninstall Redneck Rampage.lnk - C:\Program Files\Redneck Rampage\Uninstal.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite Nazi Zombie Army 2\Sniper Elite Nazi Zombie Army 2.lnk - C:\Program Files\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite Nazi Zombie Army 2\View the manual.lnk - C:\Program Files\Sniper Elite Nazi Zombie Army 2\Sniper Elite NZA2 Manual E.pdf

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ICQ.lnk - C:\Users\Karlos\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://safesurfs.net/?ssid=1470926211&a ... 405f37a441"
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://safesurfs.net/?ssid=1470926211&a ... 405f37a441"
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore – zástupce.lnk -
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

==== shortcuts After Repair ======================

C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Karlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Karlos\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Karlos\AppData\Local\Mozilla\Firefox\Profiles\ihdkgkb6.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=131 folders=29 214182384 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Karlos\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== EOF on st 17.08.2016 at 18:34:12,20 ======================

Re: Prosím o kontrolu logu

Napsal: 17 srp 2016 18:12
od Rudy
Zoek něco smazal. A Junkware?

Re: Prosím o kontrolu logu

Napsal: 17 srp 2016 18:33
od Freedy
Ten stale bezi.

Re: Prosím o kontrolu logu

Napsal: 17 srp 2016 19:10
od Rudy
Aha. Až skončí, dejte log a zprávu, zda to pomohlo.

Re: Prosím o kontrolu logu

Napsal: 18 srp 2016 15:38
od Freedy
Tak přidávám další část, zatím se nic nezměnilo, ještě jsem možná neuvedl, že používám win 10


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x86
Ran by Karlos (Administrator) on źt 18.08.2016 at 16:26:07,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5

Successfully deleted: C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-69B6DA43.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\AVG_PROTECTION_FREE_698.EXE-6B31DE8E.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\AVG_PROTECTION_FREE_698.EXE-8046BC9D.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DELPHI_DS150E_KEYGEN_FREE_DOW-FA6F1B38.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERINSTALLER.EXE-1A37B3ED.pf (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 18.08.2016 at 16:28:03,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Prosím o kontrolu logu

Napsal: 18 srp 2016 17:27
od Rudy
OK. V kterém prohlížeči se to děje?

Re: Prosím o kontrolu logu

Napsal: 18 srp 2016 17:36
od Freedy
Děje se to v mozile i exploreru.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz