Zavirovaný PC

Zpráva

Radeksmolka · #1 Příspěvek od **Radeksmolka** » 25 říj 2016 14:09

Zdravím pánové

měl bych na Vás obrovskou prosbu. Potřeboval bych prohlédnout počítač kvůli virům. Poslední dobou je dost zasekaný. Navíc mi nějaká potvora neustále mění čas. Po projetí pc antivirem se problém nevyřešil... v příloze zasílám log z FRST zabaleným v raru. ( netušil jsem, kterým programem začít tak snad to bude ok) Děkuji za Váš čas. Radek

Jinak mám Laptop hp envy dv7 s operačním systemem windows 10 64bit

#2 Příspěvek od **altrok** » 25 říj 2016 15:24

Krasny den Vam preju

V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan (Skenovani), pote na Cleaning (Cisteni)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

Radeksmolka · #3 Příspěvek od **Radeksmolka** » 25 říj 2016 15:41

Zasílám Log z adwcleaneru

# AdwCleaner v6.030 - Log soubor vytvořen 25/10/2016 na 04:16:26
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-23.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Radek - RADEK
# Beží od : C:\Users\Radek\Downloads\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Adresáře ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

[-] [C:\Users\Radek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Smazání:hohosearch
[-] [C:\Users\Radek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [startup_urls] Smazání:hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBH8mB3UpBE..&v=20160606&uid=F25424ABE55812FEEE0FA1BF57992408&ptid=epf1&mode=loadm

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4893 Bajtů] - [25/08/2016 21:48:19]
C:\AdwCleaner\AdwCleaner[C2].txt - [1223 Bajtů] - [25/10/2016 04:16:26]
C:\AdwCleaner\AdwCleaner[R0].txt - [2622 Bajtů] - [19/09/2014 20:21:26]
C:\AdwCleaner\AdwCleaner[R1].txt - [5594 Bajtů] - [09/07/2015 14:12:56]
C:\AdwCleaner\AdwCleaner[R2].txt - [9005 Bajtů] - [17/07/2015 10:48:39]
C:\AdwCleaner\AdwCleaner[R3].txt - [1283 Bajtů] - [21/07/2015 22:55:44]
C:\AdwCleaner\AdwCleaner[R4].txt - [1404 Bajtů] - [21/08/2015 09:48:36]
C:\AdwCleaner\AdwCleaner[R5].txt - [1523 Bajtů] - [22/09/2015 09:16:55]
C:\AdwCleaner\AdwCleaner[R6].txt - [1643 Bajtů] - [15/12/2015 22:45:04]
C:\AdwCleaner\AdwCleaner[R7].txt - [2384 Bajtů] - [06/06/2016 16:58:11]
C:\AdwCleaner\AdwCleaner[R8].txt - [2007 Bajtů] - [16/09/2016 20:11:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [2431 Bajtů] - [19/09/2014 20:22:59]
C:\AdwCleaner\AdwCleaner[S1].txt - [5151 Bajtů] - [09/07/2015 14:14:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [5816 Bajtů] - [17/07/2015 10:52:49]
C:\AdwCleaner\AdwCleaner[S3].txt - [1450 Bajtů] - [21/07/2015 23:00:22]
C:\AdwCleaner\AdwCleaner[S4].txt - [1465 Bajtů] - [21/08/2015 09:50:47]
C:\AdwCleaner\AdwCleaner[S5].txt - [1584 Bajtů] - [22/09/2015 09:18:54]
C:\AdwCleaner\AdwCleaner[S6].txt - [1704 Bajtů] - [15/12/2015 22:47:19]
C:\AdwCleaner\AdwCleaner[S7].txt - [2411 Bajtů] - [06/06/2016 17:00:18]
C:\AdwCleaner\AdwCleaner[S8].txt - [5013 Bajtů] - [25/08/2016 21:44:27]
C:\AdwCleaner\AdwCleaner[S9].txt - [3085 Bajtů] - [25/10/2016 04:11:21]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2703 Bajtů] ##########

#4 Příspěvek od **altrok** » 25 říj 2016 16:47

Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

Radeksmolka · #5 Příspěvek od **Radeksmolka** » 25 říj 2016 16:56

Přikládám oba dva soubory.

Radeksmolka · #6 Příspěvek od **Radeksmolka** » 26 říj 2016 09:24

Zdravím

jen bych chtěl podotknout, že problém se změnou času se zdá být vyřešený

Ještě to zkontroluju jak dojdu z práce

Díky moc pane

pak napište jestli budeme pokračovat

zatím

#7 Příspěvek od **altrok** » 26 říj 2016 09:57

Hezky den,

log FRST.txt se vygeneroval spatne - vygenerujte jej prosim znovu a tentokrate bez pouziti FRSTLauncheru.

Radeksmolka · #8 Příspěvek od **Radeksmolka** » 26 říj 2016 13:28

Zdravím. Zasílám dva soubory. Snad by už to mělo být v pořádku.

#9 Příspěvek od **altrok** » 26 říj 2016 20:30

Start -> Vsechny programy -> Prislusenstvi -> pravej klik na Prikazovy radek a Spustit jako spravce

vepiste chkdsk /r
enter a restartujte PC
tato kontrola a opravovani probihaji pred nactenim OS a trvaji az nekolik hodin

Odinstalujte starou a zranitelnou verzi Javy. Pokud Javu potrebujete, pak nainstalujte novou z java.com/verify - pozor na adware pri instalaci. Pote se presvedcte, ze starsi verze jsou odinstalovane. Z hlediska bezpecnosti (zranitelnosti a exploity) je lepsi ji nemit. Aktualni je 8U111. Verze Javy, ktere v PC mate nainstalovane:

Java 8 Update 91

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
FF Extension: (No Name) - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\raw9xb0e.default\extensions\defsearchp@gmail.com [not found]
FF Extension: (No Name) - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\raw9xb0e.default\extensions\deskCutv2@gmail.com [not found]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
Task: {042A8B4D-30BA-494D-96E1-04542812431F} - System32\Tasks\Update\Adobestartup => C:\Users\Radek\AppData\Roaming\Adobestartup <==== ATTENTION
Task: {059A9CEC-DDA0-4E07-ABC8-98C7E18BB041} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {10399408-FD91-4529-8040-9F3914BCAB17} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {15C1CB29-70C0-49F1-86D8-7F262A5F3B81} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1D138D5E-C8B8-4A28-8A07-EACAB0428B28} - System32\Tasks\Update\Explorersettings => C:\Users\Radek\AppData\Roaming\Explorersettings <==== ATTENTION
Task: {1DC43A1C-D15E-46E6-847B-B3CDB970C641} - System32\Tasks\{7E029DF3-ACFF-43AB-9ED5-31404040C201} => pcalua.exe -a C:\Users\Radek\Downloads\pinnacle-setup.exe -d C:\Users\Radek\Downloads
Task: {329C6E28-CB98-4CBC-9F90-EAF46DD13A83} - \WPD\SqmUpload_S-1-5-21-15271263-1347591148-1166148305-1002 -> No File <==== ATTENTION
Task: {48FC1DD8-0031-4DC1-925F-B6880C5576D2} - System32\Tasks\Tamisthivicult Mapper => C:\Program Files (x86)\Tamisthivicult\TamisthivicultMapperTask.exe <==== ATTENTION
File: C:\Program Files (x86)\Tamisthivicult\TamisthivicultMapperTask.exe
Folder: C:\Program Files (x86)\Tamisthivicult
C:\Program Files (x86)\Tamisthivicult
Task: {553D4B42-B565-4A06-9682-81838439E802} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {711F7BD1-0D1A-4ECE-9A63-2A5C31DAAC66} - System32\Tasks\{922CDDD4-8172-4198-9CD7-D6CEB71EBAD5} => pcalua.exe -a C:\Users\Radek\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=icp
C:\Users\Radek\AppData\Roaming\istartsurf
Task: {74FB7781-5EFC-4DDB-9772-3CFEC549BF51} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {834D66F0-DFB0-4B0B-BCBA-DC5999CFF6F5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {846EB068-F67F-440C-8694-BFB6C9AB60CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8D34764E-6C56-41E0-B93A-2A5660913FD0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A0140C53-C3A0-400E-B702-1104D25BE3FB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A85100E7-E3AD-491F-8D15-28AD17C9C8BE} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {D25B07B2-D757-4D32-BB9D-D868F51A1DD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D6D29962-2A23-435E-81A3-69DBECA5902B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E3682AB6-677A-439A-A130-FB7A2FB42009} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F122DF2D-F6C9-4DE7-A167-9D3626D35E37} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {FC62ED10-BFE2-4AAF-9865-6903D3CEA604} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {FE37690B-D9CD-4DF8-B535-9BD6160220D2} - System32\Tasks\{D414F9C5-1437-4E4A-B6E5-94F30E686DFF} => pcalua.exe -a C:\Users\Radek\AppData\Local\TNT2\2.0.0.1923\TNT2User.exe -c /UNINSTALL PARTNER=11147
C:\Users\Radek\AppData\Local\TNT2
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\ProgramData\Temp:8927A071 [410]
File: C:\WINDOWS\SysWOW64\zlib.dll
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End

Radeksmolka · #10 Příspěvek od **Radeksmolka** » 28 říj 2016 09:06

Zdravím a přeji hezký svátek

1. Disky skontrolovány a opraveny
2. Java updatovaná

3.Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-10-2016
Ran by Radek (28-10-2016 09:54:08) Run:4
Running from C:\Users\Radek\Desktop
Loaded Profiles: Radek (Available Profiles: Radek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
FF Extension: (No Name) - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\raw9xb0e.default\extensions\defsearchp@gmail.com [not found]
FF Extension: (No Name) - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\raw9xb0e.default\extensions\deskCutv2@gmail.com [not found]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
Task: {042A8B4D-30BA-494D-96E1-04542812431F} - System32\Tasks\Update\Adobestartup => C:\Users\Radek\AppData\Roaming\Adobestartup <==== ATTENTION
Task: {059A9CEC-DDA0-4E07-ABC8-98C7E18BB041} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {10399408-FD91-4529-8040-9F3914BCAB17} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {15C1CB29-70C0-49F1-86D8-7F262A5F3B81} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1D138D5E-C8B8-4A28-8A07-EACAB0428B28} - System32\Tasks\Update\Explorersettings => C:\Users\Radek\AppData\Roaming\Explorersettings <==== ATTENTION
Task: {1DC43A1C-D15E-46E6-847B-B3CDB970C641} - System32\Tasks\{7E029DF3-ACFF-43AB-9ED5-31404040C201} => pcalua.exe -a C:\Users\Radek\Downloads\pinnacle-setup.exe -d C:\Users\Radek\Downloads
Task: {329C6E28-CB98-4CBC-9F90-EAF46DD13A83} - \WPD\SqmUpload_S-1-5-21-15271263-1347591148-1166148305-1002 -> No File <==== ATTENTION
Task: {48FC1DD8-0031-4DC1-925F-B6880C5576D2} - System32\Tasks\Tamisthivicult Mapper => C:\Program Files (x86)\Tamisthivicult\TamisthivicultMapperTask.exe <==== ATTENTION
File: C:\Program Files (x86)\Tamisthivicult\TamisthivicultMapperTask.exe
Folder: C:\Program Files (x86)\Tamisthivicult
C:\Program Files (x86)\Tamisthivicult
Task: {553D4B42-B565-4A06-9682-81838439E802} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {711F7BD1-0D1A-4ECE-9A63-2A5C31DAAC66} - System32\Tasks\{922CDDD4-8172-4198-9CD7-D6CEB71EBAD5} => pcalua.exe -a C:\Users\Radek\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=icp
C:\Users\Radek\AppData\Roaming\istartsurf
Task: {74FB7781-5EFC-4DDB-9772-3CFEC549BF51} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {834D66F0-DFB0-4B0B-BCBA-DC5999CFF6F5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {846EB068-F67F-440C-8694-BFB6C9AB60CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8D34764E-6C56-41E0-B93A-2A5660913FD0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A0140C53-C3A0-400E-B702-1104D25BE3FB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A85100E7-E3AD-491F-8D15-28AD17C9C8BE} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {D25B07B2-D757-4D32-BB9D-D868F51A1DD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D6D29962-2A23-435E-81A3-69DBECA5902B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E3682AB6-677A-439A-A130-FB7A2FB42009} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F122DF2D-F6C9-4DE7-A167-9D3626D35E37} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {FC62ED10-BFE2-4AAF-9865-6903D3CEA604} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {FE37690B-D9CD-4DF8-B535-9BD6160220D2} - System32\Tasks\{D414F9C5-1437-4E4A-B6E5-94F30E686DFF} => pcalua.exe -a C:\Users\Radek\AppData\Local\TNT2\2.0.0.1923\TNT2User.exe -c /UNINSTALL PARTNER=11147
C:\Users\Radek\AppData\Local\TNT2
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\ProgramData\Temp:8927A071 [410]
File: C:\WINDOWS\SysWOW64\zlib.dll
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value removed successfully
C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\raw9xb0e.default\extensions\defsearchp@gmail.com => path removed successfully
C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\raw9xb0e.default\extensions\deskCutv2@gmail.com => path removed successfully
MBAMSwissArmy => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{042A8B4D-30BA-494D-96E1-04542812431F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{042A8B4D-30BA-494D-96E1-04542812431F}" => key removed successfully
C:\WINDOWS\System32\Tasks\Update\Adobestartup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update\Adobestartup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{059A9CEC-DDA0-4E07-ABC8-98C7E18BB041}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{059A9CEC-DDA0-4E07-ABC8-98C7E18BB041}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10399408-FD91-4529-8040-9F3914BCAB17}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10399408-FD91-4529-8040-9F3914BCAB17}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15C1CB29-70C0-49F1-86D8-7F262A5F3B81}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15C1CB29-70C0-49F1-86D8-7F262A5F3B81}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D138D5E-C8B8-4A28-8A07-EACAB0428B28}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D138D5E-C8B8-4A28-8A07-EACAB0428B28}" => key removed successfully
C:\WINDOWS\System32\Tasks\Update\Explorersettings => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update\Explorersettings" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DC43A1C-D15E-46E6-847B-B3CDB970C641}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DC43A1C-D15E-46E6-847B-B3CDB970C641}" => key removed successfully
C:\WINDOWS\System32\Tasks\{7E029DF3-ACFF-43AB-9ED5-31404040C201} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7E029DF3-ACFF-43AB-9ED5-31404040C201}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{329C6E28-CB98-4CBC-9F90-EAF46DD13A83}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{329C6E28-CB98-4CBC-9F90-EAF46DD13A83}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-15271263-1347591148-1166148305-1002" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48FC1DD8-0031-4DC1-925F-B6880C5576D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48FC1DD8-0031-4DC1-925F-B6880C5576D2}" => key removed successfully
C:\WINDOWS\System32\Tasks\Tamisthivicult Mapper => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Tamisthivicult Mapper" => key removed successfully

========================= File: C:\Program Files (x86)\Tamisthivicult\TamisthivicultMapperTask.exe ========================

"C:\Program Files (x86)\Tamisthivicult\TamisthivicultMapperTask.exe" => not found.
====== End of File: ======

========================= Folder: C:\Program Files (x86)\Tamisthivicult ========================

====== End of Folder: ======

C:\Program Files (x86)\Tamisthivicult => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{553D4B42-B565-4A06-9682-81838439E802}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{553D4B42-B565-4A06-9682-81838439E802}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{711F7BD1-0D1A-4ECE-9A63-2A5C31DAAC66}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{711F7BD1-0D1A-4ECE-9A63-2A5C31DAAC66}" => key removed successfully
C:\WINDOWS\System32\Tasks\{922CDDD4-8172-4198-9CD7-D6CEB71EBAD5} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{922CDDD4-8172-4198-9CD7-D6CEB71EBAD5}" => key removed successfully
"C:\Users\Radek\AppData\Roaming\istartsurf" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74FB7781-5EFC-4DDB-9772-3CFEC549BF51}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74FB7781-5EFC-4DDB-9772-3CFEC549BF51}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{834D66F0-DFB0-4B0B-BCBA-DC5999CFF6F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{834D66F0-DFB0-4B0B-BCBA-DC5999CFF6F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{846EB068-F67F-440C-8694-BFB6C9AB60CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{846EB068-F67F-440C-8694-BFB6C9AB60CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D34764E-6C56-41E0-B93A-2A5660913FD0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D34764E-6C56-41E0-B93A-2A5660913FD0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0140C53-C3A0-400E-B702-1104D25BE3FB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0140C53-C3A0-400E-B702-1104D25BE3FB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A85100E7-E3AD-491F-8D15-28AD17C9C8BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A85100E7-E3AD-491F-8D15-28AD17C9C8BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D25B07B2-D757-4D32-BB9D-D868F51A1DD3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D25B07B2-D757-4D32-BB9D-D868F51A1DD3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6D29962-2A23-435E-81A3-69DBECA5902B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6D29962-2A23-435E-81A3-69DBECA5902B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3682AB6-677A-439A-A130-FB7A2FB42009}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3682AB6-677A-439A-A130-FB7A2FB42009}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F122DF2D-F6C9-4DE7-A167-9D3626D35E37}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F122DF2D-F6C9-4DE7-A167-9D3626D35E37}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC62ED10-BFE2-4AAF-9865-6903D3CEA604}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC62ED10-BFE2-4AAF-9865-6903D3CEA604}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE37690B-D9CD-4DF8-B535-9BD6160220D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE37690B-D9CD-4DF8-B535-9BD6160220D2}" => key removed successfully
C:\WINDOWS\System32\Tasks\{D414F9C5-1437-4E4A-B6E5-94F30E686DFF} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D414F9C5-1437-4E4A-B6E5-94F30E686DFF}" => key removed successfully
"C:\Users\Radek\AppData\Local\TNT2" => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\SysWOW64\zlib.dll => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
C:\ProgramData\Temp => ":8927A071" ADS removed successfully.

========================= File: C:\WINDOWS\SysWOW64\zlib.dll ========================

File not signed
MD5: 6489193F5F2233EAF4E7E0700540FF12
Creation and modification date: 2014-07-28 15:53 - 2016-02-21 13:27
Size: 0119296
Attributes: ----A
Company Name:
Internal Name: zlib
Original Name: zlib.dll
Product: ZLib.DLL
Description: zlib data compression library
File Version: 1.2.3.0
Product Version:
Copyright: (C) 1995-2003 Jean-loup Gailly & Mark Adler

====== End of File: ======

========= dir "C:\PROGRA~1" =========

Volume in drive C is OS
Volume Serial Number is AAFD-8238

Directory of C:\PROGRA~1

28. 09. 2016 09:42 <DIR> .
28. 09. 2016 09:42 <DIR> ..
09. 06. 2016 20:01 <DIR> Adobe
06. 09. 2016 06:53 <DIR> BlackIsle
29. 11. 2012 04:00 <DIR> Bonjour
28. 09. 2016 09:42 <DIR> Common Files
31. 07. 2015 18:58 <DIR> Corel
29. 07. 2016 18:19 <DIR> Easeware
16. 07. 2015 22:43 <DIR> Enigma Software Group
29. 07. 2016 18:30 <DIR> Hewlett-Packard
28. 09. 2016 09:53 <DIR> IDT
28. 09. 2016 09:42 <DIR> Intel
19. 05. 2016 17:04 <DIR> Intel Corporation
30. 09. 2016 09:34 <DIR> Internet Explorer
11. 07. 2014 12:51 <DIR> Microsoft Office
12. 10. 2016 22:19 <DIR> Microsoft Silverlight
04. 08. 2014 13:01 <DIR> Microsoft SQL Server Compact Edition
04. 08. 2014 13:01 <DIR> Microsoft Synchronization Services
28. 09. 2016 09:58 <DIR> MSBuild
26. 10. 2016 22:04 <DIR> NVIDIA Corporation
09. 07. 2015 13:18 <DIR> Recuva
28. 09. 2016 09:58 <DIR> Reference Assemblies
28. 09. 2016 09:27 <DIR> Synaptics
02. 08. 2016 07:47 <DIR> Tablet
02. 08. 2016 07:30 <DIR> TabletPlugins
01. 01. 2016 20:53 <DIR> TeamSpeak 3 Client
22. 04. 2014 15:50 <DIR> Unlocker
29. 11. 2012 03:54 <DIR> Validity Sensors
28. 09. 2016 10:15 <DIR> Windows Defender
12. 10. 2016 22:17 <DIR> Windows Mail
28. 09. 2016 09:42 <DIR> Windows Media Player
16. 07. 2016 13:47 <DIR> Windows Multimedia Platform
29. 09. 2016 18:35 <DIR> Windows NT
12. 10. 2016 22:17 <DIR> Windows Photo Viewer
16. 07. 2016 13:47 <DIR> Windows Portable Devices
16. 07. 2016 13:47 <DIR> WindowsPowerShell
0 File(s) 0 bytes
36 Dir(s) 309˙738˙815˙488 bytes free

========= End of CMD: =========

========= dir "C:\PROGRA~2" =========

Volume in drive C is OS
Volume Serial Number is AAFD-8238

Directory of C:\PROGRA~2

28. 10. 2016 09:57 <DIR> .
28. 10. 2016 09:57 <DIR> ..
08. 01. 2015 16:42 <DIR> 2K Games
30. 11. 2015 20:45 <DIR> Adobe
30. 03. 2015 16:04 <DIR> Anvsoft
17. 09. 2016 00:01 <DIR> AVG
26. 10. 2016 22:09 <DIR> Battle.net
29. 11. 2012 04:00 <DIR> Bonjour
07. 03. 2014 18:10 <DIR> Cisco
28. 10. 2016 09:45 <DIR> Common Files
29. 11. 2012 04:20 <DIR> CyberLink
19. 03. 2014 13:32 <DIR> DAEMON Tools Lite
14. 03. 2014 10:46 <DIR> DsNET Corp
06. 06. 2016 16:57 <DIR> Gihkreamition
08. 11. 2015 00:16 <DIR> Google
26. 10. 2016 18:29 <DIR> Hearthstone
29. 07. 2016 18:30 <DIR> Hewlett-Packard
29. 11. 2012 04:16 <DIR> HP SimplePass
27. 09. 2012 11:29 <DIR> HPConnectedMusic
21. 04. 2014 22:03 <DIR> Infogrames Interactive
19. 05. 2016 17:04 <DIR> Intel
30. 09. 2016 09:34 <DIR> Internet Explorer
11. 03. 2014 13:35 <DIR> IrfanView
28. 10. 2016 09:46 <DIR> Java
12. 10. 2014 14:18 <DIR> LogMeIn Hamachi
01. 12. 2014 10:45 <DIR> Microsoft
11. 07. 2014 12:51 <DIR> Microsoft Analysis Services
23. 05. 2016 18:57 <DIR> Microsoft ASP.NET
31. 07. 2015 16:24 <DIR> Microsoft Office
31. 07. 2015 16:54 <DIR> Microsoft SDKs
12. 10. 2016 22:19 <DIR> Microsoft Silverlight
08. 12. 2014 23:32 <DIR> Microsoft SQL Server
11. 07. 2014 12:53 <DIR> Microsoft SQL Server Compact Edition
20. 04. 2014 20:58 <DIR> Microsoft Studios
11. 07. 2014 12:53 <DIR> Microsoft Sync Framework
11. 07. 2014 12:54 <DIR> Microsoft Synchronization Services
11. 07. 2014 12:51 <DIR> Microsoft Visual Studio 8
31. 07. 2015 16:55 <DIR> Microsoft Visual Studio 9.0
19. 04. 2014 08:09 <DIR> Microsoft WSE
28. 09. 2016 09:42 <DIR> Microsoft.NET
06. 06. 2016 16:53 <DIR> Mozilla Firefox
06. 01. 2015 17:35 <DIR> Mozilla Maintenance Service
28. 09. 2016 09:53 <DIR> MSBuild
09. 06. 2016 19:57 <DIR> My Company Name
09. 06. 2016 20:53 <DIR> Nero
26. 10. 2016 22:04 <DIR> NVIDIA Corporation
07. 03. 2014 17:52 <DIR> Online Services
15. 05. 2016 17:35 <DIR> OpenAL
05. 02. 2015 10:32 <DIR> Origin
29. 07. 2016 19:47 <DIR> R.G. Mechanics
29. 11. 2012 03:53 <DIR> Realtek
28. 09. 2016 09:58 <DIR> Reference Assemblies
06. 10. 2016 01:36 <DIR> Sherlock Holmes Crimes and Punishments
25. 12. 2015 20:32 <DIR> Skype
08. 12. 2014 23:31 <DIR> Sony
08. 12. 2014 23:31 <DIR> Sony Setup
16. 09. 2016 22:30 <DIR> Soretckizedom
08. 01. 2015 16:48 <DIR> SpeedFan
06. 10. 2016 01:38 <DIR> Steam
29. 11. 2012 04:25 <DIR> SymSilent
02. 08. 2016 07:47 <DIR> TabletPlugins
06. 10. 2016 01:36 <DIR> The Sims 4
18. 05. 2014 16:19 <DIR> TP-LINK
19. 06. 2016 19:30 <DIR> Ubisoft
08. 12. 2014 23:31 <DIR> Vstplugins
26. 10. 2016 22:05 <DIR> VulkanRT
14. 03. 2014 10:21 <DIR> Winamp
28. 09. 2016 10:15 <DIR> Windows Defender
27. 09. 2012 11:26 <DIR> Windows Live
28. 09. 2016 09:42 <DIR> Windows Mail
28. 09. 2016 09:42 <DIR> Windows Media Player
16. 07. 2016 13:47 <DIR> Windows Multimedia Platform
16. 07. 2016 13:47 <DIR> Windows NT
12. 10. 2016 22:17 <DIR> Windows Photo Viewer
16. 07. 2016 13:47 <DIR> Windows Portable Devices
16. 07. 2016 13:47 <DIR> WindowsPowerShell
19. 03. 2014 13:30 <DIR> WinRAR
26. 10. 2016 22:09 <DIR> World of Warcraft
0 File(s) 0 bytes
78 Dir(s) 309˙738˙811˙392 bytes free

