Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Reklamy

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
ejdems
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 13 pro 2013 12:48

Reklamy

#1 Příspěvek od ejdems »

Dobrý den,všude mi naskakuje milion reklam,prosím o pomoc :-)

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by 3JD3MS (administrator) on EJDEMS-PC on 13-05-2015 18:20:36
Running from C:\Users\3JD3MS\Desktop
Loaded Profiles: 3JD3MS (Available profiles: 3JD3MS & nevim & Guest)
Platform: Windows 7 Ultimate (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TorchMedia Inc.) C:\Users\Ejdems\AppData\Local\Torch\Update\TorchCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe
() C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\3\Plugin.exe
() C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\8\Plugin.exe
() C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\5\Plugin.exe
() C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\2\Plugin.exe
() C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\3\Plugin.exe
() C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\3JD3MS\Desktop\FRSTLauncher (2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Printsrv] => c:\Windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs
HKLM-x32\...\Run: [F5D7050v3] => C:\Program Files (x86)\Belkin\F5D7050v3\Belkinwcui.exe
HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [MSHostSrv] => C:\Windows\inf\cssi.vbe [2334 2014-01-12] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies App\Datamngr\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies App\Datamngr\x64\apcrtldr.dll <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-12-02] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKU\S-1-5-21-241640888-2330204608-1590825866-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-02] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-04] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-02] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-04] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer,version=1.0 -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: TorchVLC -> C:\Users\Guest\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [2013-07-31] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-31]

Chrome:
=======
CHR Profile: C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-01]
CHR Extension: (Google Docs) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-01]
CHR Extension: (Google Drive) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-01]
CHR Extension: (YouTube) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-01]
CHR Extension: (Google Search) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-01]
CHR Extension: (Google Sheets) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-01]
CHR Extension: (Bookmark Manager) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-01]
CHR Extension: (Avast Online Security) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-01]
CHR Extension: (Google Wallet) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-01]
CHR Extension: (Gmail) - C:\Users\3JD3MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaigjndjblmpeckabiffcpogflfgl] - C:\Users\Ejdems\AppData\Local\imeshkoyotesoftmoviestoolbar\GC\toolbar.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-12-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R2 Service Mgr DragonBranch; C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe [556304 2015-05-13] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TorchCrashHandler; C:\Users\Ejdems\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2015-02-24] (TorchMedia Inc.) <==== ATTENTION
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2589496 2014-10-17] (AVG Technologies)
R2 Update Mgr DragonBranch; C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe [478992 2015-05-13] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [451072 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X]
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [X]
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-06] (Disc Soft Ltd)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-09-09] (TuneUp Software)
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:20 - 2015-05-13 18:21 - 00014545 _____ () C:\Users\3JD3MS\Desktop\FRST.txt
2015-05-13 18:18 - 2015-05-13 18:18 - 00112640 _____ (forum.viry.cz) C:\Users\3JD3MS\Desktop\FRSTLauncher (2).exe
2015-05-13 18:17 - 2015-05-13 18:18 - 00112640 _____ (forum.viry.cz) C:\Users\3JD3MS\Downloads\FRSTLauncher (2).exe
2015-05-13 18:16 - 2015-05-13 18:16 - 00112640 _____ (forum.viry.cz) C:\Users\3JD3MS\Downloads\Nepotvrzeno 409831.crdownload
2015-05-13 18:14 - 2015-05-13 18:13 - 02102784 _____ (Farbar) C:\Users\3JD3MS\Desktop\FRST64.exe
2015-05-13 18:12 - 2015-05-13 18:13 - 02102784 _____ (Farbar) C:\Users\3JD3MS\Downloads\FRST64.exe
2015-05-12 09:37 - 2015-05-12 09:37 - 00003584 _____ () C:\Users\3JD3MS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-12 09:35 - 2015-05-12 09:37 - 00000890 _____ () C:\Users\3JD3MS\AppData\Roaming\__AvidCloudManager.log
2015-05-12 09:35 - 2015-05-12 09:37 - 00000000 ____D () C:\Users\3JD3MS\temp
2015-05-12 09:35 - 2015-05-12 09:35 - 00000000 ____D () C:\Users\3JD3MS\Documents\InstantCDDVD
2015-05-12 09:34 - 2015-05-12 09:34 - 00000208 _____ () C:\Users\3JD3MS\AppData\Roaming\EJDEMS-PC.MTBF.txt
2015-05-12 09:33 - 2015-05-12 09:35 - 00000000 ____D () C:\Users\3JD3MS\AppData\Local\Pinnacle
2015-05-11 23:31 - 2015-05-11 23:31 - 00275440 _____ () C:\Windows\Minidump\051115-20140-01.dmp
2015-05-08 08:40 - 2015-05-08 08:40 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-05-07 18:35 - 2015-05-07 18:35 - 00001852 _____ () C:\Users\3JD3MS\Downloads\street-racing-syndicate-save.zip
2015-05-07 16:33 - 2015-05-13 16:42 - 00000000 ____D () C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb
2015-05-07 16:32 - 2015-05-11 22:44 - 00000000 ____D () C:\Program Files (x86)\Dragon Branch
2015-05-07 16:28 - 2014-10-17 12:34 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-05-07 16:28 - 2014-10-17 12:34 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-05-07 16:28 - 2014-10-17 12:34 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-05-07 16:27 - 2015-05-07 16:27 - 00002229 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-05-07 16:27 - 2015-05-07 16:27 - 00002217 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2015-05-07 16:27 - 2015-05-07 16:27 - 00002203 _____ () C:\Users\Public\Desktop\AVG údržba 1 kliknutím.lnk
2015-05-07 16:27 - 2015-05-07 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2015-05-07 16:26 - 2015-05-07 16:26 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\AVG
2015-05-07 16:25 - 2015-05-07 16:25 - 00000000 ____D () C:\Users\3JD3MS\AppData\Local\Avg
2015-05-07 16:25 - 2015-05-07 16:25 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-07 16:23 - 2015-05-07 16:32 - 00000000 ____D () C:\ProgramData\AVG
2015-05-07 16:16 - 2015-05-07 16:31 - 00000000 ____D () C:\Users\3JD3MS\Documents\My Cheat Tables
2015-05-07 16:15 - 2015-05-07 16:15 - 00001085 _____ () C:\Users\3JD3MS\Desktop\Cheat Engine.lnk
2015-05-07 16:15 - 2015-05-07 16:15 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\OpenCandy
2015-05-07 16:15 - 2015-05-07 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-05-07 16:15 - 2015-05-07 16:15 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-05-07 16:11 - 2015-05-07 16:13 - 09056784 _____ (Cheat Engine ) C:\Users\3JD3MS\Downloads\cheatengine64.exe
2015-05-06 20:00 - 2015-05-06 20:07 - 43565795 _____ () C:\Users\3JD3MS\Downloads\Tech N9ne - E.B.A.H. - Official Music Video.mp4
2015-05-06 20:00 - 2015-05-06 20:02 - 04002318 _____ () C:\Users\3JD3MS\Downloads\videoplayback (1).m4a
2015-05-06 19:17 - 2015-05-06 19:18 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\FreeVideoConverter
2015-05-06 19:14 - 2015-05-06 19:16 - 04308372 _____ () C:\Users\3JD3MS\Downloads\videoplayback.m4a
2015-05-05 15:21 - 2015-05-05 15:21 - 00000000 ____D () C:\Users\3JD3MS\AppData\Local\Apple
2015-05-04 21:17 - 2012-04-12 20:57 - 00000000 ____D () C:\Users\3JD3MS\Desktop\Budík
2015-05-04 21:16 - 2015-05-04 21:16 - 00724642 _____ () C:\Users\3JD3MS\Downloads\budik.7z
2015-05-04 16:28 - 2015-05-12 10:23 - 00000000 ____D () C:\Users\3JD3MS\Documents\Street Racing Syndicate
2015-05-04 16:28 - 2015-05-04 16:28 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-04 16:22 - 2015-05-06 19:20 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\vlc
2015-05-04 10:18 - 2015-05-04 10:31 - 00000000 ____D () C:\Users\nevim\Documents\Street Racing Syndicate
2015-05-04 10:18 - 2015-05-04 10:18 - 00000000 ____D () C:\Users\nevim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-03 22:08 - 2015-05-03 22:08 - 00000000 ____D () C:\Users\nevim\AppData\Roaming\AVAST Software
2015-05-03 22:08 - 2015-05-03 22:08 - 00000000 ____D () C:\Users\nevim\AppData\Roaming\Adobe
2015-05-03 22:07 - 2015-05-03 22:38 - 00000000 ____D () C:\Users\nevim\AppData\Local\VirtualStore
2015-05-03 22:07 - 2015-05-03 22:07 - 00001443 _____ () C:\Users\nevim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-03 22:07 - 2015-05-03 22:07 - 00001369 _____ () C:\Users\nevim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-03 22:07 - 2015-05-03 22:07 - 00000020 ___SH () C:\Users\nevim\ntuser.ini
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Šablony
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Soubory cookie
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Poslední
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Okolní tiskárny
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Okolní síť
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Nabídka Start
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Dokumenty
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Documents\Obrázky
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Documents\Hudba
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Documents\Filmy
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\Data aplikací
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 _SHDL () C:\Users\nevim\AppData\Local\Data aplikací
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 ____D () C:\Users\nevim\AppData\Local\Google
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 ____D () C:\Users\nevim\AppData\Local\Adobe
2015-05-03 22:07 - 2015-05-03 22:07 - 00000000 ____D () C:\Users\nevim
2015-05-03 22:07 - 2014-09-02 17:02 - 00000000 ____D () C:\Users\nevim\AppData\Roaming\TuneUp Software
2015-05-03 22:07 - 2014-08-14 21:12 - 00000000 ____D () C:\Users\nevim\AppData\Roaming\Macromedia
2015-05-03 22:07 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\nevim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-03 22:07 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\nevim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-02 15:38 - 2015-05-02 15:38 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2015-05-02 15:00 - 2015-05-02 15:00 - 00554481 _____ () C:\Users\3JD3MS\Downloads\HTML Color Names.html
2015-05-02 15:00 - 2015-05-02 15:00 - 00000000 ____D () C:\Users\3JD3MS\Downloads\HTML Color Names_files
2015-05-02 14:56 - 2015-05-02 14:56 - 00092888 _____ () C:\Users\3JD3MS\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-02 14:56 - 2015-05-02 14:56 - 00003506 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Ejdems-PC-3JD3MS
2015-05-02 14:43 - 2015-05-02 14:43 - 00000000 ____D () C:\Users\3JD3MS\AppData\Local\webkit
2015-05-02 09:46 - 2015-05-02 09:46 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\HpUpdate
2015-05-02 08:16 - 2015-05-02 16:48 - 00000000 ____D () C:\Users\3JD3MS\.gimp-2.8
2015-05-02 08:16 - 2015-05-02 08:16 - 00000000 ____D () C:\Users\3JD3MS\AppData\Local\gegl-0.2
2015-05-02 08:07 - 2015-05-02 08:07 - 00000854 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-05-02 08:06 - 2015-05-02 08:07 - 00000000 ____D () C:\Program Files\GIMP 2
2015-05-02 07:43 - 2015-05-02 08:04 - 91670064 _____ (The GIMP Team ) C:\Users\3JD3MS\Downloads\gimp-2.8.14-setup.exe
2015-05-02 07:29 - 2015-05-02 07:29 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\WinRAR
2015-05-02 07:21 - 2015-05-02 07:28 - 06528454 _____ () C:\Users\3JD3MS\Downloads\paint.net.4.0.5.install.zip
2015-05-01 21:29 - 2015-05-01 21:29 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\Nvu
2015-05-01 21:29 - 2015-05-01 21:29 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\Mozilla
2015-05-01 21:28 - 2015-05-01 21:28 - 00000935 _____ () C:\Users\Guest\Desktop\Nvu.lnk
2015-05-01 21:28 - 2015-05-01 21:28 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nvu-1.0
2015-05-01 21:28 - 2015-05-01 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nvu-1.0
2015-05-01 21:28 - 2015-05-01 21:28 - 00000000 ____D () C:\Program Files (x86)\Nvu
2015-05-01 21:26 - 2015-05-01 21:27 - 08337533 _____ () C:\Users\3JD3MS\Downloads\nvu-1.0-cs-CZ.win32.installer.exe
2015-05-01 20:16 - 2015-05-01 20:16 - 00003164 _____ () C:\Windows\System32\Tasks\{B9583C9C-A78F-418A-BB74-304113F37195}
2015-05-01 20:13 - 2015-05-02 16:38 - 00000000 ____D () C:\Users\3JD3MS\Desktop\Freestyle
2015-05-01 19:21 - 2015-05-12 09:35 - 00000000 ____D () C:\Users\3JD3MS
2015-05-01 19:21 - 2015-05-03 21:52 - 00000000 ____D () C:\Users\3JD3MS\AppData\Local\VirtualStore
2015-05-01 19:21 - 2015-05-02 16:27 - 00000000 ____D () C:\Users\3JD3MS\AppData\Local\Adobe
2015-05-01 19:21 - 2015-05-02 15:38 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\Adobe
2015-05-01 19:21 - 2015-05-01 19:21 - 00001443 _____ () C:\Users\3JD3MS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-01 19:21 - 2015-05-01 19:21 - 00001369 _____ () C:\Users\3JD3MS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-01 19:21 - 2015-05-01 19:21 - 00000020 ___SH () C:\Users\3JD3MS\ntuser.ini
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Šablony
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Soubory cookie
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Poslední
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Okolní tiskárny
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Okolní síť
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Nabídka Start
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Dokumenty
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Documents\Obrázky
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Documents\Hudba
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Documents\Filmy
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\Data aplikací
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 _SHDL () C:\Users\3JD3MS\AppData\Local\Data aplikací
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\AVAST Software
2015-05-01 19:21 - 2015-05-01 19:21 - 00000000 ____D () C:\Users\3JD3MS\AppData\Local\Google
2015-05-01 19:21 - 2014-09-02 17:02 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\TuneUp Software
2015-05-01 19:21 - 2014-08-14 21:12 - 00000000 ____D () C:\Users\3JD3MS\AppData\Roaming\Macromedia
2015-05-01 19:21 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\3JD3MS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-01 19:21 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\3JD3MS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-01 18:51 - 2015-05-01 18:54 - 00000000 ____D () C:\Users\3JD3MS\Desktop\rap
2015-04-18 18:45 - 2015-04-18 18:45 - 00275440 _____ () C:\Windows\Minidump\041815-23062-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:20 - 2014-01-13 16:49 - 00000000 ____D () C:\FRST
2015-05-13 18:08 - 2014-07-22 11:45 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 15:02 - 2009-07-14 06:51 - 00446680 _____ () C:\Windows\setupact.log
2015-05-13 14:52 - 2014-07-21 13:14 - 01483458 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 14:41 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 14:41 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 14:36 - 2015-01-03 20:33 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2015-05-13 14:36 - 2014-07-26 13:16 - 00000368 _____ () C:\Windows\Tasks\AmiUpdXp.job
2015-05-13 14:36 - 2014-07-23 01:50 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-13 14:36 - 2014-07-22 11:45 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 14:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-12 09:59 - 2009-07-26 20:41 - 00739422 _____ () C:\Windows\system32\perfh005.dat
2015-05-12 09:59 - 2009-07-26 20:41 - 00171862 _____ () C:\Windows\system32\perfc005.dat
2015-05-12 09:59 - 2009-07-14 07:13 - 01784120 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 23:31 - 2014-09-02 16:49 - 346373743 _____ () C:\Windows\MEMORY.DMP
2015-05-11 23:31 - 2014-09-02 16:49 - 00000000 ____D () C:\Windows\Minidump
2015-05-08 07:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-08 07:31 - 2014-07-22 12:39 - 00066128 _____ () C:\Windows\PFRO.log
2015-05-07 18:38 - 2014-10-15 20:49 - 00000000 ____D () C:\Program Files (x86)\CoinMiner
2015-05-06 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-06 20:05 - 2014-10-06 18:03 - 00000000 ____D () C:\Users\3JD3MS\Desktop\Songs
2015-05-02 16:35 - 2014-08-14 21:22 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-05-01 19:45 - 2014-07-29 09:55 - 00000000 ____D () C:\Users\Ejdems\AppData\Local\Torch
2015-05-01 19:45 - 2014-07-21 13:35 - 00000000 ____D () C:\Users\Ejdems
2015-05-01 19:44 - 2014-10-31 19:29 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-01 19:41 - 2015-02-03 11:48 - 00000000 ____D () C:\Users\Nevim už
2015-05-01 19:40 - 2015-01-28 17:06 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-05-01 19:31 - 2014-09-25 22:38 - 00000000 ____D () C:\Users\test
2015-05-01 19:03 - 2015-04-02 14:20 - 00000000 ____D () C:\ProgramData\Origin
2015-05-01 19:03 - 2015-04-02 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-05-01 00:11 - 2014-07-22 11:58 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-14 15:28 - 2014-12-14 15:15 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-04-14 15:28 - 2014-12-14 15:15 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2015-04-13 06:22 - 2009-07-14 06:45 - 04915072 _____ () C:\Windows\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2015-05-12 09:34 - 2015-05-12 09:34 - 0000208 _____ () C:\Users\3JD3MS\AppData\Roaming\EJDEMS-PC.MTBF.txt
2015-05-12 09:35 - 2015-05-12 09:37 - 0000890 _____ () C:\Users\3JD3MS\AppData\Roaming\__AvidCloudManager.log
2015-05-12 09:37 - 2015-05-12 09:37 - 0003584 _____ () C:\Users\3JD3MS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-15 19:28 - 2015-01-15 19:28 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpc0o3ke.dll
C:\Users\Guest\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Guest\AppData\Local\Temp\{A0852EB7-BC9C-4AEC-97DF-AFDFF1F5394F}-39.0.2171.65_38.0.2125.111_chrome_updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Ejdems\AppData\Local\24803\a12219.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\3JD3MS\Desktop" je 7457 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by 3JD3MS at 2015-05-13 18:21:56
Running from C:\Users\3JD3MS\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

3JD3MS (S-1-5-21-241640888-2330204608-1590825866-1005 - Administrator - Enabled) => C:\Users\3JD3MS
Administrator (S-1-5-21-241640888-2330204608-1590825866-500 - Administrator - Disabled)
Guest (S-1-5-21-241640888-2330204608-1590825866-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-241640888-2330204608-1590825866-1002 - Limited - Enabled)
nevim (S-1-5-21-241640888-2330204608-1590825866-1006 - Limited - Enabled) => C:\Users\nevim

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.1.102.62 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVG PC TuneUp 2015 (cs-CZ) (x32 Version: 15.0.1001.185 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.185 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.185 - AVG Technologies) Hidden
Belkin 54Mbps Wireless Network Adapter (HKLM-x32\...\{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}) (Version: 3.00.07 - Belkin)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
Coin Miner version 1.8.16 (HKLM-x32\...\{887F6843-E3D1-407C-9B01-20569DF78F0C}_is1) (Version: 1.8.16 - Sonera Corporative OU)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dragon Branch (HKLM-x32\...\Dragon Branch) (Version: 2.0.5605.11979 - Dragon Branch)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free Video Converter V 3.2 (HKLM-x32\...\Free Video Converter_is1) (Version: 3.2.0.0 - Koyote Soft)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
HP Deskjet 1510 series Nápověda (HKLM-x32\...\{FB815CBF-148E-42A4-8741-4924C28C118F}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
M2Hydra 1.5 sürümü (HKLM-x32\...\{1C58C8C5-DC13-411C-8964-46C1F2C8E37A}_is1) (Version: 1.5 - EserDC.COM Oyun Sunucularý)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu) (Version: 1.0 - CZilla)
OffersWizard Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTION
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Pinnacle Studio 17 (HKLM-x32\...\{3DA8F808-72E2-4361-82EC-433081D23005}) (Version: 17.0.0.128 - Corel Corporation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
SimCity 3000 (HKLM-x32\...\SimCity 3000) (Version: - )
SketchUp 2015 (HKLM-x32\...\{D0A0BE3D-8D66-4BE9-87C4-D30CA5AA93A3}) (Version: 15.3.330 - Trimble Navigation Limited)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION
SRS - Street Racing Syndicate (HKLM-x32\...\{F86B4C7B-B846-4039-878D-6CC8F8D3370E}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Studie vylepšování produktu HP Deskjet 1510 series (HKLM\...\{C7008C2E-CBF4-48C2-BD25-027B280F1CAC}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Unity Web Player (All users) (HKLM-x32\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS)
Vegas Pro 11.0 (64-bit) (HKLM\...\{30048BC0-4093-11E1-9406-F04DA23A5C58}) (Version: 11.0.521 - Sony)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 1510 series (HKLM\...\{4491B86D-8E9D-4E4C-B774-E62949A005D8}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D209D63-DBB1-4411-BC7C-4807E6DC948C} - System32\Tasks\AdobeAAMUpdater-1.0-Ejdems-PC-Ejdems => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {168AA643-8089-4F2A-ABA4-34E90A436E2F} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {1FBF4A98-B162-4DB4-BB53-B62F247490FD} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {22F6EB42-395E-4186-BFA2-BEED818DED3A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
Task: {2D7BF632-657E-441C-B388-DD964DBEEB79} - System32\Tasks\{B9583C9C-A78F-418A-BB74-304113F37195} => pcalua.exe -a C:\Windows\IsUninst.exe -c -f"C:\Program Files (x86)\Maxis\SimCity 3000\Uninst.isu"
Task: {3F514F5E-A614-45EF-A68D-35307290D82E} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\RocketTab\uninstall.exe <==== ATTENTION
Task: {411C577F-A0FA-4585-ABFE-2B0DEA4508B6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {43E14CA6-9AE3-4D45-9DC6-653328ACFAE6} - System32\Tasks\{2E5669A7-04A3-4BE9-9A62-A19265CDE1A4} => pcalua.exe -a "C:\Users\Ejdems\Desktop\SimCity-3000-+-CZ\SimCity 3000 + CZ\cz12sc3000_i_s_VB.exe" -d "C:\Users\Ejdems\Desktop\SimCity-3000-+-CZ\SimCity 3000 + CZ"
Task: {43E60476-B5BF-4BA9-872C-A4173F0F9561} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\RocketTab\Client.exe" /Preferred=true <==== ATTENTION
Task: {4CCAD8A9-FA86-4220-81EF-913402945BD2} - System32\Tasks\{C8F395A9-7E01-40A2-8A5E-84A3ACCC5D6E} => pcalua.exe -a C:\Users\Ejdems\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {81810F68-FC22-4E1B-94E9-5C33B7B114DD} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe [2014-10-08] ()
Task: {8D2BA729-E655-4BF6-9A6E-973292D7E509} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-10-17] (AVG Technologies)
Task: {9530B472-FA99-48B9-A7EE-9BA28B797018} - System32\Tasks\AmiUpdXp => C:\Users\Ejdems\AppData\Local\24803\a12219.exe <==== ATTENTION
Task: {AC7D55D0-2745-4AD1-94A0-D0687387A300} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22] (Google Inc.)
Task: {F858FC8E-701B-4BED-B461-FCDE709957B6} - System32\Tasks\AdobeAAMUpdater-1.0-Ejdems-PC-3JD3MS => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {FF7D6E59-49E3-4B9B-B32C-A1B5B0A35766} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22] (Google Inc.)
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Ejdems\AppData\Local\24803\a12219.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-10-17 12:34 - 2014-10-17 12:34 - 00699704 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-10-17 12:34 - 2014-10-17 12:34 - 00835896 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2015-05-07 14:39 - 2015-05-13 16:42 - 00556304 _____ () C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe
2015-05-13 14:37 - 2015-05-13 14:37 - 00480528 _____ () C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\3\plugin.exe
2015-05-13 14:37 - 2015-05-13 14:37 - 00639760 _____ () C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\8\plugin.exe
2015-05-13 14:37 - 2015-05-13 14:37 - 00662800 _____ () C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\5\plugin.exe
2015-05-13 14:37 - 2015-05-13 14:37 - 01274128 _____ () C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\2\plugin.exe
2015-05-07 15:39 - 2015-05-13 17:43 - 00478992 _____ () C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe
2015-05-13 14:36 - 2015-05-13 14:36 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051300\algo.dll
2015-05-13 18:17 - 2015-05-13 18:17 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051301\algo.dll
2015-03-14 12:14 - 2015-03-14 12:14 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-01 00:11 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-05-01 00:11 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-05-01 00:11 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-241640888-2330204608-1590825866-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\3JD3MS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [TCP Query User{153365E1-71D1-4B1C-B39E-47D83436BBFD}C:\users\ejdems\desktop\unlimitedworld\unlimitedworld\uw.bin] => (Allow) C:\users\ejdems\desktop\unlimitedworld\unlimitedworld\uw.bin
FirewallRules: [UDP Query User{72DA4AE7-68F3-4419-AB81-5A4F73DBF70C}C:\users\ejdems\desktop\unlimitedworld\unlimitedworld\uw.bin] => (Allow) C:\users\ejdems\desktop\unlimitedworld\unlimitedworld\uw.bin
FirewallRules: [TCP Query User{DBC8CDFA-E9FA-4E14-87D2-65D96B9CE4EE}C:\users\ejdems\desktop\unlimitedworld\unlimitedworld\uw.bin] => (Allow) C:\users\ejdems\desktop\unlimitedworld\unlimitedworld\uw.bin
FirewallRules: [UDP Query User{4F031A97-0704-4FAC-A179-023F953271BB}C:\users\ejdems\desktop\unlimitedworld\unlimitedworld\uw.bin] => (Allow) C:\users\ejdems\desktop\unlimitedworld\unlimitedworld\uw.bin
FirewallRules: [{823A94D6-A2FE-4508-8693-01B2460F86F2}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{AC71F539-112C-4092-8F0B-A927DEE7E233}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{42036153-5548-45CD-85F2-41A81CBFDC10}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{C8E83578-1143-4333-90F5-614A6D68E6E6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{B2412047-B136-4DBC-B1CA-D63EADCFF2A5}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{336AD3D1-29C5-4132-B9AF-EFB44A9C42B4}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [TCP Query User{5749ECEC-C806-41D5-8FEF-A015E10CC769}C:\users\ejdems\desktop\w.o.e. - client\w.o.e. - client\w.o.e. - start.exe] => (Allow) C:\users\ejdems\desktop\w.o.e. - client\w.o.e. - client\w.o.e. - start.exe
FirewallRules: [UDP Query User{52B5A0BB-7621-461C-9AED-13517E4664AE}C:\users\ejdems\desktop\w.o.e. - client\w.o.e. - client\w.o.e. - start.exe] => (Allow) C:\users\ejdems\desktop\w.o.e. - client\w.o.e. - client\w.o.e. - start.exe
FirewallRules: [TCP Query User{4363BF07-1626-4BFA-8768-1434AABD1023}C:\users\ejdems\desktop\number9\spoustec.exe] => (Allow) C:\users\ejdems\desktop\number9\spoustec.exe
FirewallRules: [UDP Query User{F5B9538A-F113-43EC-AA96-CC1E35411FD0}C:\users\ejdems\desktop\number9\spoustec.exe] => (Allow) C:\users\ejdems\desktop\number9\spoustec.exe
FirewallRules: [TCP Query User{E047AE05-99B1-4D29-B011-68E95C5AE893}C:\users\ejdems\desktop\etacidnys\etacidnys new\eg.dlleg] => (Allow) C:\users\ejdems\desktop\etacidnys\etacidnys new\eg.dlleg
FirewallRules: [UDP Query User{B4E113A6-4C37-4677-B8F2-675B983B72D4}C:\users\ejdems\desktop\etacidnys\etacidnys new\eg.dlleg] => (Allow) C:\users\ejdems\desktop\etacidnys\etacidnys new\eg.dlleg
FirewallRules: [TCP Query User{6BCEC656-D75E-48EA-B1B0-D0F98FAD5D62}C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [UDP Query User{D827611C-6C60-46A9-BB78-EB2801D4BED6}C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [{3A148614-19CA-4FD1-89A0-EABE9AB40A6F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{C70C9CBB-3A2B-4771-8147-107F66A9EF9D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{D4AFB630-14CC-459B-A819-F1DD528CF565}] => (Allow) C:\Users\Ejdems\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{316B7811-8AE9-412B-8A6A-C4BF2A3824C4}] => (Allow) C:\Users\Ejdems\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{41F4605D-0714-4197-9D0C-9599C8CFA39A}C:\users\guest\desktop\wangorn1\wangorn\wangorn_n.exe] => (Allow) C:\users\guest\desktop\wangorn1\wangorn\wangorn_n.exe
FirewallRules: [UDP Query User{50E763D7-DBE7-4AAA-A4ED-AA588EAC1240}C:\users\guest\desktop\wangorn1\wangorn\wangorn_n.exe] => (Allow) C:\users\guest\desktop\wangorn1\wangorn\wangorn_n.exe
FirewallRules: [TCP Query User{309CD952-0A2D-4BB8-B902-A1BB85D4D298}C:\users\guest\desktop\wangorn\wangorn\wangorn_n.exe] => (Allow) C:\users\guest\desktop\wangorn\wangorn\wangorn_n.exe
FirewallRules: [UDP Query User{3F883804-9F27-4E62-BBCB-6E5FDADBFB96}C:\users\guest\desktop\wangorn\wangorn\wangorn_n.exe] => (Allow) C:\users\guest\desktop\wangorn\wangorn\wangorn_n.exe
FirewallRules: [TCP Query User{1446AECE-2CA3-4726-9F2D-186E7D79F874}C:\users\test\desktop\wangorn1\wangorn\wangorn_n.exe] => (Allow) C:\users\test\desktop\wangorn1\wangorn\wangorn_n.exe
FirewallRules: [UDP Query User{B3E7E066-249D-48B9-B13F-769D7699A497}C:\users\test\desktop\wangorn1\wangorn\wangorn_n.exe] => (Allow) C:\users\test\desktop\wangorn1\wangorn\wangorn_n.exe
FirewallRules: [{8A8DB123-E2D7-43F2-827A-2A4E354608B6}] => (Allow) C:\Users\Guest\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{344BB696-2F8B-47E9-93C5-87A27FD27EE2}] => (Allow) C:\Users\Guest\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{F783EFE6-3655-4AB0-9639-A965BE00FAAF}] => (Allow) C:\Users\Guest\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
FirewallRules: [TCP Query User{6A58EA3B-C22A-4B11-9F19-63A7E816501C}C:\users\guest\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\guest\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{CABB5469-CFF9-41D6-80B6-4107DC8B08FC}C:\users\guest\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\guest\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{26E6E8AA-49DF-4435-8049-3E2B24099F86}C:\users\guest\desktop\apostate\apostate\apostate\apostate.bin] => (Allow) C:\users\guest\desktop\apostate\apostate\apostate\apostate.bin
FirewallRules: [UDP Query User{15FA3723-E3AD-496C-B995-DD9A86F52DEF}C:\users\guest\desktop\apostate\apostate\apostate\apostate.bin] => (Allow) C:\users\guest\desktop\apostate\apostate\apostate\apostate.bin
FirewallRules: [TCP Query User{D5E54487-1B00-44F4-BD8A-E87406120DEE}C:\program files\srs - street racing syndicate\bin\srs.exe] => (Block) C:\program files\srs - street racing syndicate\bin\srs.exe
FirewallRules: [UDP Query User{78532B3E-F62D-41D3-96A7-F011DE19A5D0}C:\program files\srs - street racing syndicate\bin\srs.exe] => (Block) C:\program files\srs - street racing syndicate\bin\srs.exe
FirewallRules: [TCP Query User{CF2E198F-3BDB-4978-A72C-660F57307F4C}C:\users\guest\desktop\oberon2.eu off 7.12\oberon2 off 7.12\oberon2\oberon2.exe] => (Block) C:\users\guest\desktop\oberon2.eu off 7.12\oberon2 off 7.12\oberon2\oberon2.exe
FirewallRules: [UDP Query User{8125D355-1D7C-4B7D-A6E9-61405D0A3137}C:\users\guest\desktop\oberon2.eu off 7.12\oberon2 off 7.12\oberon2\oberon2.exe] => (Block) C:\users\guest\desktop\oberon2.eu off 7.12\oberon2 off 7.12\oberon2\oberon2.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [TCP Query User{3E0EF4A9-E05E-4A07-AF9C-CB60D10B699E}C:\users\ejdems\appdata\local\temp\evb164b.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb164b.tmp
FirewallRules: [UDP Query User{9C7E68E6-0B2D-4FFC-83EF-1CBDFD5264F9}C:\users\ejdems\appdata\local\temp\evb164b.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb164b.tmp
FirewallRules: [TCP Query User{481DDAA2-EF40-4DCC-A481-DA7B67BCA7FF}C:\users\ejdems\appdata\local\temp\evb2df2.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2df2.tmp
FirewallRules: [UDP Query User{D4406D34-382F-4521-9F6C-955EE381306C}C:\users\ejdems\appdata\local\temp\evb2df2.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2df2.tmp
FirewallRules: [TCP Query User{C7B7AFA6-B7B0-4FC9-9E59-1ACC3967CE90}C:\users\ejdems\appdata\local\temp\evb42e9.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb42e9.tmp
FirewallRules: [UDP Query User{972F149D-E0AE-4C17-AFEF-5D9C2F9FE867}C:\users\ejdems\appdata\local\temp\evb42e9.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb42e9.tmp
FirewallRules: [TCP Query User{6A9E586D-2553-48A5-8CBB-5C421800708A}C:\users\ejdems\appdata\local\temp\evbddbd.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbddbd.tmp
FirewallRules: [UDP Query User{AD637066-9A34-41E6-9E82-6A716C35D006}C:\users\ejdems\appdata\local\temp\evbddbd.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbddbd.tmp
FirewallRules: [TCP Query User{E24EB340-DD5B-43EC-9065-8853185412E0}C:\users\ejdems\appdata\local\temp\evbc6a0.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbc6a0.tmp
FirewallRules: [UDP Query User{8BF94BF5-1586-450F-B3D1-3325183D9E04}C:\users\ejdems\appdata\local\temp\evbc6a0.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbc6a0.tmp
FirewallRules: [TCP Query User{3AD28775-F4E0-4062-9462-043204DF03AE}C:\users\ejdems\appdata\local\temp\evb59e7.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb59e7.tmp
FirewallRules: [UDP Query User{0D57B968-175F-40E2-AD30-239FCF9BD2C1}C:\users\ejdems\appdata\local\temp\evb59e7.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb59e7.tmp
FirewallRules: [TCP Query User{A4463450-E72C-4D69-B511-5DBE90E500C8}C:\users\ejdems\appdata\local\temp\evb2178.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2178.tmp
FirewallRules: [UDP Query User{E51397C5-7B35-4203-A101-DD7B9FBA0EA1}C:\users\ejdems\appdata\local\temp\evb2178.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2178.tmp
FirewallRules: [TCP Query User{C5BCD494-0964-4763-AE54-DEA24EE686B8}C:\users\ejdems\appdata\local\temp\evb105f.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb105f.tmp
FirewallRules: [UDP Query User{D042BA62-F573-4BD7-9F2D-2602B8DAF17D}C:\users\ejdems\appdata\local\temp\evb105f.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb105f.tmp
FirewallRules: [TCP Query User{541CB371-CE50-43B4-BCF8-AB80E9F73A74}C:\users\ejdems\appdata\local\temp\evb8681.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb8681.tmp
FirewallRules: [UDP Query User{FAE3AAF5-3B69-4E0C-8B63-8D7D3CAA23BA}C:\users\ejdems\appdata\local\temp\evb8681.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb8681.tmp
FirewallRules: [TCP Query User{F16E1199-A0C0-4662-BE13-A6DEE8C108FE}C:\users\ejdems\appdata\local\temp\evb87ed.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb87ed.tmp
FirewallRules: [UDP Query User{84D48BAB-E39E-4E97-A1A4-1B0DB5999BE8}C:\users\ejdems\appdata\local\temp\evb87ed.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb87ed.tmp
FirewallRules: [TCP Query User{E1C0CD3B-2057-4C39-913C-62D2CF850255}C:\users\ejdems\appdata\local\temp\evb3f3a.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb3f3a.tmp
FirewallRules: [UDP Query User{0CE9CBC3-B44E-4D92-8BE7-0F17CB06C029}C:\users\ejdems\appdata\local\temp\evb3f3a.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb3f3a.tmp
FirewallRules: [TCP Query User{EC76C752-7F4B-40F1-B28D-FBA4FF77FB21}C:\users\ejdems\appdata\local\temp\evb7fc2.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb7fc2.tmp
FirewallRules: [UDP Query User{1F2DC65C-6380-41DE-B564-DC05F74BB3CA}C:\users\ejdems\appdata\local\temp\evb7fc2.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb7fc2.tmp
FirewallRules: [TCP Query User{31409F1B-DE08-4F29-A63B-20FB5639CC88}C:\users\ejdems\appdata\local\temp\evb451d.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb451d.tmp
FirewallRules: [UDP Query User{B86C7C11-2991-4BB7-8E4C-9E1882351FDC}C:\users\ejdems\appdata\local\temp\evb451d.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb451d.tmp
FirewallRules: [TCP Query User{A24F4261-9FDD-4D4C-BF2F-B162BC975BA2}C:\users\ejdems\appdata\local\temp\evbb63c.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbb63c.tmp
FirewallRules: [UDP Query User{949F8E9F-DD95-4316-8D5E-0149CAED145F}C:\users\ejdems\appdata\local\temp\evbb63c.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbb63c.tmp
FirewallRules: [TCP Query User{59651319-724E-40C8-9A5D-76893FFFC60F}C:\users\ejdems\appdata\local\temp\evbd159.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbd159.tmp
FirewallRules: [UDP Query User{1856CE2D-AA99-47EF-8FCF-BF1DE5074573}C:\users\ejdems\appdata\local\temp\evbd159.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbd159.tmp
FirewallRules: [TCP Query User{B4D92AA4-6040-4F3A-AD75-5586887029BD}C:\users\ejdems\appdata\local\temp\evbb557.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbb557.tmp
FirewallRules: [UDP Query User{CCF599D1-BAB4-49C8-BFC5-719C7E48F20E}C:\users\ejdems\appdata\local\temp\evbb557.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbb557.tmp
FirewallRules: [TCP Query User{5D8D9A2F-23DF-4244-944F-30E840A262D8}C:\users\ejdems\appdata\local\temp\evb988b.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb988b.tmp
FirewallRules: [UDP Query User{32739159-61DC-48FD-8E6B-55D25C170577}C:\users\ejdems\appdata\local\temp\evb988b.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb988b.tmp
FirewallRules: [TCP Query User{974DA0E8-158C-453C-8A9B-D7853AF2DEEA}C:\users\ejdems\appdata\local\temp\evb7b2b.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb7b2b.tmp
FirewallRules: [UDP Query User{5432960B-F738-4F84-9FF8-A468706C9F94}C:\users\ejdems\appdata\local\temp\evb7b2b.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb7b2b.tmp
FirewallRules: [TCP Query User{BBCD5423-4B9E-45BC-BB19-0DD3CC18C3CA}C:\users\ejdems\appdata\local\temp\evb8bcb.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb8bcb.tmp
FirewallRules: [UDP Query User{F0CFFCD1-03AE-45BB-9C83-0BB2A07E686B}C:\users\ejdems\appdata\local\temp\evb8bcb.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb8bcb.tmp
FirewallRules: [TCP Query User{3B6CEE7A-D37D-4EED-89B1-49D3A46D8C70}C:\users\ejdems\appdata\local\temp\evb51d1.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb51d1.tmp
FirewallRules: [UDP Query User{3743E015-99A8-4F9D-80F0-565E94D8F8D5}C:\users\ejdems\appdata\local\temp\evb51d1.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb51d1.tmp
FirewallRules: [TCP Query User{1DA89EEA-ECD3-4F9F-BF7F-400B17FC0DBA}C:\users\ejdems\appdata\local\temp\evb2d8a.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2d8a.tmp
FirewallRules: [UDP Query User{E251432E-A689-49CD-91AA-F7A9C8587E08}C:\users\ejdems\appdata\local\temp\evb2d8a.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2d8a.tmp
FirewallRules: [TCP Query User{FE86BE23-C39B-4853-BD5E-C1C8477E5B5A}C:\users\ejdems\appdata\local\temp\evb9e89.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb9e89.tmp
FirewallRules: [UDP Query User{DF4FC299-5ADA-4986-BA8F-993CAF961AC1}C:\users\ejdems\appdata\local\temp\evb9e89.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb9e89.tmp
FirewallRules: [TCP Query User{DA1CA4BB-7C72-4B27-B0A5-0D17434A020A}C:\users\ejdems\appdata\local\temp\evbf8ac.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbf8ac.tmp
FirewallRules: [UDP Query User{6195D8D6-CD5B-4C85-8109-B5F724FE25DE}C:\users\ejdems\appdata\local\temp\evbf8ac.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbf8ac.tmp
FirewallRules: [TCP Query User{B788A39E-0E01-438F-BF7B-29A502412A42}C:\users\ejdems\appdata\local\temp\evb48c2.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb48c2.tmp
FirewallRules: [UDP Query User{A4766A2E-15F2-4931-8F4E-2ECCFF7C288A}C:\users\ejdems\appdata\local\temp\evb48c2.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb48c2.tmp
FirewallRules: [TCP Query User{EFB7E75E-A3A0-410E-BD93-96E58E2368D8}C:\users\ejdems\appdata\local\temp\evb4148.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb4148.tmp
FirewallRules: [UDP Query User{CB6AB052-EF5F-45DF-9B9C-95A9B844F4AD}C:\users\ejdems\appdata\local\temp\evb4148.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb4148.tmp
FirewallRules: [TCP Query User{1E16712B-642F-438F-BACA-1F795168178E}C:\users\ejdems\appdata\local\temp\evbda24.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbda24.tmp
FirewallRules: [UDP Query User{B99B0CD2-9481-4E0E-A6CA-E0F98A923083}C:\users\ejdems\appdata\local\temp\evbda24.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbda24.tmp
FirewallRules: [TCP Query User{450E895B-BF48-4071-B1BD-2E8E2E569715}C:\users\ejdems\appdata\local\temp\evb2e61.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2e61.tmp
FirewallRules: [UDP Query User{F053A554-A816-49B4-B109-1C6B3B9CE076}C:\users\ejdems\appdata\local\temp\evb2e61.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2e61.tmp
FirewallRules: [TCP Query User{916A9DE9-B423-4AC2-B41B-604878CD896F}C:\users\ejdems\appdata\local\temp\evb1c52.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb1c52.tmp
FirewallRules: [UDP Query User{39E97F8E-D3E6-4744-AEB3-2C881FA9EB7E}C:\users\ejdems\appdata\local\temp\evb1c52.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb1c52.tmp
FirewallRules: [TCP Query User{460E23F4-1A62-4C1F-8C92-E7BFA762B3D4}C:\users\ejdems\appdata\local\temp\evb2e48.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2e48.tmp
FirewallRules: [UDP Query User{A728D9F5-A59C-48E4-8F70-ED2A49FD35A4}C:\users\ejdems\appdata\local\temp\evb2e48.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb2e48.tmp
FirewallRules: [TCP Query User{28D72C84-0950-4389-99B8-26397415C50A}C:\users\ejdems\appdata\local\temp\evbeba7.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbeba7.tmp
FirewallRules: [UDP Query User{84FDDA3A-53F8-4FFA-84C5-7F0F07C499BB}C:\users\ejdems\appdata\local\temp\evbeba7.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evbeba7.tmp
FirewallRules: [TCP Query User{B3D058E2-01B2-492C-B5E3-59981096A12F}C:\users\ejdems\appdata\local\temp\evb870b.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb870b.tmp
FirewallRules: [UDP Query User{AAB6A9DA-9AE1-47E0-B77F-4931A5B916AC}C:\users\ejdems\appdata\local\temp\evb870b.tmp] => (Allow) C:\users\ejdems\appdata\local\temp\evb870b.tmp
FirewallRules: [{8688EFE0-38BE-4662-9C25-59AA08C75079}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{244810F4-8E6D-4918-9D96-77B175BB598B}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7C1F629C-B090-42B3-AC36-058B8437272A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{56C3CF5E-12FB-4395-9FE4-1E2F077618A8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{DCC2922D-F73F-41D5-9BE5-5FE0CA8AC067}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4B24185B-BD47-4AC8-954C-F8174F6AC646}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{01F64C6B-7542-41C6-B8BF-E2F5D46C35F9}] => (Allow) C:\Users\Ejdems\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{DF04925B-EC31-4EF6-A256-9551BE3141BE}] => (Allow) C:\Users\Ejdems\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{770580B0-F22A-47C8-BA3E-DDF1087DD67D}] => (Allow) C:\Users\Ejdems\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{AC260BEA-A91A-40AD-944F-2B1EFAC001FB}] => (Allow) C:\Users\Ejdems\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
FirewallRules: [{C767AA21-3BB4-4C58-A27E-F6762BBEA1DF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{36E22C63-1CD7-49E9-AA5B-5A7394F30BBA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A09EB390-097D-4602-9070-190E99A50C13}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{0BE5C2D6-F3E1-415D-B778-68BD031ACB1D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{7507A2AB-A61D-4701-AF3F-8533805DAFBE}C:\program files\srs - street racing syndicate\bin\srs.exe] => (Block) C:\program files\srs - street racing syndicate\bin\srs.exe
FirewallRules: [UDP Query User{EE5AED1E-2FE8-4A97-8FEF-1AA61694480F}C:\program files\srs - street racing syndicate\bin\srs.exe] => (Block) C:\program files\srs - street racing syndicate\bin\srs.exe
FirewallRules: [{B7FA1A80-3D25-431B-BAA8-AB463DC8DAC7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter #4
Description: Adaptér miniportu Microsoft Virtual WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2015 06:10:32 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (05/02/2015 04:47:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program nvu.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: d60

Čas spuštění: 01d084e5b2054954

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files (x86)\Nvu\nvu.exe

ID hlášení: 33996e2d-f0da-11e4-b6e8-002421df5b28

Error: (05/02/2015 11:23:46 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (05/01/2015 07:45:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: Ejdems-PC)
Description: Systém Windows nemůže odstranit adresář profilů <C:\Users\Ejdems>. Může to být způsobeno tím, že soubory v tomto adresáři jsou používány jiným programem.

PODROBNOSTI – Adresář není prázdný.

Error: (05/01/2015 07:41:03 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: Ejdems-PC)
Description: Systém Windows nemůže odstranit adresář profilů <C:\Users\Nevim už>. Může to být způsobeno tím, že soubory v tomto adresáři jsou používány jiným programem.

PODROBNOSTI – Adresář není prázdný.

Error: (05/01/2015 07:31:11 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: Ejdems-PC)
Description: Systém Windows nemůže odstranit adresář profilů <C:\Users\test>. Může to být způsobeno tím, že soubory v tomto adresáři jsou používány jiným programem.

PODROBNOSTI – Adresář není prázdný.

Error: (05/01/2015 01:55:21 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (04/28/2015 05:51:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (04/26/2015 04:19:15 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (04/25/2015 11:42:12 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.


System errors:
=============
Error: (05/13/2015 02:36:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba BlueStacks Android Service závisí na službě BlueStacks Hypervisor, která neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (05/13/2015 02:36:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BlueStacks Updater Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/13/2015 02:36:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BlueStacks Log Rotator Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/13/2015 02:36:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BlueStacks Hypervisor neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (05/13/2015 06:14:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba BlueStacks Android Service závisí na službě BlueStacks Hypervisor, která neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (05/13/2015 06:14:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BlueStacks Updater Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/13/2015 06:14:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BlueStacks Log Rotator Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/13/2015 06:14:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BlueStacks Hypervisor neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (05/12/2015 05:58:11 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/12/2015 05:53:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba BlueStacks Android Service závisí na službě BlueStacks Hypervisor, která neuspěla při spuštění v důsledku následující chyby:
%%3


Microsoft Office Sessions:
=========================
Error: (05/04/2015 06:10:32 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/02/2015 04:47:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: nvu.exe0.0.0.0d6001d084e5b20549547C:\Program Files (x86)\Nvu\nvu.exe33996e2d-f0da-11e4-b6e8-002421df5b28

Error: (05/02/2015 11:23:46 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/01/2015 07:45:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: Ejdems-PC)
Description: C:\Users\EjdemsAdresář není prázdný.

Error: (05/01/2015 07:41:03 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: Ejdems-PC)
Description: C:\Users\Nevim užAdresář není prázdný.

Error: (05/01/2015 07:31:11 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: Ejdems-PC)
Description: C:\Users\testAdresář není prázdný.