========= End of CMD: =========

========= dir "C:\PROGRA~3" =========

Volume in drive C is OS
Volume Serial Number is AAFD-8238

Directory of C:\PROGRA~3

30. 11. 2015 20:45 <DIR> Adobe
29. 11. 2012 04:00 <DIR> Apple
16. 09. 2016 21:33 <DIR> AVG
20. 02. 2016 17:12 <DIR> Battle.net
26. 08. 2014 18:29 <DIR> Blizzard Entertainment
26. 10. 2016 18:17 <DIR> boost_interprocess
16. 07. 2016 13:47 <DIR> Comms
31. 07. 2015 19:00 <DIR> Corel
31. 07. 2015 19:03 <DIR> CorelDRAW Graphics Suite X6
16. 09. 2015 22:30 <DIR> CyberLink
20. 04. 2014 20:58 <DIR> DAEMON Tools Lite
29. 11. 2012 04:16 <DIR> Downloaded Installations
04. 06. 2014 13:36 <DIR> Electronic Arts
18. 12. 2014 22:40 <DIR> Extreme Picture Finder
21. 03. 2014 11:11 <DIR> FLEXnet
28. 10. 2014 19:27 <DIR> GFACE
10. 12. 2015 23:55 <DIR> Hewlett-Packard
29. 11. 2012 04:16 <DIR> HP SimplePass 2011
29. 11. 2012 04:12 <DIR> install_clap
19. 05. 2016 17:04 <DIR> Intel
07. 03. 2014 18:10 <DIR> Intel.sav
12. 10. 2014 13:06 <DIR> LogMeIn
19. 05. 2016 18:14 <DIR> Malwarebytes
19. 03. 2014 15:39 <DIR> McAfee
28. 10. 2016 09:44 <DIR> MFAData
18. 06. 2014 16:42 <DIR> Microsoft Games
11. 10. 2016 10:52 <DIR> Microsoft Help
29. 09. 2016 22:57 <DIR> Microsoft OneDrive
11. 12. 2014 12:58 <DIR> Mozilla
12. 06. 2016 09:04 <DIR> Nero
09. 05. 2014 10:03 <DIR> Norton
29. 11. 2012 04:23 <DIR> NortonInstaller
28. 10. 2016 09:55 <DIR> NVIDIA
26. 10. 2016 21:54 <DIR> NVIDIA Corporation
28. 10. 2016 09:46 <DIR> Oracle
05. 02. 2015 10:32 <DIR> Origin
09. 06. 2016 20:13 <DIR> PACE Anti-Piracy
14. 07. 2015 14:57 <DIR> Package Cache
28. 07. 2014 15:53 <DIR> PowerUp Software
19. 05. 2016 17:04 <DIR> PRICache
31. 07. 2015 16:57 <DIR> Protexis
31. 07. 2015 19:05 <DIR> Protexis64
28. 09. 2016 09:54 <DIR> regid.1986-12.com.adobe
28. 09. 2016 09:49 <DIR> regid.1991-06.com.microsoft
23. 04. 2013 16:23 <DIR> RELOADED
31. 07. 2015 23:53 <DIR> Riot Games
18. 05. 2014 16:20 <DIR> Roaming
14. 03. 2016 18:52 <DIR> Skype
16. 07. 2016 13:47 <DIR> SoftwareDistribution
08. 12. 2014 23:32 <DIR> Sony
14. 02. 2016 18:17 <DIR> Steam
29. 11. 2012 04:04 <DIR> Synaptics
30. 10. 2015 12:01 <DIR> Temp
18. 05. 2014 16:19 <DIR> TP-LINK
30. 07. 2014 09:33 <DIR> TrueSuite
05. 04. 2015 01:32 <DIR> Ubisoft
29. 09. 2016 18:36 <DIR> USOPrivate
29. 09. 2016 18:36 <DIR> USOShared
28. 09. 2016 09:29 <DIR> Validity
18. 07. 2014 15:26 <DIR> WarThunder
10. 07. 2014 21:46 <DIR> {18165758-115C-4DC0-9EC2-FF89F725767F}
0 File(s) 0 bytes
61 Dir(s) 309˙738˙811˙392 bytes free

========= End of CMD: =========

========= dir "%localappdata%" =========

Volume in drive C is OS
Volume Serial Number is AAFD-8238

Directory of C:\Users\Radek\AppData\Local

26. 10. 2016 18:24 <DIR> .
26. 10. 2016 18:24 <DIR> ..
13. 09. 2014 21:41 <DIR> 2K Games
19. 05. 2016 17:54 <DIR> ActiveSync
28. 10. 2016 09:46 <DIR> Adobe
18. 12. 2014 22:49 <DIR> Aiseesoft Studio
15. 08. 2014 15:44 <DIR> Apps
07. 03. 2014 17:52 <DIR> AuthenTec
18. 10. 2016 20:35 <DIR> Avg
06. 10. 2016 01:41 <DIR> AvgSetupLog
26. 10. 2016 22:09 <DIR> Battle.net
26. 08. 2014 18:38 <DIR> Blizzard
26. 08. 2014 18:29 <DIR> Blizzard Entertainment
30. 07. 2015 19:00 <DIR> CEF
23. 07. 2014 14:42 <DIR> Chromium
19. 05. 2016 17:52 <DIR> Comms
30. 09. 2016 00:16 <DIR> ConnectedDevicesPlatform
19. 10. 2016 15:21 <DIR> CrashDumps
24. 11. 2014 14:28 <DIR> CyberLink
14. 06. 2016 06:54 10˙240 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
28. 07. 2014 12:42 <DIR> Demiurge Studios
27. 10. 2016 00:53 <DIR> Deployment
23. 10. 2016 10:43 <DIR> Diagnostics
09. 10. 2016 03:04 <DIR> ElevatedDiagnostics
18. 03. 2014 23:02 <DIR> EMU
16. 09. 2016 20:12 <DIR> ESET
10. 09. 2014 19:43 <DIR> Facebook
12. 07. 2014 11:13 <DIR> FLT
12. 09. 2015 19:50 <DIR> Google
06. 06. 2015 21:34 <DIR> GWX
13. 01. 2016 13:09 <DIR> Hewlett-Packard
26. 03. 2014 12:26 <DIR> HP
08. 03. 2014 20:51 <DIR> Intel_Corporation
12. 10. 2014 13:06 <DIR> LogMeIn
12. 10. 2014 14:18 <DIR> LogMeIn Hamachi
11. 12. 2014 13:00 <DIR> Macromedia
16. 09. 2016 21:33 <DIR> MFAData
29. 09. 2016 21:16 <DIR> Microsoft
06. 02. 2015 12:26 <DIR> Microsoft Help
05. 07. 2016 15:06 <DIR> MicrosoftEdge
11. 12. 2014 12:59 <DIR> Mozilla
16. 09. 2016 19:13 <DIR> Nero
12. 06. 2016 09:01 <DIR> Nero_AG
19. 05. 2016 18:12 <DIR> NetworkTiles
03. 10. 2016 01:47 <DIR> NVIDIA
28. 10. 2016 09:42 <DIR> NVIDIA Corporation
28. 05. 2015 16:24 <DIR> openvr
04. 06. 2014 13:50 <DIR> Origin
09. 06. 2016 20:13 <DIR> PACE Anti-Piracy
06. 10. 2016 01:40 <DIR> Packages
23. 10. 2014 20:10 <DIR> PAYDAY
07. 03. 2014 17:52 <DIR> Power2Go8
18. 03. 2014 23:01 <DIR> Programs
19. 05. 2016 17:54 <DIR> Publishers
25. 12. 2014 13:39 <DIR> PunkBuster
29. 07. 2016 19:49 <DIR> SKIDROW
25. 12. 2015 20:32 <DIR> Skype
05. 06. 2014 14:41 <DIR> SniperV2
18. 12. 2014 22:39 <DIR> Sony
10. 03. 2015 18:03 <DIR> Steam
28. 10. 2016 09:55 <DIR> Temp
21. 05. 2014 16:51 <DIR> The Witcher 2
19. 05. 2016 17:51 <DIR> TileDataLayer
09. 01. 2015 13:22 <DIR> UWebKit151
06. 09. 2016 06:57 <DIR> VirtualStore
02. 08. 2016 07:37 <DIR> Wacom
28. 10. 2014 19:27 <DIR> wf-launcher
27. 06. 2016 16:20 <DIR> Windows Live
23. 02. 2016 16:51 <DIR> {4FD6F900-E2B1-4B48-B93E-A1DD805447DB}
23. 02. 2016 16:51 <DIR> {7862CBF4-7E0A-4DFE-9F61-A1B7BEA8D0BF}
1 File(s) 10˙240 bytes
69 Dir(s) 309˙740˙040˙192 bytes free