Error: (05/01/2015 01:55:21 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/28/2015 05:51:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/26/2015 04:19:15 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/25/2015 11:42:12 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz
Percentage of memory in use: 81%
Total physical RAM: 2047.3 MB
Available physical RAM: 371 MB
Total Pagefile: 4094.61 MB
Available Pagefile: 1682.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:203.5 GB) NTFS
Drive d: (Uzasnakovi) (CDROM) (Total:4.33 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 234458D1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

ejdems
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 13 pro 2013 12:48

Re: Reklamy

#2 Příspěvek od ejdems »

Logfile of random's system information tool 1.10 (written by random/random)
Run by 3JD3MS at 2015-05-13 18:37:06
Microsoft Windows 7 Ultimate
System drive C: has 208 GB (44%) free of 477 GB
Total RAM: 2047 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:37:13, on 13.5.2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\3\plugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\3JD3MS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [F5D7050v3] C:\Program Files (x86)\Belkin\F5D7050v3\Belkinwcui.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSHostSrv] C:\Windows\inf\cssi.vbe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - Unknown owner - C:\Program Files (x86)\BlueStacks\HD-Service.exe (file missing)
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - Unknown owner - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (file missing)
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - Unknown owner - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service Mgr DragonBranch - Unknown owner - C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\Ejdems\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr DragonBranch - Unknown owner - C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8128 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Users\Ejdems\AppData\Local\Torch\Update\TorchCrashHandler.exe
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2416
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1776.0.1872971470\49514296" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,19,42 --gpu-vendor-id=0x1002 --gpu-device-id=0x9490 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.56.1.15 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1776 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="1776.2.2038025529\1490171158" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1776 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="1776.6.1313158216\1454178633" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1776.8.545444940\334552695" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\3\plugin.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\8\plugin.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\5\plugin.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\2\plugin.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\3\plugin.exe"
"C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1776 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="1776.65.366907823\1002201423" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1776 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="1776.76.984238412\1635049197" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1776 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="1776.83.152668281\1864725461" /prefetch:673131151
"taskhost.exe"
taskmgr.exe /3
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\3JD3MS\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\1114avUpdateInfo.job - C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=1114av /INFORETRY=3
C:\Windows\tasks\AmiUpdXp.job - C:\Users\Ejdems\AppData\Local\24803\a12219.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-02 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-04 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-02 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-04 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"F5D7050v3"=C:\Program Files (x86)\Belkin\F5D7050v3\Belkinwcui.exe []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"MSHostSrv"=C:\Windows\inf\cssi.vbe [2014-01-12 2334]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5227648]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-13 18:30:21 ----D---- C:\rsit
2015-05-13 18:30:21 ----D---- C:\Program Files\trend micro
2015-05-12 09:34:10 ----A---- C:\Users\3JD3MS\AppData\Roaming\EJDEMS-PC.MTBF.txt
2015-05-07 16:33:17 ----D---- C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb
2015-05-07 16:32:51 ----D---- C:\Program Files (x86)\Dragon Branch
2015-05-07 16:28:42 ----A---- C:\Windows\system32\TURegOpt.exe
2015-05-07 16:28:22 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2015-05-07 16:28:22 ----A---- C:\Windows\system32\authuitu.dll
2015-05-07 16:26:20 ----D---- C:\Users\3JD3MS\AppData\Roaming\AVG
2015-05-07 16:25:24 ----D---- C:\Program Files (x86)\AVG
2015-05-07 16:23:28 ----D---- C:\ProgramData\AVG
2015-05-07 16:15:20 ----D---- C:\Users\3JD3MS\AppData\Roaming\OpenCandy
2015-05-07 16:15:20 ----D---- C:\Program Files (x86)\Cheat Engine 6.4
2015-05-06 19:17:59 ----D---- C:\Users\3JD3MS\AppData\Roaming\FreeVideoConverter
2015-05-04 16:22:19 ----D---- C:\Users\3JD3MS\AppData\Roaming\vlc
2015-05-02 15:38:27 ----D---- C:\Users\3JD3MS\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2015-05-02 09:46:21 ----D---- C:\Users\3JD3MS\AppData\Roaming\HpUpdate
2015-05-02 08:06:12 ----D---- C:\Program Files\GIMP 2
2015-05-02 07:29:20 ----D---- C:\Users\3JD3MS\AppData\Roaming\WinRAR
2015-05-01 21:29:14 ----D---- C:\Users\3JD3MS\AppData\Roaming\Nvu
2015-05-01 21:29:14 ----D---- C:\Users\3JD3MS\AppData\Roaming\Mozilla
2015-05-01 21:28:31 ----D---- C:\Program Files (x86)\Nvu
2015-05-01 19:21:58 ----D---- C:\Users\3JD3MS\AppData\Roaming\AVAST Software
2015-05-01 19:21:55 ----D---- C:\Users\3JD3MS\AppData\Roaming\Adobe
2015-05-01 19:21:24 ----D---- C:\Users\3JD3MS\AppData\Roaming\Identities
2015-05-01 19:21:08 ----SD---- C:\Users\3JD3MS\AppData\Roaming\Microsoft
2015-05-01 19:21:08 ----D---- C:\Users\3JD3MS\AppData\Roaming\TuneUp Software
2015-05-01 19:21:08 ----D---- C:\Users\3JD3MS\AppData\Roaming\Media Center Programs
2015-05-01 19:21:08 ----D---- C:\Users\3JD3MS\AppData\Roaming\Macromedia

======List of files/folders modified in the last 1 month======

2015-05-13 18:37:08 ----D---- C:\Windows\Temp
2015-05-13 18:30:21 ----D---- C:\Program Files
2015-05-13 18:22:57 ----D---- C:\FRST
2015-05-13 18:22:05 ----D---- C:\Windows
2015-05-13 14:36:15 ----D---- C:\ProgramData\TorchCrashHandler
2015-05-12 17:58:11 ----SHD---- C:\System Volume Information
2015-05-12 09:59:18 ----D---- C:\Windows\System32
2015-05-12 09:59:18 ----D---- C:\Windows\inf
2015-05-12 09:59:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-11 23:31:22 ----D---- C:\Windows\Minidump
2015-05-11 20:01:56 ----D---- C:\Windows\system32\config
2015-05-08 08:40:06 ----D---- C:\Windows\system32\Tasks
2015-05-08 07:33:36 ----D---- C:\Windows\Prefetch
2015-05-07 18:38:48 ----D---- C:\Program Files (x86)\CoinMiner
2015-05-07 16:33:35 ----D---- C:\Program Files (x86)\Common Files
2015-05-07 16:33:17 ----HD---- C:\ProgramData
2015-05-07 16:32:51 ----RD---- C:\Program Files (x86)
2015-05-07 16:30:25 ----SHD---- C:\Windows\Installer
2015-05-07 16:30:23 ----D---- C:\Config.Msi
2015-05-07 16:28:22 ----D---- C:\Windows\SysWOW64
2015-05-06 21:47:56 ----D---- C:\Windows\system32\NDF
2015-05-03 22:07:29 ----SHD---- C:\$Recycle.Bin
2015-05-03 22:07:23 ----RD---- C:\Users
2015-05-03 21:49:37 ----D---- C:\Windows\system32\catroot2
2015-05-02 16:35:21 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2015-05-01 19:44:59 ----D---- C:\Windows\system32\appmgmt
2015-05-01 19:03:56 ----D---- C:\ProgramData\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-02 267632]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-02 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-02 436624]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-06 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-02 83280]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 netr7364;Belkin Wireless 54G USB Network Adapter Driver; C:\Windows\system32\DRIVERS\netr7364.sys [2014-07-22 716800]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-02 116728]
S2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-02 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 Service Mgr DragonBranch;Service Mgr DragonBranch; C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe [2015-05-13 556304]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R2 TorchCrashHandler;Torch Crash Handler; C:\Users\Ejdems\AppData\Local\Torch\Update\TorchCrashHandler.exe [2015-02-24 1217032]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
R2 Update Mgr DragonBranch;Update Mgr DragonBranch; C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe [2015-05-13 478992]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android []
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe []
S2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22 116648]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22 116648]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Reklamy

#3 Příspěvek od Márty84 »

Zdravim :)

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).





21.6. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Zamčeno