========= End of CMD: =========

========= dir "%appdata%" =========

Volume in drive C is OS
Volume Serial Number is AAFD-8238

Directory of C:\Users\Radek\AppData\Roaming

06. 10. 2016 01:58 <DIR> .
06. 10. 2016 01:58 <DIR> ..
19. 11. 2014 20:52 <DIR> 11bitstudios
09. 06. 2016 20:13 <DIR> Adobe
30. 03. 2015 16:04 <DIR> Anvsoft
17. 09. 2016 00:01 <DIR> AVG
20. 02. 2016 17:12 <DIR> Battle.net
23. 10. 2016 13:55 <DIR> BitTorrent
31. 07. 2015 16:57 <DIR> Corel
19. 06. 2016 17:27 <DIR> Curse
11. 12. 2015 11:40 <DIR> Curse Advertising
02. 08. 2015 19:32 <DIR> CyberLink
26. 04. 2014 12:08 <DIR> DAEMON Tools Lite
30. 08. 2014 16:06 <DIR> Disney Interactive Studios
26. 05. 2014 11:25 <DIR> Doublefine
29. 07. 2016 18:20 <DIR> Easeware
09. 05. 2014 11:12 <DIR> ESET
06. 03. 2016 16:51 <DIR> Guild Wars 2
07. 03. 2014 18:21 <DIR> Hewlett-Packard
10. 07. 2014 21:45 <DIR> hpqlog
08. 03. 2014 09:32 <DIR> Identities
13. 07. 2014 14:39 <DIR> IDT
07. 03. 2014 17:51 <DIR> Intel
11. 03. 2014 13:35 <DIR> IrfanView
15. 01. 2015 21:45 <DIR> Leadertech
24. 10. 2015 12:11 <DIR> LolClient
07. 03. 2014 17:57 <DIR> Macromedia
18. 06. 2014 16:42 <DIR> Microsoft Games
11. 12. 2014 12:59 <DIR> Mozilla
12. 06. 2016 09:05 <DIR> Nero
14. 05. 2014 08:25 <DIR> NVIDIA
16. 05. 2016 18:05 <DIR> Omerta
05. 06. 2014 09:50 <DIR> Origin
09. 06. 2016 20:13 <DIR> PACE Anti-Piracy
28. 07. 2014 15:53 <DIR> PowerUp Software
25. 08. 2016 21:48 <DIR> Profiles
23. 02. 2016 16:45 <DIR> Publish Providers
06. 09. 2016 07:22 <DIR> Red Alert 3
06. 04. 2015 18:03 <DIR> Riot Games
26. 04. 2014 08:16 <DIR> ScummVM
07. 11. 2014 13:43 <DIR> Simulace_2009
24. 05. 2016 08:47 <DIR> Skype
30. 03. 2015 21:28 <DIR> Sony
04. 10. 2014 15:24 <DIR> StageManager.BD092818F67280F4B42B04877600987F0111B594.1
07. 10. 2014 19:42 <DIR> Steam
22. 05. 2016 10:39 <DIR> Sun
29. 07. 2016 19:48 <DIR> Super Meat Boy
07. 03. 2014 17:52 <DIR> Synaptics
12. 12. 2015 17:53 <DIR> TeamViewer
16. 05. 2014 15:32 <DIR> thriXXX
09. 03. 2014 16:36 <DIR> Trine2
22. 07. 2014 19:33 <DIR> Tropico 5
13. 01. 2016 00:56 <DIR> TS3Client
16. 09. 2016 21:36 <DIR> TuneUp Software
15. 08. 2014 15:45 <DIR> twinstar_launcher
05. 04. 2015 01:32 <DIR> Ubisoft
11. 12. 2014 12:25 <DIR> VOWSoft
16. 09. 2015 23:56 <DIR> WebApp
29. 03. 2014 20:11 <DIR> Winamp
09. 07. 2015 14:50 <DIR> Windowssettings
19. 03. 2014 13:30 <DIR> WinRAR
02. 08. 2016 07:47 <DIR> WTablet
0 File(s) 0 bytes
62 Dir(s) 309˙740˙036˙096 bytes free

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 171484706 B
Java, Flash, Steam htmlcache => 53382387 B
Windows/system/drivers => 25218535 B
Edge => 121450341 B
Chrome => 15935682 B
Firefox => 623442 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 43802 B
NetworkService => -650 B
Radek => 574890172 B

RecycleBin => 133103375 B
EmptyTemp: => 1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 09:59:07 ====

#11 Příspěvek od **altrok** » 28 říj 2016 09:22

Krasny svatek i Vam

Stahnete Crystal Disk Info (CDI) https://osdn.jp/frs/redir.php?m=cznic&f ... o6_7_5.zip
archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
log vlozte do dalsi odpovedi (Ctrl + V)

Jake problemy na PC pozorujete ted?

Dejte pak jeste nove logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud budete mit problemy se stazenim FRSTLauncheru, staci kdyz pouzijete samotny FRST.exe/FRST64.exe.

VIRY.CZ

Zavirovaný PC

Zavirovaný PC

Re: Zavirovaný PC

Re: Zavirovaný PC

Re: Zavirovaný PC

Re: Zavirovaný PC

Re: Zavirovaný PC

Re: Zavirovaný PC

Re: Zavirovaný PC

Re: Zavirovaný PC

Re: Zavirovaný PC

Re: Zavirovaný PC